Shadow Tables vers PGAudit

A shadow table is an table that is read and written by a trigger function and contains data similar to (in the same format as) its primary table, which is the table it's "shadowing" along with a few extra fields so that you can time travel the shadow table and know who did what and when. In this presentation we will cover traditional Shadow Tables which works with all current version of Postgresql and all cloud providers vers PGAudit which required Postgres 9.5 or newer. PGAudit provide PostgreSQL users with capability to produce audit logs often required to comply with government, financial, or ISO certifications. While both provide similar things, they are drastically different in the goals and the outputs and what you can easily do with those outputs.

  • Shadow Tables:
    • Writing a Shadow Table Function
    • Attaching the Function via a Trigger to a Normal Table
    • Time Traveling your Shadow Table
    • Capturing DDL Changes
  • PGAudit:
    • Compiling PG Audit
    • Auditing Tables
    • Auditing DDL
    • Setting who can be audited
    • Setting what can be audited
  • Pros & Cons
    • Shadow Tables
    • PGAudit
  • Cloud Providers
    • Amazon RDS Postgresql
    • Amazon Aurora Postgresql
    • Microsoft Azure Postgresql
    • Google Postgresql
  • Other Shadow Table Projects

The 3/22/2019 Presentation and Zip (sql) files are now presented online here that I gave in at the PostgresConf in New York.