Problem
log_connections database flag, when enabled for PostgreSQL, will help in getting verbose information about the connections being made. But there might be some difficulty in understanding the different types of connection attempts to the PostgreSQL DB, that are recorded in the Cloud Logging logs, post enablement of this flag. This problem occurs especially when the connection attempts are recorded with host=[local] with no port number.
Environment
- Cloud SQL
- PostgreSQL
Solution
The log_connections entries can be broadly classified into three categories:
- The log with the host=[local] refers to a connection made locally, using a UNIX socket. As it is not a TCP connection, it doesn't specify a port in the connection attempt log. Users don't have to worry about the security risk of these connections.
- Any connection made through Cloud SQL Proxy would appear as host= 127.0.0.1, while establishing the connection, since it is a localhost TCP connection from a local host.
- Any other connection that arrives, will show with the proper source IP on the logs.