pgaudit

Extensions

pgaudit

pgaudit : provides auditing functionality

Overview

ID	Extension	Package	Version	Category	License	Language
7100	pgaudit	pgaudit	`18.0`	SEC	PostgreSQL	C

Attribute	Has Binary	Has Library	Need Load	Has DDL	Relocatable	Trusted
--sLd-r	No	Yes	Yes	Yes	yes	no

Relationships
See Also	pgauditlogtofile set_user pg_permissions pg_auth_mon pg_auditor safeupdate pg_drop_events table_log

pg15=pgaudit17, pg14=pgaudit16

Packages

Type	Repo	Version	PG Major Compatibility	Package Pattern	Dependencies
EXT	PGDG	`18.0`	18 17 16 15 14	`pgaudit`	-
RPM	PGDG	`18.0`	18 17 16 15 14	`pgaudit_$v`	-
DEB	PGDG	`18.0`	18 17 16 15 14	`postgresql-$v-pgaudit`	-

Linux / PG	PG18	PG17	PG16	PG15	PG14
el8.x86_64	PGDG 18.0	PGDG 17.1	PGDG 16.1	PGDG 1.7.1	PGDG 1.6.3
el8.aarch64	PGDG 18.0	PGDG 17.1	PGDG 16.1	PGDG 1.7.1	PGDG 1.6.3
el9.x86_64	PGDG 18.0	PGDG 17.1	PGDG 16.1	PGDG 1.7.1	PGDG 1.6.3
el9.aarch64	PGDG 18.0	PGDG 17.1	PGDG 16.1	PGDG 1.7.1	PGDG 1.6.3
el10.x86_64	PGDG 18.0	PGDG 17.1	PGDG 16.1	PGDG 1.7.1	PGDG 1.6.3
el10.aarch64	PGDG 18.0	PGDG 17.1	PGDG 16.1	PGDG 1.7.1	PGDG 1.6.3
d12.x86_64	PGDG 18.0	PGDG 17.1	PGDG 16.1	PGDG 1.7.1	PGDG 1.6.3
d12.aarch64	PGDG 18.0	PGDG 17.1	PGDG 16.1	PGDG 1.7.1	PGDG 1.6.3
d13.x86_64	PGDG 18.0	PGDG 17.1	PGDG 16.1	PGDG 1.7.1	PGDG 1.6.3
d13.aarch64	PGDG 18.0	PGDG 17.1	PGDG 16.1	PGDG 1.7.1	PGDG 1.6.3
u22.x86_64	PGDG 18.0	PGDG 17.1	PGDG 16.1	PGDG 1.7.1	PGDG 1.6.3
u22.aarch64	PGDG 18.0	PGDG 17.1	PGDG 16.1	PGDG 1.7.1	PGDG 1.6.3
u24.x86_64	PGDG 18.0	PGDG 17.1	PGDG 16.1	PGDG 1.7.1	PGDG 1.6.3
u24.aarch64	PGDG 18.0	PGDG 17.1	PGDG 16.1	PGDG 1.7.1	PGDG 1.6.3

Package	Version	OS	ORG	SIZE	File URL
`pgaudit_18`	`18.0`	el8.x86_64	pgdg	27.5 KiB	pgaudit_18-18.0-1PGDG.rhel8.x86_64.rpm
`pgaudit_18`	`18.0`	el8.aarch64	pgdg	27.0 KiB	pgaudit_18-18.0-1PGDG.rhel8.aarch64.rpm
`pgaudit_18`	`18.0`	el9.x86_64	pgdg	27.8 KiB	pgaudit_18-18.0-1PGDG.rhel9.x86_64.rpm
`pgaudit_18`	`18.0`	el9.aarch64	pgdg	27.4 KiB	pgaudit_18-18.0-1PGDG.rhel9.aarch64.rpm
`pgaudit_18`	`18.0`	el10.x86_64	pgdg	28.1 KiB	pgaudit_18-18.0-1PGDG.rhel10.x86_64.rpm
`pgaudit_18`	`18.0`	el10.aarch64	pgdg	28.2 KiB	pgaudit_18-18.0-1PGDG.rhel10.aarch64.rpm
`postgresql-18-pgaudit`	`18.0`	d12.x86_64	pgdg	47.1 KiB	postgresql-18-pgaudit_18.0-2.pgdg12+1_amd64.deb
`postgresql-18-pgaudit`	`18.0`	d12.aarch64	pgdg	46.4 KiB	postgresql-18-pgaudit_18.0-2.pgdg12+1_arm64.deb
`postgresql-18-pgaudit`	`18.0`	d13.x86_64	pgdg	47.0 KiB	postgresql-18-pgaudit_18.0-2.pgdg13+1_amd64.deb
`postgresql-18-pgaudit`	`18.0`	d13.aarch64	pgdg	46.6 KiB	postgresql-18-pgaudit_18.0-2.pgdg13+1_arm64.deb
`postgresql-18-pgaudit`	`18.0`	u22.x86_64	pgdg	48.7 KiB	postgresql-18-pgaudit_18.0-2.pgdg22.04+1_amd64.deb
`postgresql-18-pgaudit`	`18.0`	u22.aarch64	pgdg	47.9 KiB	postgresql-18-pgaudit_18.0-2.pgdg22.04+1_arm64.deb
`postgresql-18-pgaudit`	`18.0`	u24.x86_64	pgdg	47.3 KiB	postgresql-18-pgaudit_18.0-2.pgdg24.04+1_amd64.deb
`postgresql-18-pgaudit`	`18.0`	u24.aarch64	pgdg	46.5 KiB	postgresql-18-pgaudit_18.0-2.pgdg24.04+1_arm64.deb

