MIME-Version: 1.0
References: <CAEzWdqd=83DQo4SK0sjPhBNAHGCvdcJ3X0OruFLgkL008AM8ug@mail.gmail.com>
 <CAPnRvGvHAC8HjLCZ2uUBCRZ7=fMJnkTPd3cBOchJu-Vn7G2MHg@mail.gmail.com> <CAEzWdqfUWE=fuR5k1rd1iQx4K1-LceW3razY8f_tb9YONAZRMQ@mail.gmail.com>
In-Reply-To: <CAEzWdqfUWE=fuR5k1rd1iQx4K1-LceW3razY8f_tb9YONAZRMQ@mail.gmail.com>
From: Ron Johnson <ronljohnsonjr@gmail.com>
Date: Wed, 4 Sep 2024 10:31:29 -0400
Message-ID: <CANzqJaC1Ayhmjg2XA5nfeg-Yy8T1vmNXO+bHkWRgV2N4wfQVVw@mail.gmail.com>
Subject: Re: question on audit columns
To: pgsql-general <pgsql-general@postgresql.org>
Content-Type: multipart/alternative; boundary="0000000000004d987206214c0805"
Archived-At: <https://www.postgresql.org/message-id/CANzqJaC1Ayhmjg2XA5nfeg-Yy8T1vmNXO%2BbHkWRgV2N4wfQVVw%40mail.gmail.com>
Precedence: bulk

--0000000000004d987206214c0805
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

On Wed, Sep 4, 2024 at 9:10=E2=80=AFAM yudhi s <learnerdatabase99@gmail.com=
> wrote:

>
> On Wed, Sep 4, 2024 at 6:29=E2=80=AFPM Muhammad Usman Khan <usman.k@bitni=
ne.net>
> wrote:
>
>> Hi,
>>
>> In your scenario, triggers can add some overhead since they require extr=
a
>> processing after each update operation. Considering the size of your tab=
le
>> and the high transaction volume, you need to observe that this might
>> significantly affect performance.
>>
>

> On Wed, 4 Sept 2024 at 17:50, yudhi s <learnerdatabase99@gmail.com> wrote=
:
>>
>>> Hello,
>>> In postgres database , we have all the tables with audit columns like
>>> created_by_user, created_timestamp,updated_by_user, updated_timestamp. =
So
>>> we have these fields that were supposed to be populated by the time at
>>> which the insert/update operation happened on the database but not at t=
he
>>> application level. So we are planning to populate the created_by_user,
>>> created_timestamp columns by setting a default value of "current_timest=
amp"
>>> and "current_user" for the two columns,  but no such this is available =
to
>>> populate while we do the update of the row, so the only option seems to=
 be
>>> through a trigger.
>>>
>>> So wanted to check with the experts here  ,considering the table will b=
e
>>> DML heavy table (300M+ transactions will be inserted daily), Is is okay=
 to
>>> have the trigger for this table for populating all the audit columns or
>>> should we keep default for  created_by_user, created_timestamp and just
>>> trigger for the update related two audit column? Basically wanted to se=
e,
>>> if the default value does the same thing as a trigger or it does someth=
ing
>>> more optimally than trigger?
>>>
>>> Regards
>>> Yudhi
>>>
>>
> Thank you so much. So do you mean to say that , we should add default
> values for the create_timestamp and create_user_id as current_timestamp a=
nd
> current_user,
>

That's the simplest way.  But the application can overwrite those fields.


> but for update_user_id and update_timestamp , we can ask the application
> to update the values manually , whenever they are executing the update
> statement on the rows?
>

How strict are the audit requirements?

If they're really strict, you might need INSERT and UPDATE triggers that
call security defined functions which write into a separate table not
accessible by the application.  That table would have the application
table's PK, created_by_user, created_timestamp, updated_by_user and
updated_timestamp.

Would that table have a LOT of records?  Sure.
Would it add overhead?  Sure.

But the subsequently beefier hardware requirements and care in designing
the physical schema (for example, audit tables in a separate tablespace and
pg_wal/ on separate disk controllers, or a 10Gb SAN) are the price you pay
for strict audit requirements.

Of course, if the audit requirements are minimal, then sure, "default
values and the application" are Good Enough.

--=20
Death to America, and butter sauce.
Iraq lobster!

