pgaudit

provides auditing functionality

Overview

Package	Version	Category	License	Language
`pgaudit`	`18.0`	SEC	PostgreSQL	C

ID	Extension	Bin	Lib	Load	Create	Trust	Reloc	Schema
7100	`pgaudit`	No	Yes	Yes	Yes	No	Yes	-

Related	`pgauditlogtofile` `set_user` `pg_permissions` `pg_auth_mon` `pg_auditor` `safeupdate` `pg_drop_events` `table_log`

pg15=pgaudit17, pg14=pgaudit16

Version

Type	Repo	Version	PG Ver	Package	Deps
EXT	PGDG	`18.0`	1817161514	`pgaudit`	-
RPM	PGDG	`18.0`	1817161514	`pgaudit_$v`	-
DEB	PGDG	`18.0`	1817161514	`postgresql-$v-pgaudit`	-

OS / PG	PG18	PG17	PG16	PG15	PG14
el8.x86_64	PGDG 18.0 el8.x86_64.pg18 : pgaudit_18 pgaudit_18-18.0-1PGDG.rhel8.x86_64.rpm PGDG · 18.0 · 27.5KiB	PGDG 17.1 el8.x86_64.pg17 : pgaudit_17 pgaudit_17-17.1-1PGDG.rhel8.x86_64.rpm PGDG · 17.1 · 28.0KiB pgaudit_17-17.0-1PGDG.rhel8.x86_64.rpm PGDG · 17.0 · 27.5KiB	PGDG 16.1 el8.x86_64.pg16 : pgaudit_16 pgaudit_16-16.1-1PGDG.rhel8.x86_64.rpm PGDG · 16.1 · 27.4KiB pgaudit_16-16.0-1PGDG.rhel8.x86_64.rpm PGDG · 16.0 · 26.9KiB	PGDG 1.7.1 el8.x86_64.pg15 : pgaudit17_15 pgaudit17_15-1.7.1-1PGDG.rhel8.x86_64.rpm PGDG · 1.7.1 · 27.4KiB pgaudit17_15-1.7.0-1.rhel8.x86_64.rpm PGDG · 1.7.0 · 55.7KiB pgaudit17_15-1.7-beta1_1.rhel8.x86_64.rpm PGDG · 1.7 · 55.6KiB	PGDG 1.6.3 el8.x86_64.pg14 : pgaudit16_14 pgaudit16_14-1.6.3-1PGDG.rhel8.x86_64.rpm PGDG · 1.6.3 · 27.8KiB pgaudit16_14-1.6.2-1.rhel8.x86_64.rpm PGDG · 1.6.2 · 56.3KiB pgaudit16_14-1.6.0-1.rhel8.x86_64.rpm PGDG · 1.6.0 · 55.0KiB pgaudit16_14-1.6-beta2_1.rhel8.x86_64.rpm PGDG · 1.6 · 55.0KiB
el8.aarch64	PGDG 18.0 el8.aarch64.pg18 : pgaudit_18 pgaudit_18-18.0-1PGDG.rhel8.aarch64.rpm PGDG · 18.0 · 27.0KiB	PGDG 17.1 el8.aarch64.pg17 : pgaudit_17 pgaudit_17-17.1-1PGDG.rhel8.aarch64.rpm PGDG · 17.1 · 27.6KiB pgaudit_17-17.0-1PGDG.rhel8.aarch64.rpm PGDG · 17.0 · 27.2KiB	PGDG 16.1 el8.aarch64.pg16 : pgaudit_16 pgaudit_16-16.1-1PGDG.rhel8.aarch64.rpm PGDG · 16.1 · 27.1KiB pgaudit_16-16.0-1PGDG.rhel8.aarch64.rpm PGDG · 16.0 · 26.6KiB	PGDG 1.7.1 el8.aarch64.pg15 : pgaudit17_15 pgaudit17_15-1.7.1-1PGDG.rhel8.aarch64.rpm PGDG · 1.7.1 · 27.1KiB pgaudit17_15-1.7.0-1.rhel8.aarch64.rpm PGDG · 1.7.0 · 55.2KiB	PGDG 1.6.3 el8.aarch64.pg14 : pgaudit16_14 pgaudit16_14-1.6.3-1PGDG.rhel8.aarch64.rpm PGDG · 1.6.3 · 27.5KiB pgaudit16_14-1.6.2-1.rhel8.aarch64.rpm PGDG · 1.6.2 · 54.7KiB
