Skip to content
logo-white
All posts

Bringing PostgreSQL audit to a new level

Some of you might have read our blog post about combining PostgreSQL, PGAudit and immudb in a network environment.

PGblogpost-background transparent

After the release of immudb Vault, the security for audit data has been brought to another level. Now you can store the audit data in immudb Vault, tamper-proof and auditable.

To get started make sure to register for a Vault to get the required API key.

Vault Search

You can find the source code here: https://github.com/codenotary/immudb-log-audit

TL;DR


In a quest to enhance security and integrity of database audit logs, the integration of PostgreSQL, PGAudit, and immudb Vault offers a formidable solution. 

PGAudit is an extension for PostgreSQL that provides robust audit logging capabilities, effectively tracking and recording all database activities. However, the integrity of these logs is paramount. Enter immudb Vault, a cloud database solution leveraging the immutability of its acclaimed immudb database. The vault guarantees a secure, tamper-proof and auditable store for your audit logs.

This powerful combination guarantees four core benefits:

1. Immutability: With immudb Vault, once data is recorded, it becomes tamper-proof, ensuring data integrity and offering a reliable audit trail.

2. Security: Each record or transaction in the Vault is cryptographically linked to its predecessor, forming a secure chain that is near impossible for malicious actors to interfere with.

3. Auditing and Compliance: The Vault ensures each transaction is recorded in a permanent, traceable manner. This simplifies tracking data origin and history, aiding in regulatory compliance.

4. Transparency and Trust: All network participants have equal access to the same data, offering a shared source of truth. This enhances trust as the data's accuracy can be independently verified.

What is PGAudit?

PGaudit is a PostgreSQL extension that provides detailed audit logging capabilities. It allows you to track and record all database activity, including SELECT, INSERT, UPDATE, and DELETE statements, as well as connections, disconnections, and errors. This information is stored in the PostgreSQL audit log, which is a text file that can be easily read and analyzed.

What is immudb Vault?

immudb Vault is a cloud database using the acclaimed immudb immutable database. It allows you to store your data with peace of mind, knowing that it will be safe from tampering.
You can build on 4 pillars that Vault provides:


Immutability
The ability to create tamper-proof records. Once data is recorded, it cannot be altered or deleted without the consensus of the network participants. This ensures data integrity & provides a reliable audit trail.

Security
Each transaction or record is cryptographically linked to the previous one, forming a chain of blocks. This makes it extremely difficult for malicious actors to tamper with the data.

Auditing and Compliance
Each transaction is recorded in a permanent and traceable manner, making it easier to track the origin and history of data.

Transparency and Trust
All participants in the network have access to the same set of data, creating a shared source of truth. This transparency enhances trust, as they can independently verify the accuracy of the data.

Combining PGAudit and immudb Vault

pgaudit is PostgreSQL extension that enables audit logs for the database. Any kind of audit logs should be stored in secure location. immudb is fulfilling this requirement with its immutable and tamper-proof features.

vault-log-audit can parse PostgreSQL pgaudit logs in the following formats:

Jsonlog log parser (recommended)
Stderr log parser. It assumes that each log line has log_line_prefix of '%m [%p] '.
For more information about those formats, visit PostgreSQL logging documentation.

You need to have an PostgreSQL running with pgaudit extension enabled to be able to retrieve PostgreSQL changes and store them in immudb Vault. As a result, you will be able to retrieve each change in a timestamped order or using the Web-UI:

Vault Dashboard

Conclusion

In the rapidly evolving digital landscape, the task of securing, managing, and ensuring the integrity of data has become more complex than ever. However, this has also opened up opportunities for database administrators to adopt innovative and robust solutions, such as the powerful combination of PGAudit and immudb Vault.

With PGAudit, administrators can keep a detailed record of all database activities, while immudb Vault provides an unalterable, cryptographically linked, and tamper-proof storage for these records. This not only secures your data but also facilitates auditing, compliance, and offers increased transparency. 

In conclusion, the marriage of PGAudit and immudb Vault provides an essential shield for your data. It's not just about protection, but also about creating an environment of trust and transparency. As database administrators, it's our duty to safeguard our data. The question isn't why you should use this combination, but rather, why haven't you started yet?

https://github.com/codenotary/immudb-log-audit#how-to-set-up