--0000000000004d987206214c0805
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr"><div dir=3D"ltr">On Wed, Sep 4, 2024 at 9:10=E2=80=AFAM yu=
dhi s &lt;<a href=3D"mailto:learnerdatabase99@gmail.com">learnerdatabase99@=
gmail.com</a>&gt; wrote:<br></div><div class=3D"gmail_quote"><blockquote cl=
ass=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid=
 rgb(204,204,204);padding-left:1ex"><div dir=3D"ltr"><div dir=3D"ltr"><br><=
/div><div class=3D"gmail_quote"><div dir=3D"ltr" class=3D"gmail_attr">On We=
d, Sep 4, 2024 at 6:29=E2=80=AFPM Muhammad Usman Khan &lt;<a href=3D"mailto=
:usman.k@bitnine.net" target=3D"_blank">usman.k@bitnine.net</a>&gt; wrote:<=
br></div><blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8e=
x;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir=3D"ltr"=
><div>Hi,</div><div><br>In your scenario, triggers can add some overhead si=
nce they require extra processing after each update operation. Considering =
the size of your table and the high transaction volume, you need to observe=
 that this might significantly affect performance.=C2=A0 =C2=A0</div></div>=
</blockquote></div></div></blockquote><div>=C2=A0<br></div><blockquote clas=
s=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid r=
gb(204,204,204);padding-left:1ex"><div dir=3D"ltr"><div class=3D"gmail_quot=
e"><blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;bord=
er-left:1px solid rgb(204,204,204);padding-left:1ex"><div class=3D"gmail_qu=
ote"><div dir=3D"ltr" class=3D"gmail_attr">On Wed, 4 Sept 2024 at 17:50, yu=
dhi s &lt;<a href=3D"mailto:learnerdatabase99@gmail.com" target=3D"_blank">=
learnerdatabase99@gmail.com</a>&gt; wrote:<br></div><blockquote class=3D"gm=
ail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,=
204,204);padding-left:1ex"><div dir=3D"ltr">Hello,<div>In postgres database=
 , we have all the tables with audit columns like created_by_user, created_=
timestamp,updated_by_user, updated_timestamp. So we have these=C2=A0fields =
that were supposed to be populated by the time at which the insert/update o=
peration happened on the database but not at the application level. So we a=
re planning=C2=A0to populate the created_by_user, created_timestamp columns=
 by setting a default value of &quot;current_timestamp&quot; and &quot;curr=
ent_user&quot; for the two columns,=C2=A0 but no such this is available to =
populate while we do the update of the row, so the only option seems=C2=A0t=
o be through a trigger.=C2=A0</div><div><br></div><div>So wanted to check w=
ith the experts here=C2=A0 ,considering the table will be DML heavy table (=
300M+ transactions will be inserted daily), Is is okay to have the trigger =
for this table for populating all the audit columns=C2=A0or should=C2=A0we =
keep default for=C2=A0 created_by_user, created_timestamp and just trigger =
for the update related two audit column? Basically wanted to see, if the de=
fault value does the same thing as a trigger or it does something more opti=
mally than trigger?</div><div><br></div><div>Regards</div><div>Yudhi</div><=
/div></blockquote></div></blockquote><div><br></div><div>Thank you so much.=
 So do you mean to say that , we should add default values for the create_t=
imestamp and create_user_id as current_timestamp and current_user,=C2=A0</d=
iv></div></div></blockquote><div><br></div><div>That&#39;s the simplest way=
.=C2=A0 But the application can overwrite those fields.</div><div>=C2=A0</d=
iv><blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;bord=
er-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir=3D"ltr"><div =
class=3D"gmail_quote"><div> but for update_user_id and update_timestamp , w=
e can ask the application to update the values manually , whenever=C2=A0the=
y are executing the update statement on the rows?=C2=A0</div></div></div>
</blockquote></div><div><br></div>How strict are the audit requirements?<br=
 clear=3D"all"><div><br></div><div>If they&#39;re really strict, you might =
need INSERT and UPDATE triggers that call security defined functions which =
write into a separate table not accessible by the application.=C2=A0 That t=
able would have the application table&#39;s PK, created_by_user, created_ti=
mestamp, updated_by_user and updated_timestamp.</div><div><br></div><div>Wo=
uld that table have a LOT of records?=C2=A0 Sure.</div><div>Would it add ov=
erhead?=C2=A0 Sure.</div><div><br></div><div>But the subsequently=C2=A0beef=
ier hardware requirements and care in designing the physical schema (for ex=
ample, audit tables in a separate tablespace and pg_wal/ on separate disk c=
ontrollers, or a 10Gb SAN) are the price you pay for strict audit requireme=
nts.</div><div><br></div><div>Of course, if the audit requirements are mini=
mal, then sure, &quot;default values and the application&quot; are Good Eno=
ugh.</div><div><br></div><span class=3D"gmail_signature_prefix">-- </span><=
br><div dir=3D"ltr" class=3D"gmail_signature"><div dir=3D"ltr">Death to Ame=
rica, and butter sauce.<div>Iraq lobster!</div></div></div></div>

--0000000000004d987206214c0805--