el9.x86_64	PGDG 18.0 el9.x86_64.pg18 : pgaudit_18 pgaudit_18-18.0-1PGDG.rhel9.x86_64.rpm PGDG · 18.0 · 27.8KiB	PGDG 17.1 el9.x86_64.pg17 : pgaudit_17 pgaudit_17-17.1-1PGDG.rhel9.x86_64.rpm PGDG · 17.1 · 28.2KiB pgaudit_17-17.0-1PGDG.rhel9.x86_64.rpm PGDG · 17.0 · 27.8KiB	PGDG 16.1 el9.x86_64.pg16 : pgaudit_16 pgaudit_16-16.1-1PGDG.rhel9.x86_64.rpm PGDG · 16.1 · 27.8KiB pgaudit_16-16.0-1PGDG.rhel9.x86_64.rpm PGDG · 16.0 · 27.1KiB	PGDG 1.7.1 el9.x86_64.pg15 : pgaudit17_15 pgaudit17_15-1.7.1-1PGDG.rhel9.x86_64.rpm PGDG · 1.7.1 · 27.7KiB pgaudit17_15-1.7.0-1.rhel9.x86_64.rpm PGDG · 1.7.0 · 57.0KiB pgaudit17_15-1.7-beta1_1.rhel9.x86_64.rpm PGDG · 1.7 · 56.9KiB	PGDG 1.6.3 el9.x86_64.pg14 : pgaudit16_14 pgaudit16_14-1.6.3-1PGDG.rhel9.x86_64.rpm PGDG · 1.6.3 · 28.1KiB pgaudit16_14-1.6.2-1.rhel9.x86_64.rpm PGDG · 1.6.2 · 56.6KiB
el9.aarch64	PGDG 18.0 el9.aarch64.pg18 : pgaudit_18 pgaudit_18-18.0-1PGDG.rhel9.aarch64.rpm PGDG · 18.0 · 27.4KiB	PGDG 17.1 el9.aarch64.pg17 : pgaudit_17 pgaudit_17-17.1-1PGDG.rhel9.aarch64.rpm PGDG · 17.1 · 28.0KiB pgaudit_17-17.0-1PGDG.rhel9.aarch64.rpm PGDG · 17.0 · 27.6KiB	PGDG 16.1 el9.aarch64.pg16 : pgaudit_16 pgaudit_16-16.1-1PGDG.rhel9.aarch64.rpm PGDG · 16.1 · 27.6KiB pgaudit_16-16.0-1PGDG.rhel9.aarch64.rpm PGDG · 16.0 · 26.7KiB	PGDG 1.7.1 el9.aarch64.pg15 : pgaudit17_15 pgaudit17_15-1.7.1-1PGDG.rhel9.aarch64.rpm PGDG · 1.7.1 · 27.5KiB pgaudit17_15-1.7.0-1.rhel9.aarch64.rpm PGDG · 1.7.0 · 56.2KiB	PGDG 1.6.3 el9.aarch64.pg14 : pgaudit16_14 pgaudit16_14-1.6.3-1PGDG.rhel9.aarch64.rpm PGDG · 1.6.3 · 27.9KiB pgaudit16_14-1.6.2-1.rhel9.aarch64.rpm PGDG · 1.6.2 · 55.7KiB
el10.x86_64	PGDG 18.0 el10.x86_64.pg18 : pgaudit_18 pgaudit_18-18.0-1PGDG.rhel10.x86_64.rpm PGDG · 18.0 · 28.1KiB	PGDG 17.1 el10.x86_64.pg17 : pgaudit_17 pgaudit_17-17.1-1PGDG.rhel10.x86_64.rpm PGDG · 17.1 · 28.6KiB	PGDG 16.1 el10.x86_64.pg16 : pgaudit_16 pgaudit_16-16.1-1PGDG.rhel10.x86_64.rpm PGDG · 16.1 · 28.2KiB	PGDG 1.7.1 el10.x86_64.pg15 : pgaudit17_15 pgaudit17_15-1.7.1-1PGDG.rhel10.x86_64.rpm PGDG · 1.7.1 · 28.1KiB	PGDG 1.6.3 el10.x86_64.pg14 : pgaudit16_14 pgaudit16_14-1.6.3-1PGDG.rhel10.x86_64.rpm PGDG · 1.6.3 · 28.5KiB
el10.aarch64	PGDG 18.0 el10.aarch64.pg18 : pgaudit_18 pgaudit_18-18.0-1PGDG.rhel10.aarch64.rpm PGDG · 18.0 · 28.2KiB	PGDG 17.1 el10.aarch64.pg17 : pgaudit_17 pgaudit_17-17.1-1PGDG.rhel10.aarch64.rpm PGDG · 17.1 · 28.7KiB	PGDG 16.1 el10.aarch64.pg16 : pgaudit_16 pgaudit_16-16.1-1PGDG.rhel10.aarch64.rpm PGDG · 16.1 · 28.3KiB	PGDG 1.7.1 el10.aarch64.pg15 : pgaudit17_15 pgaudit17_15-1.7.1-1PGDG.rhel10.aarch64.rpm PGDG · 1.7.1 · 28.3KiB	PGDG 1.6.3 el10.aarch64.pg14 : pgaudit16_14 pgaudit16_14-1.6.3-1PGDG.rhel10.aarch64.rpm PGDG · 1.6.3 · 28.6KiB