Package	Version	OS	ORG	SIZE	File URL
`pgaudit_17`	`17.1`	el8.x86_64	pgdg	28.0 KiB	pgaudit_17-17.1-1PGDG.rhel8.x86_64.rpm
`pgaudit_17`	`17.0`	el8.x86_64	pgdg	27.5 KiB	pgaudit_17-17.0-1PGDG.rhel8.x86_64.rpm
`pgaudit_17`	`17.1`	el8.aarch64	pgdg	27.6 KiB	pgaudit_17-17.1-1PGDG.rhel8.aarch64.rpm
`pgaudit_17`	`17.0`	el8.aarch64	pgdg	27.2 KiB	pgaudit_17-17.0-1PGDG.rhel8.aarch64.rpm
`pgaudit_17`	`17.1`	el9.x86_64	pgdg	28.2 KiB	pgaudit_17-17.1-1PGDG.rhel9.x86_64.rpm
`pgaudit_17`	`17.0`	el9.x86_64	pgdg	27.8 KiB	pgaudit_17-17.0-1PGDG.rhel9.x86_64.rpm
`pgaudit_17`	`17.1`	el9.aarch64	pgdg	28.0 KiB	pgaudit_17-17.1-1PGDG.rhel9.aarch64.rpm
`pgaudit_17`	`17.0`	el9.aarch64	pgdg	27.6 KiB	pgaudit_17-17.0-1PGDG.rhel9.aarch64.rpm
`pgaudit_17`	`17.1`	el10.x86_64	pgdg	28.6 KiB	pgaudit_17-17.1-1PGDG.rhel10.x86_64.rpm
`pgaudit_17`	`17.1`	el10.aarch64	pgdg	28.7 KiB	pgaudit_17-17.1-1PGDG.rhel10.aarch64.rpm
`postgresql-17-pgaudit`	`17.1`	d12.x86_64	pgdg	46.1 KiB	postgresql-17-pgaudit_17.1-2.pgdg12+1_amd64.deb
`postgresql-17-pgaudit`	`17.1`	d12.aarch64	pgdg	45.7 KiB	postgresql-17-pgaudit_17.1-2.pgdg12+1_arm64.deb
`postgresql-17-pgaudit`	`17.1`	d13.x86_64	pgdg	46.0 KiB	postgresql-17-pgaudit_17.1-2.pgdg13+1_amd64.deb
`postgresql-17-pgaudit`	`17.1`	d13.aarch64	pgdg	45.9 KiB	postgresql-17-pgaudit_17.1-2.pgdg13+1_arm64.deb
`postgresql-17-pgaudit`	`17.1`	u22.x86_64	pgdg	52.6 KiB	postgresql-17-pgaudit_17.1-2.pgdg22.04+1_amd64.deb
`postgresql-17-pgaudit`	`17.1`	u22.aarch64	pgdg	52.0 KiB	postgresql-17-pgaudit_17.1-2.pgdg22.04+1_arm64.deb
`postgresql-17-pgaudit`	`17.1`	u24.x86_64	pgdg	46.2 KiB	postgresql-17-pgaudit_17.1-2.pgdg24.04+1_amd64.deb
`postgresql-17-pgaudit`	`17.1`	u24.aarch64	pgdg	45.9 KiB	postgresql-17-pgaudit_17.1-2.pgdg24.04+1_arm64.deb

