PostgreSql Event trigger for Auditing - postgresql

I am about to implement an audit system in my database and am looking for the most effective way to do this.
I've read the wiki and did my research.
There is this example: https://wiki.postgresql.org/wiki/Audit_trigger
And also this: https://wiki.postgresql.org/wiki/Audit_trigger_91plus
In the listed examples you have to create a trigger for each table (kinda redudant).
However with Postgres 9.3+ we have the ability of event triggers where we can react on special events like create, alter or drop table.
An optimal solution would be:
create event trigger UpdateTables
on ddl_command_end
when tag in ( 'insert ', 'update ')
execute procedure DoAudit();
However that returns:
ERROR: filter value "insert " not recognized for filter variable "tag"
SQL Status:42601
I am wondering if we also can react on insert, update events with event triggers and use this single trigger for all auditing?

This won't work.
The "on ddl_command_end" means the event is intended to be invoked on structural changes in the database. The complete reference to events is here: https://www.postgresql.org/docs/current/static/event-trigger-matrix.html

Have a look at this:
https://eager.io/blog/audit-postgres/
This is a quite simple, yet effective way to implement an auditing system, making use of the hstore data type. I recently tried it and it worked flawlessly "out of the box".

Related

Create Triggers on SYSUSER table in sql Anywhere 16

I want to call a certain procedure that logs everytime a database user is created or deleted in the db ( sql Anywhere 16).
For this i have written a Function that should be called via a trigger when a row is inserted or deleted from table SYS.SYSUSER.
However, I am not able to create a trigger on this table.
Am i allowed to create trigger on this or is there someother way to get notified whenever a user is created or deleted for db?
New to sybase please help.
heres is my create trigger code
CREATE TRIGGER myTrigger AFTER INSERT ON sys.sysuser
REFERENCING NEW AS newRecord
FOR EACH ROW
BEGIN
--
END;
You cannot create a trigger on a system table. You can create a handler for "system events", which are described in the online SQL Anywhere documentation. Unfortunately, creation or deletion of users is not a system event that can be handled. I don't believe there's a way short of polling that you can do what you want to do.
Full disclosure: I work for SAP in SQL Anywhere engineering.

TSQL For Triggers

Sorry but I'm struggling with the online documentation.
What exactly is the difference for a FOR trigger compared to a AFTER and INSTEAD OF?
Thanks
The FOR and the AFTER trigger is the same. You specify them in the same way and they do the same thing:
CREATE TRIGGER sometrigger on sometable FOR INSERT,UPDATE,DELETE
CREATE TRIGGER sometrigger on sometable AFTER INSERT,UPDATE,DELETE
The INSTEAD OF trigger is something completely different. When you specify a trigger with the instead of then the trigger will execute instead of the insert, update and delete. This can be useful when you have views. So you can control what should be delete, updated and inserted in the views underlying tables
Here is an link to explain the triggers in more depth

Multiple triggers on the same event

I would like to ask you which are the RDBMS's which support multiple triggers for the same event. For instance I have a table called MyTable and I would like to create trigger1 and trigger2 which should run before insert into the given table. Is there an RDBMS which supports this?
Why do you need two triggers on the same "before insert" event? Can't you combine the trigger code into one?

Learning about DB2 triggers

Hi I am trying to figure out the syntax for triggers. I have two tables one called tagged_in and the other notification. So I want to make a trigger where when an insert is called in tagged_in I want to insert a tuple in notification.
The manuals are available at the DB2 InfoCenter. Did you read the CREATE TRIGGER statement information yet? If not, why not? If so, what did you try, and what error did you get?
Something like this
CREATE TRIGGER TEST_TRIGGER
AFTER INSERT ON TAGGED_IN
REFERENCING NEW AS NEW_TAG
FOR EACH ROW
BEGIN ATOMIC
INSERT INTO NOTIFICATION
VALUES (NEW_TAG.FIELD1,NEW_TAG.FIELD2);
END

Specify max number of databases a user can own

Is this possible?
I would like to have a limit for a user, lets say 5 databases.
So when he tries to issue a CREATE query to create a 6th an exception is thrown.
No, you cannot do this - at least not in a declarative way (just simply specify the max number of databases owned for each user).
The closest you could get with standard SQL Server functionality would be to create a DDL trigger for CREATE DATABASE and in that trigger, check to see if the current user already owns five databases, and in that case, let the trigger fail the operation.
Something along the lines of this (taken from TechNet sample):
CREATE TRIGGER ddl_trig_database
ON ALL SERVER
FOR CREATE_DATABASE
AS
-- here, check to see if current user already owns five databases
-- and if so, fail the trigger by using RAISERROR
GO
look into DDL triggers, with a trigger like this one below you can trap the CREATE DATABASE statement
CREATE TRIGGER ddl_trig_database
ON ALL SERVER
FOR CREATE_DATABASE
AS
--do something here
-- select count(*)from sys.sysdatabases where sid = ???
GO