User and Permission Audit
audit_login_logout
Parameter description: Specifies whether to audit the openGauss user's login (including login success and failure) and logout.
This parameter is a SIGHUP parameter. Set it based on instructions provided in Table 1.
Value range: an integer ranging from 0 to 7
- 0 indicates that the function of auditing users' logins and logouts is disabled.
- 1 indicates that only successful user logins are audited.
- 2 indicates that only failed user logins are audited.
- 3 indicates that successful and failed user logins are audited.
- 4 indicates that only user logouts are audited.
- 5 indicates that successful user logouts and logins are audited.
- 6 indicates that failed user logouts and logins are audited.
- 7 indicates that successful user logins, failed user logins, and logouts are audited.
Default value: 7
audit_database_process
Parameter description: Specifies whether to audit openGauss start, stop, recovery, and switchover operations.
This parameter is a SIGHUP parameter. Set it based on instructions provided in Table 1.
Value range: 0 or 1
- 0 indicates that the function of auditing openGauss start, stop, recovery, and switchover operations is disabled.
- 1 indicates that the function of auditing openGauss start, stop, recovery, and switchover operations is enabled.
Default value: 1
NOTICE: When openGauss is started, the standby DN is promoted to primary. Therefore, the DN type in the audit log is system_switch when the DN is started.
audit_user_locked
Parameter description: Specifies whether to audit the openGauss user's locking and unlocking.
This parameter is a SIGHUP parameter. Set it based on instructions provided in Table 1.
Value range: 0 or 1
- 0 indicates that the function of auditing user's locking and unlocking is disabled.
- 1 indicates that the function of auditing user's locking and unlocking is enabled.
Default value: 1
audit_user_violation
Parameter description: Specifies whether to audit the access violation operations of a user.
This parameter is a SIGHUP parameter. Set it based on instructions provided in Table 1.
Value range: 0 or 1
- 0 indicates that the function of auditing the access violation operations of a user is disabled.
- 1 indicates that the function of auditing the access violation operations of a user is enabled.
Default value: 0
audit_grant_revoke
Parameter description: Specifies whether to audit the granting and reclaiming of the openGauss user's permission.
This parameter is a SIGHUP parameter. Set it based on instructions provided in Table 1.
Value range: 0 or 1
- 0 indicates that the function of auditing the granting and reclaiming of a user's permission is disabled.
- 1 indicates that the function of auditing the granting and reclaiming of a user's permission is enabled.
Default value: 1