Using command tags to filter audit logs v16
Each entry in the log file contains a command tag, except for entries that display an error message. A command tag is the SQL command executed for that log entry. The command tag makes it possible to use tools later to scan the log file to find entries related to a SQL command.
This example is in XML form, formatted for easier review. The command tag is displayed as the command_tag
attribute of the event
element with values CREATE ROLE
, ALTER ROLE
, and DROP ROLE
.
The following is the same example in CSV form. The command tag is the next-to-last column of each entry. In the listing, the column that appears empty (""), is the value of the edb_audit_tag
parameter, if provided.
(Each audit log entry was split and displays across multiple lines. A blank line was inserted between the audit log entries for visual clarity.)