d12.x86_64	PGDG 18.0 d12.x86_64.pg18 : postgresql-18-pgaudit postgresql-18-pgaudit_18.0-2.pgdg12+1_amd64.deb PGDG · 18.0 · 47.1KiB	PGDG 17.1 d12.x86_64.pg17 : postgresql-17-pgaudit postgresql-17-pgaudit_17.1-2.pgdg12+1_amd64.deb PGDG · 17.1 · 46.1KiB	PGDG 16.1 d12.x86_64.pg16 : postgresql-16-pgaudit postgresql-16-pgaudit_16.1-2.pgdg12+1_amd64.deb PGDG · 16.1 · 45.2KiB	PGDG 1.7.1 d12.x86_64.pg15 : postgresql-15-pgaudit postgresql-15-pgaudit_1.7.1-2.pgdg12+1_amd64.deb PGDG · 1.7.1 · 44.0KiB	PGDG 1.6.3 d12.x86_64.pg14 : postgresql-14-pgaudit postgresql-14-pgaudit_1.6.3-2.pgdg12+1_amd64.deb PGDG · 1.6.3 · 44.0KiB
d12.aarch64	PGDG 18.0 d12.aarch64.pg18 : postgresql-18-pgaudit postgresql-18-pgaudit_18.0-2.pgdg12+1_arm64.deb PGDG · 18.0 · 46.4KiB	PGDG 17.1 d12.aarch64.pg17 : postgresql-17-pgaudit postgresql-17-pgaudit_17.1-2.pgdg12+1_arm64.deb PGDG · 17.1 · 45.7KiB	PGDG 16.1 d12.aarch64.pg16 : postgresql-16-pgaudit postgresql-16-pgaudit_16.1-2.pgdg12+1_arm64.deb PGDG · 16.1 · 44.9KiB	PGDG 1.7.1 d12.aarch64.pg15 : postgresql-15-pgaudit postgresql-15-pgaudit_1.7.1-2.pgdg12+1_arm64.deb PGDG · 1.7.1 · 43.5KiB	PGDG 1.6.3 d12.aarch64.pg14 : postgresql-14-pgaudit postgresql-14-pgaudit_1.6.3-2.pgdg12+1_arm64.deb PGDG · 1.6.3 · 43.4KiB
d13.x86_64	PGDG 18.0 d13.x86_64.pg18 : postgresql-18-pgaudit postgresql-18-pgaudit_18.0-2.pgdg13+1_amd64.deb PGDG · 18.0 · 47.0KiB	PGDG 17.1 d13.x86_64.pg17 : postgresql-17-pgaudit postgresql-17-pgaudit_17.1-2.pgdg13+1_amd64.deb PGDG · 17.1 · 46.0KiB	PGDG 16.1 d13.x86_64.pg16 : postgresql-16-pgaudit postgresql-16-pgaudit_16.1-2.pgdg13+1_amd64.deb PGDG · 16.1 · 45.2KiB	PGDG 1.7.1 d13.x86_64.pg15 : postgresql-15-pgaudit postgresql-15-pgaudit_1.7.1-2.pgdg13+1_amd64.deb PGDG · 1.7.1 · 44.1KiB	PGDG 1.6.3 d13.x86_64.pg14 : postgresql-14-pgaudit postgresql-14-pgaudit_1.6.3-2.pgdg13+1_amd64.deb PGDG · 1.6.3 · 44.1KiB
d13.aarch64	PGDG 18.0 d13.aarch64.pg18 : postgresql-18-pgaudit postgresql-18-pgaudit_18.0-2.pgdg13+1_arm64.deb PGDG · 18.0 · 46.6KiB	PGDG 17.1 d13.aarch64.pg17 : postgresql-17-pgaudit postgresql-17-pgaudit_17.1-2.pgdg13+1_arm64.deb PGDG · 17.1 · 45.9KiB	PGDG 16.1 d13.aarch64.pg16 : postgresql-16-pgaudit postgresql-16-pgaudit_16.1-2.pgdg13+1_arm64.deb PGDG · 16.1 · 45.2KiB	PGDG 1.7.1 d13.aarch64.pg15 : postgresql-15-pgaudit postgresql-15-pgaudit_1.7.1-2.pgdg13+1_arm64.deb PGDG · 1.7.1 · 43.7KiB	PGDG 1.6.3 d13.aarch64.pg14 : postgresql-14-pgaudit postgresql-14-pgaudit_1.6.3-2.pgdg13+1_arm64.deb PGDG · 1.6.3 · 43.7KiB
