[[["容易理解","easyToUnderstand","thumb-up"],["確實解決了我的問題","solvedMyProblem","thumb-up"],["其他","otherUp","thumb-up"]],[["難以理解","hardToUnderstand","thumb-down"],["資訊或程式碼範例有誤","incorrectInformationOrSampleCode","thumb-down"],["缺少我需要的資訊/範例","missingTheInformationSamplesINeed","thumb-down"],["翻譯問題","translationIssue","thumb-down"],["其他","otherDown","thumb-down"]],["上次更新時間:2025-09-04 (世界標準時間)。"],[[["\u003cp\u003eAuditing on an AlloyDB instance requires enabling the \u003ccode\u003ealloydb.enable_pgaudit\u003c/code\u003e flag.\u003c/p\u003e\n"],["\u003cp\u003eAfter enabling the flag, connect to the cluster's primary instance to create the \u003ccode\u003epgaudit\u003c/code\u003e extension in each desired database.\u003c/p\u003e\n"],["\u003cp\u003eSetting \u003ccode\u003ealloydb.enable_pgaudit\u003c/code\u003e to true and \u003ccode\u003elogging_collector\u003c/code\u003e to on may cause a loss of audit logs in AlloyDB Omni.\u003c/p\u003e\n"],["\u003cp\u003eOnly users in the \u003ccode\u003ealloydbsuperuser\u003c/code\u003e role can create extensions, and the postgres user is part of it by default.\u003c/p\u003e\n"],["\u003cp\u003eEnabling the \u003ccode\u003epgAudit\u003c/code\u003e extension may lead to increased data storage requirements in the event of a service disruption.\u003c/p\u003e\n"]]],[],null,["# Enable pgAudit\n\nTo enable auditing on an AlloyDB instance, you perform two steps. First, you\nenable alloydb.enable_pgaudit flag on the instance. Then, you connect to the\ncluster's primary instance and create the pgaudit extension in the databases.\n| **Warning:** In AlloyDB Omni only, setting the `alloydb.enable_pgaudit` flag to `true` and the PostgreSQL `logging_collector` parameter to `on`, you might experience a loss of audit logs.\n| **Note:** Enabling the pgAudit extension can lead to increased data storage requirements if a service disruption occurs.\n| **Note:** Only users who are members of the `alloydbsuperuser` role can create extensions. The postgres user role that is created when you create a new cluster is a member of the `alloydbsuperuser` role.\n\n1. Enable pgAudit on the instance: \n\n ### Console\n\n 1. In the Google Cloud console, go to the **Clusters** page.\n\n [Go to Clusters](https://console.cloud.google.com/alloydb/clusters)\n 2. Click a cluster in the **Resource Name** column.\n 3. In the **Overview** page, go to **Instances in your cluster** , select an instance, and then click **Edit**.\n 4. Add the `alloydb.enable_pgaudit` flag on your instance:\n 1. Click **Add flag**.\n 2. Select the `alloydb.enable_pgaudit` flag from the **New database flag** list.\n 3. Select **on** from the **Value** list.\n 4. Click **Done**.\n 5. Click **Update instance**.\n\n ### gcloud\n\n Enable pgAudit on an instance by setting that instance's `alloydb.enable_pgaudit` flag to `on`. For more information on setting an instance's database flags using the Google Cloud CLI, see [Configure an instance's database flags](/alloydb/docs/instance-configure-database-flags).\n\n Note that AlloyDB automatically restarts the instance after\n you update this flag.\n| **Note:** The default value for the \\`pgaudit.log\\` flag is \\`none\\`. To use the pgAudit extension, you must [set values for\n| this flag.](/alloydb/docs/pgaudit/configure-log-behavior)\n2. Connect to the primary instance and create the extension in each database. You must perform the following steps on the primary instance even if you are enabling auditing on a read pool instance:\n 1. Connect a psql client to the cluster's primary instance, as described in [Connect a psql client to an instance](/alloydb/docs/connect-psql).\n 2. At the psql command prompt, connect to the database and create the extension: \n\n ```\n \\c DB_NAME\n CREATE EXTENSION IF NOT EXISTS pgaudit;\n \n ```\n 3. Repeat the previous two steps to connect to other databases and create the extension in each one of them."]]