Package	Version	OS	ORG	SIZE	File URL
`pgaudit_16`	`16.1`	el8.x86_64	pgdg	27.4 KiB	pgaudit_16-16.1-1PGDG.rhel8.x86_64.rpm
`pgaudit_16`	`16.0`	el8.x86_64	pgdg	26.9 KiB	pgaudit_16-16.0-1PGDG.rhel8.x86_64.rpm
`pgaudit_16`	`16.1`	el8.aarch64	pgdg	27.1 KiB	pgaudit_16-16.1-1PGDG.rhel8.aarch64.rpm
`pgaudit_16`	`16.0`	el8.aarch64	pgdg	26.6 KiB	pgaudit_16-16.0-1PGDG.rhel8.aarch64.rpm
`pgaudit_16`	`16.1`	el9.x86_64	pgdg	27.8 KiB	pgaudit_16-16.1-1PGDG.rhel9.x86_64.rpm
`pgaudit_16`	`16.0`	el9.x86_64	pgdg	27.1 KiB	pgaudit_16-16.0-1PGDG.rhel9.x86_64.rpm
`pgaudit_16`	`16.1`	el9.aarch64	pgdg	27.6 KiB	pgaudit_16-16.1-1PGDG.rhel9.aarch64.rpm
`pgaudit_16`	`16.0`	el9.aarch64	pgdg	26.7 KiB	pgaudit_16-16.0-1PGDG.rhel9.aarch64.rpm
`pgaudit_16`	`16.1`	el10.x86_64	pgdg	28.2 KiB	pgaudit_16-16.1-1PGDG.rhel10.x86_64.rpm
`pgaudit_16`	`16.1`	el10.aarch64	pgdg	28.3 KiB	pgaudit_16-16.1-1PGDG.rhel10.aarch64.rpm
`postgresql-16-pgaudit`	`16.1`	d12.x86_64	pgdg	45.2 KiB	postgresql-16-pgaudit_16.1-2.pgdg12+1_amd64.deb
`postgresql-16-pgaudit`	`16.1`	d12.aarch64	pgdg	44.9 KiB	postgresql-16-pgaudit_16.1-2.pgdg12+1_arm64.deb
`postgresql-16-pgaudit`	`16.1`	d13.x86_64	pgdg	45.2 KiB	postgresql-16-pgaudit_16.1-2.pgdg13+1_amd64.deb
`postgresql-16-pgaudit`	`16.1`	d13.aarch64	pgdg	45.2 KiB	postgresql-16-pgaudit_16.1-2.pgdg13+1_arm64.deb
`postgresql-16-pgaudit`	`16.1`	u22.x86_64	pgdg	51.2 KiB	postgresql-16-pgaudit_16.1-2.pgdg22.04+1_amd64.deb
`postgresql-16-pgaudit`	`16.1`	u22.aarch64	pgdg	50.7 KiB	postgresql-16-pgaudit_16.1-2.pgdg22.04+1_arm64.deb
`postgresql-16-pgaudit`	`16.1`	u24.x86_64	pgdg	45.3 KiB	postgresql-16-pgaudit_16.1-2.pgdg24.04+1_amd64.deb
`postgresql-16-pgaudit`	`16.1`	u24.aarch64	pgdg	45.0 KiB	postgresql-16-pgaudit_16.1-2.pgdg24.04+1_arm64.deb