u22.x86_64	PGDG 18.0 u22.x86_64.pg18 : postgresql-18-pgaudit postgresql-18-pgaudit_18.0-2.pgdg22.04+1_amd64.deb PGDG · 18.0 · 48.7KiB	PGDG 17.1 u22.x86_64.pg17 : postgresql-17-pgaudit postgresql-17-pgaudit_17.1-2.pgdg22.04+1_amd64.deb PGDG · 17.1 · 52.6KiB	PGDG 16.1 u22.x86_64.pg16 : postgresql-16-pgaudit postgresql-16-pgaudit_16.1-2.pgdg22.04+1_amd64.deb PGDG · 16.1 · 51.2KiB	PGDG 1.7.1 u22.x86_64.pg15 : postgresql-15-pgaudit postgresql-15-pgaudit_1.7.1-2.pgdg22.04+1_amd64.deb PGDG · 1.7.1 · 50.2KiB	PGDG 1.6.3 u22.x86_64.pg14 : postgresql-14-pgaudit postgresql-14-pgaudit_1.6.3-2.pgdg22.04+1_amd64.deb PGDG · 1.6.3 · 49.4KiB
u22.aarch64	PGDG 18.0 u22.aarch64.pg18 : postgresql-18-pgaudit postgresql-18-pgaudit_18.0-2.pgdg22.04+1_arm64.deb PGDG · 18.0 · 47.9KiB	PGDG 17.1 u22.aarch64.pg17 : postgresql-17-pgaudit postgresql-17-pgaudit_17.1-2.pgdg22.04+1_arm64.deb PGDG · 17.1 · 52.0KiB	PGDG 16.1 u22.aarch64.pg16 : postgresql-16-pgaudit postgresql-16-pgaudit_16.1-2.pgdg22.04+1_arm64.deb PGDG · 16.1 · 50.7KiB	PGDG 1.7.1 u22.aarch64.pg15 : postgresql-15-pgaudit postgresql-15-pgaudit_1.7.1-2.pgdg22.04+1_arm64.deb PGDG · 1.7.1 · 49.5KiB	PGDG 1.6.3 u22.aarch64.pg14 : postgresql-14-pgaudit postgresql-14-pgaudit_1.6.3-2.pgdg22.04+1_arm64.deb PGDG · 1.6.3 · 48.7KiB
u24.x86_64	PGDG 18.0 u24.x86_64.pg18 : postgresql-18-pgaudit postgresql-18-pgaudit_18.0-2.pgdg24.04+1_amd64.deb PGDG · 18.0 · 47.3KiB	PGDG 17.1 u24.x86_64.pg17 : postgresql-17-pgaudit postgresql-17-pgaudit_17.1-2.pgdg24.04+1_amd64.deb PGDG · 17.1 · 46.2KiB	PGDG 16.1 u24.x86_64.pg16 : postgresql-16-pgaudit postgresql-16-pgaudit_16.1-2.pgdg24.04+1_amd64.deb PGDG · 16.1 · 45.3KiB	PGDG 1.7.1 u24.x86_64.pg15 : postgresql-15-pgaudit postgresql-15-pgaudit_1.7.1-2.pgdg24.04+1_amd64.deb PGDG · 1.7.1 · 44.3KiB	PGDG 1.6.3 u24.x86_64.pg14 : postgresql-14-pgaudit postgresql-14-pgaudit_1.6.3-2.pgdg24.04+1_amd64.deb PGDG · 1.6.3 · 44.2KiB
u24.aarch64	PGDG 18.0 u24.aarch64.pg18 : postgresql-18-pgaudit postgresql-18-pgaudit_18.0-2.pgdg24.04+1_arm64.deb PGDG · 18.0 · 46.5KiB	PGDG 17.1 u24.aarch64.pg17 : postgresql-17-pgaudit postgresql-17-pgaudit_17.1-2.pgdg24.04+1_arm64.deb PGDG · 17.1 · 45.9KiB	PGDG 16.1 u24.aarch64.pg16 : postgresql-16-pgaudit postgresql-16-pgaudit_16.1-2.pgdg24.04+1_arm64.deb PGDG · 16.1 · 45.0KiB	PGDG 1.7.1 u24.aarch64.pg15 : postgresql-15-pgaudit postgresql-15-pgaudit_1.7.1-2.pgdg24.04+1_arm64.deb PGDG · 1.7.1 · 43.6KiB	PGDG 1.6.3 u24.aarch64.pg14 : postgresql-14-pgaudit postgresql-14-pgaudit_1.6.3-2.pgdg24.04+1_arm64.deb PGDG · 1.6.3 · 43.6KiB

