Can Snare products collect logs from PostgreSQL?

Owned by Carlos Osorio
Nov 10, 2020


SUMMARY

The Enterprise Epilog for Unix agent is the best Snare agent to use to collect logs from the PostgreSQL environment when on Unix. PostgreSQL can send logs to text log files using various options and log levels.

PostgreSQL supports several methods for logging server messages, including stderr, csvlog and syslog. On Windows, the eventlog is also supported so the Snare for Windows agent can be used on this platform to collect these logs. Set this parameter to a list of desired log destinations separated by commas. The default is to log to stderr only maybe set to log to the console or a log in /var/log.

The parameters can only be set in the postgresql.conf file or on the server command line.
The main parameters are the following, so Epilog can be configured to collect the logs:

log_directory (string)
log_filename (string)
log_file_mode (integer)

For more details on how to setup audit logging for Postgres refer to the following link https://www.postgresql.org/docs/9.3/static/runtime-config-logging.html