Package	Version	OS	ORG	SIZE	File URL
`pgaudit17_15`	`1.7.1`	el8.x86_64	pgdg	27.4 KiB	pgaudit17_15-1.7.1-1PGDG.rhel8.x86_64.rpm
`pgaudit17_15`	`1.7.0`	el8.x86_64	pgdg	55.7 KiB	pgaudit17_15-1.7.0-1.rhel8.x86_64.rpm
`pgaudit17_15`	`1.7`	el8.x86_64	pgdg	55.6 KiB	pgaudit17_15-1.7-beta1_1.rhel8.x86_64.rpm
`pgaudit17_15`	`1.7.1`	el8.aarch64	pgdg	27.1 KiB	pgaudit17_15-1.7.1-1PGDG.rhel8.aarch64.rpm
`pgaudit17_15`	`1.7.0`	el8.aarch64	pgdg	55.2 KiB	pgaudit17_15-1.7.0-1.rhel8.aarch64.rpm
`pgaudit17_15`	`1.7.1`	el9.x86_64	pgdg	27.7 KiB	pgaudit17_15-1.7.1-1PGDG.rhel9.x86_64.rpm
`pgaudit17_15`	`1.7.0`	el9.x86_64	pgdg	57.0 KiB	pgaudit17_15-1.7.0-1.rhel9.x86_64.rpm
`pgaudit17_15`	`1.7`	el9.x86_64	pgdg	56.9 KiB	pgaudit17_15-1.7-beta1_1.rhel9.x86_64.rpm
`pgaudit17_15`	`1.7.1`	el9.aarch64	pgdg	27.5 KiB	pgaudit17_15-1.7.1-1PGDG.rhel9.aarch64.rpm
`pgaudit17_15`	`1.7.0`	el9.aarch64	pgdg	56.2 KiB	pgaudit17_15-1.7.0-1.rhel9.aarch64.rpm
`pgaudit17_15`	`1.7.1`	el10.x86_64	pgdg	28.1 KiB	pgaudit17_15-1.7.1-1PGDG.rhel10.x86_64.rpm
`pgaudit17_15`	`1.7.1`	el10.aarch64	pgdg	28.3 KiB	pgaudit17_15-1.7.1-1PGDG.rhel10.aarch64.rpm
`postgresql-15-pgaudit`	`1.7.1`	d12.x86_64	pgdg	44.0 KiB	postgresql-15-pgaudit_1.7.1-2.pgdg12+1_amd64.deb
`postgresql-15-pgaudit`	`1.7.1`	d12.aarch64	pgdg	43.5 KiB	postgresql-15-pgaudit_1.7.1-2.pgdg12+1_arm64.deb
`postgresql-15-pgaudit`	`1.7.1`	d13.x86_64	pgdg	44.1 KiB	postgresql-15-pgaudit_1.7.1-2.pgdg13+1_amd64.deb
`postgresql-15-pgaudit`	`1.7.1`	d13.aarch64	pgdg	43.7 KiB	postgresql-15-pgaudit_1.7.1-2.pgdg13+1_arm64.deb
`postgresql-15-pgaudit`	`1.7.1`	u22.x86_64	pgdg	50.2 KiB	postgresql-15-pgaudit_1.7.1-2.pgdg22.04+1_amd64.deb
`postgresql-15-pgaudit`	`1.7.1`	u22.aarch64	pgdg	49.5 KiB	postgresql-15-pgaudit_1.7.1-2.pgdg22.04+1_arm64.deb
`postgresql-15-pgaudit`	`1.7.1`	u24.x86_64	pgdg	44.3 KiB	postgresql-15-pgaudit_1.7.1-2.pgdg24.04+1_amd64.deb
`postgresql-15-pgaudit`	`1.7.1`	u24.aarch64	pgdg	43.6 KiB	postgresql-15-pgaudit_1.7.1-2.pgdg24.04+1_arm64.deb

Package	Version	OS	ORG	SIZE	File URL
`pgaudit16_14`	`1.6.3`	el8.x86_64	pgdg	27.8 KiB	pgaudit16_14-1.6.3-1PGDG.rhel8.x86_64.rpm
`pgaudit16_14`	`1.6.2`	el8.x86_64	pgdg	56.3 KiB	pgaudit16_14-1.6.2-1.rhel8.x86_64.rpm
`pgaudit16_14`	`1.6.0`	el8.x86_64	pgdg	55.0 KiB	pgaudit16_14-1.6.0-1.rhel8.x86_64.rpm
`pgaudit16_14`	`1.6`	el8.x86_64	pgdg	55.0 KiB	pgaudit16_14-1.6-beta2_1.rhel8.x86_64.rpm
`pgaudit16_14`	`1.6.3`	el8.aarch64	pgdg	27.5 KiB	pgaudit16_14-1.6.3-1PGDG.rhel8.aarch64.rpm
`pgaudit16_14`	`1.6.2`	el8.aarch64	pgdg	54.7 KiB	pgaudit16_14-1.6.2-1.rhel8.aarch64.rpm
`pgaudit16_14`	`1.6.3`	el9.x86_64	pgdg	28.1 KiB	pgaudit16_14-1.6.3-1PGDG.rhel9.x86_64.rpm
`pgaudit16_14`	`1.6.2`	el9.x86_64	pgdg	56.6 KiB	pgaudit16_14-1.6.2-1.rhel9.x86_64.rpm
`pgaudit16_14`	`1.6.3`	el9.aarch64	pgdg	27.9 KiB	pgaudit16_14-1.6.3-1PGDG.rhel9.aarch64.rpm
`pgaudit16_14`	`1.6.2`	el9.aarch64	pgdg	55.7 KiB	pgaudit16_14-1.6.2-1.rhel9.aarch64.rpm
`pgaudit16_14`	`1.6.3`	el10.x86_64	pgdg	28.5 KiB	pgaudit16_14-1.6.3-1PGDG.rhel10.x86_64.rpm
`pgaudit16_14`	`1.6.3`	el10.aarch64	pgdg	28.6 KiB	pgaudit16_14-1.6.3-1PGDG.rhel10.aarch64.rpm
`postgresql-14-pgaudit`	`1.6.3`	d12.x86_64	pgdg	44.0 KiB	postgresql-14-pgaudit_1.6.3-2.pgdg12+1_amd64.deb
`postgresql-14-pgaudit`	`1.6.3`	d12.aarch64	pgdg	43.4 KiB	postgresql-14-pgaudit_1.6.3-2.pgdg12+1_arm64.deb
`postgresql-14-pgaudit`	`1.6.3`	d13.x86_64	pgdg	44.1 KiB	postgresql-14-pgaudit_1.6.3-2.pgdg13+1_amd64.deb
`postgresql-14-pgaudit`	`1.6.3`	d13.aarch64	pgdg	43.7 KiB	postgresql-14-pgaudit_1.6.3-2.pgdg13+1_arm64.deb
`postgresql-14-pgaudit`	`1.6.3`	u22.x86_64	pgdg	49.4 KiB	postgresql-14-pgaudit_1.6.3-2.pgdg22.04+1_amd64.deb
`postgresql-14-pgaudit`	`1.6.3`	u22.aarch64	pgdg	48.7 KiB	postgresql-14-pgaudit_1.6.3-2.pgdg22.04+1_arm64.deb
`postgresql-14-pgaudit`	`1.6.3`	u24.x86_64	pgdg	44.2 KiB	postgresql-14-pgaudit_1.6.3-2.pgdg24.04+1_amd64.deb
`postgresql-14-pgaudit`	`1.6.3`	u24.aarch64	pgdg	43.6 KiB	postgresql-14-pgaudit_1.6.3-2.pgdg24.04+1_arm64.deb