Install

You can install pgaudit directly. First, make sure the PGDG repository is added and enabled:

pig repo add pgdg -u          # Add PGDG repo and update cache

Install the extension using pig or apt/yum/dnf:

pig install pgaudit;          # Install for current active PG version

pig ext install -y pgaudit -v 18  # PG 18
pig ext install -y pgaudit -v 17  # PG 17
pig ext install -y pgaudit -v 16  # PG 16
pig ext install -y pgaudit -v 15  # PG 15
pig ext install -y pgaudit -v 14  # PG 14

dnf install -y pgaudit_18       # PG 18
dnf install -y pgaudit_17       # PG 17
dnf install -y pgaudit_16       # PG 16
dnf install -y pgaudit_15       # PG 15
dnf install -y pgaudit_14       # PG 14

apt install -y postgresql-18-pgaudit   # PG 18
apt install -y postgresql-17-pgaudit   # PG 17
apt install -y postgresql-16-pgaudit   # PG 16
apt install -y postgresql-15-pgaudit   # PG 15
apt install -y postgresql-14-pgaudit   # PG 14

Preload:

shared_preload_libraries = 'pgaudit';

Create Extension:

CREATE EXTENSION pgaudit;

Usage

pgaudit: Open Source PostgreSQL Audit Logging

pgAudit provides detailed session and/or object audit logging via the standard PostgreSQL logging facility, producing audit trails required for government, financial, or ISO certifications.

CREATE EXTENSION pgaudit;

Configuration Parameters

Parameter	Default	Description
`pgaudit.log`	`none`	Statement classes to log: `READ`, `WRITE`, `FUNCTION`, `ROLE`, `DDL`, `MISC`, `MISC_SET`, `ALL`
`pgaudit.log_catalog`	`on`	Log statements when all relations are in pg_catalog
`pgaudit.log_client`	`off`	Show audit log messages to client
`pgaudit.log_level`	`log`	Log level for audit entries
`pgaudit.log_parameter`	`off`	Include statement parameters in log
`pgaudit.log_parameter_max_size`	`0`	Max parameter size in bytes (0=unlimited)
`pgaudit.log_relation`	`off`	Separate log entry per relation in SELECT/DML
`pgaudit.log_rows`	`off`	Include row count in log
`pgaudit.log_statement`	`on`	Include statement text in log
`pgaudit.log_statement_once`	`off`	Log statement text only with first entry
`pgaudit.role`	(none)	Master role for object audit logging

Session Audit Logging

Log all DML and DDL with per-relation detail:

SET pgaudit.log = 'write, ddl';
SET pgaudit.log_relation = on;

Log everything except miscellaneous commands:

SET pgaudit.log = 'all, -misc';

Example output:

AUDIT: SESSION,1,1,DDL,CREATE TABLE,TABLE,public.account,create table account(...)
AUDIT: SESSION,2,1,READ,SELECT,,,select * from account

Object Audit Logging

Grant permissions to an audit role to control which relations are logged:

SET pgaudit.role = 'auditor';

GRANT SELECT, DELETE
   ON public.account
   TO auditor;

Now any SELECT or DELETE on the account table will be audit logged.

Log Format

Entries are CSV with fields: AUDIT_TYPE, STATEMENT_ID, SUBSTATEMENT_ID, CLASS, COMMAND, OBJECT_TYPE, OBJECT_NAME, STATEMENT, PARAMETER.

Feedback

Was this page helpful?

Thanks for the feedback! Please let us know how we can improve.

Sorry to hear that. Please let us know how we can improve.

Last Modified 2026-03-12: add pg extension catalog (95749bf)