Source

Repository

github.com/pgaudit/pgaudit

Install

Make sure PGDG repo available:

pig repo add pgdg -u    # add pgdg repo and update cache

Install this extension with pig:

pig install pgaudit;		# install via package name, for the active PG version

pig install pgaudit -v 18;   # install for PG 18
pig install pgaudit -v 17;   # install for PG 17
pig install pgaudit -v 16;   # install for PG 16
pig install pgaudit -v 15;   # install for PG 15
pig install pgaudit -v 14;   # install for PG 14

Config this extension to shared_preload_libraries:

shared_preload_libraries = 'pgaudit';

Create this extension with:

CREATE EXTENSION pgaudit;

Usage

pgaudit: Open Source PostgreSQL Audit Logging

pgAudit provides detailed session and/or object audit logging via the standard PostgreSQL logging facility, producing audit trails required for government, financial, or ISO certifications.

CREATE EXTENSION pgaudit;

Configuration Parameters

Parameter	Default	Description
`pgaudit.log`	`none`	Statement classes to log: `READ`, `WRITE`, `FUNCTION`, `ROLE`, `DDL`, `MISC`, `MISC_SET`, `ALL`
`pgaudit.log_catalog`	`on`	Log statements when all relations are in pg_catalog
`pgaudit.log_client`	`off`	Show audit log messages to client
`pgaudit.log_level`	`log`	Log level for audit entries
`pgaudit.log_parameter`	`off`	Include statement parameters in log
`pgaudit.log_parameter_max_size`	`0`	Max parameter size in bytes (0=unlimited)
`pgaudit.log_relation`	`off`	Separate log entry per relation in SELECT/DML
`pgaudit.log_rows`	`off`	Include row count in log
`pgaudit.log_statement`	`on`	Include statement text in log
`pgaudit.log_statement_once`	`off`	Log statement text only with first entry
`pgaudit.role`	(none)	Master role for object audit logging

Session Audit Logging

Log all DML and DDL with per-relation detail:

SET pgaudit.log = 'write, ddl';
SET pgaudit.log_relation = on;

Log everything except miscellaneous commands:

SET pgaudit.log = 'all, -misc';

Example output:

AUDIT: SESSION,1,1,DDL,CREATE TABLE,TABLE,public.account,create table account(...)
AUDIT: SESSION,2,1,READ,SELECT,,,select * from account

Object Audit Logging

Grant permissions to an audit role to control which relations are logged:

SET pgaudit.role = 'auditor';

GRANT SELECT, DELETE
   ON public.account
   TO auditor;

Now any SELECT or DELETE on the account table will be audit logged.

Log Format

Entries are CSV with fields: AUDIT_TYPE, STATEMENT_ID, SUBSTATEMENT_ID, CLASS, COMMAND, OBJECT_TYPE, OBJECT_NAME, STATEMENT, PARAMETER.

Last updated on 2026-03-24

pg_enigma pgauditlogtofile