Received: from malur.postgresql.org ([217.196.149.56])
	by arkaria.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <pgsql-general-owner+archive@lists.postgresql.org>)
	id 1tn2Bl-001JOl-PV
	for pgsql-general@arkaria.postgresql.org; Tue, 25 Feb 2025 21:10:02 +0000
Received: from localhost ([127.0.0.1] helo=malur.postgresql.org)
	by malur.postgresql.org with esmtp (Exim 4.94.2)
	(envelope-from <pgsql-general-owner+archive@lists.postgresql.org>)
	id 1tn2Bk-008j1t-LP
	for pgsql-general@arkaria.postgresql.org; Tue, 25 Feb 2025 21:10:00 +0000
Received: from makus.postgresql.org ([2001:4800:3e1:1::229])
	by malur.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <sakshi.behl@credots.com>)
	id 1tmyax-005a7b-00
	for pgsql-general@lists.postgresql.org; Tue, 25 Feb 2025 17:19:47 +0000
Received: from mail-dbaeur03on20724.outbound.protection.outlook.com ([2a01:111:f403:260d::724] helo=EUR03-DBA-obe.outbound.protection.outlook.com)
	by makus.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.96)
	(envelope-from <sakshi.behl@credots.com>)
	id 1tmyat-0002K5-1h
	for pgsql-general@postgresql.org;
	Tue, 25 Feb 2025 17:19:45 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;
 b=Pvjy3+R0oe9X05CF1GKzYnGgXeiDrcy5OHfkbSSkc7HYW+6++U2UszsWd/f8P4IxBXP4dLBlUkPE+7zosDzN0J2tL+rn2hJ1llwcETDpBeWgG17lpfeoAfdlCyW4bVZpw5S3XPrmdaSgMM94nL9zPVdxLUwBVA82wheXwMtq93v6h8Yr208dapirmFi9urfEf7u4IId+I8bZDdloIX03NuWZZIZn246Wa5QHkkLC53S2sN+kbU3g914oFoW2wzHzySejyz0zEcxR2KKnMedCLGKc10gPP+qM2cxwtVWHKniUQJlMogudTtP+2phTvgB4o+Bfi/gzpHluLU9q6bIapA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector10001;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=tMSNT7DTSTNiIkewJKNeqtsmZkFwDxRJ/D3mf1SYWts=;
 b=CZ5euFjPe8lQrT8lTx5bLdmMctO/2XpehijPzYiVbAIULoTFuzaX8Nxqwe9Wpv21L9Mm1Vi6ub8YYK/sagDPXEvf76e7oj3e2tQsOJ4R2G2B5sv/gQNTmPTgHvFLbrq1GmOVzv8P5K74+ucKcjTeczKZb9nU54KYAM29BfWZO0VyUkswzsMjp3zpUYtIr5K/Gj8n4K2r59gQSx9Pf9RzS8h0RAw5P9ZqMCDkWOi4nDGMqK7kAdge47d8Z4AbdoMMXem2Q0DS1CEYj1WTpJo84tSe/H/WEb8zM00EcshzAcZa8kkOotAaEUtKq0IEUn2IXojzS3sba8XwgsTsJxkJ0w==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=credots.com; dmarc=pass action=none header.from=credots.com;
 dkim=pass header.d=credots.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=credots.onmicrosoft.com; s=selector1-credots-onmicrosoft-com;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=tMSNT7DTSTNiIkewJKNeqtsmZkFwDxRJ/D3mf1SYWts=;
 b=UqRKeZcvwoF/7Z6cjkxcdKABABaqeBj5IwItVKwthdnguUmO6QzD1tJ2icnJbmbYSZNYpg//30WZfhTpyKajdX3nQ27+pZ74efxR40Ay1e3soDwTClMPwqpNeZgkPXTKZHE6UjhhBd5NkSrMxnwY5p01J4h9ZCDxotysBi7lUNg=
Received: from DU2PR04MB8920.eurprd04.prod.outlook.com (2603:10a6:10:2e3::17)
 by DU2PR04MB8920.eurprd04.prod.outlook.com (2603:10a6:10:2e3::17) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8445.19; Tue, 25 Feb
 2025 17:19:39 +0000
Received: from DU2PR04MB8920.eurprd04.prod.outlook.com
 ([fe80::90d1:e9eb:2213:e724]) by DU2PR04MB8920.eurprd04.prod.outlook.com
 ([fe80::90d1:e9eb:2213:e724%4]) with mapi id 15.20.8445.017; Tue, 25 Feb 2025
 17:19:39 +0000
From: Sakshi Behl <sakshi.behl@credots.com>
To: Adrian Klaver <adrian.klaver@aklaver.com>, "pgsql-general@postgresql.org"
	<pgsql-general@postgresql.org>
Subject: Re: PgSQL - SIEM Integration
Thread-Topic: PgSQL - SIEM Integration
Thread-Index: AQHbh0/nqeMLr/5g00Gt1b3Y6gSkVbNYIJUAgAAjf0Y=
Date: Tue, 25 Feb 2025 17:19:39 +0000
Message-ID:
 <DU2PR04MB89205D060A11DC35CD7C29DCEBC32@DU2PR04MB8920.eurprd04.prod.outlook.com>
References:
 <DU2PR04MB8920FAA78FD9B8FAE7BEE1D3EBC32@DU2PR04MB8920.eurprd04.prod.outlook.com>
 <e904238e-8eaf-4d60-9371-37053bd0c38a@aklaver.com>
In-Reply-To: <e904238e-8eaf-4d60-9371-37053bd0c38a@aklaver.com>
Accept-Language: en-IN, en-GB, en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-reactions: allow
authentication-results: dkim=none (message not signed)
 header.d=none;dmarc=none action=none header.from=credots.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: DU2PR04MB8920:EE_
x-ms-office365-filtering-correlation-id: 3fcae146-a095-430d-8a18-08dd55c095d0
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam:
 BCL:0;ARA:13230040|376014|1800799024|10070799003|366016|8096899003|13003099007|7053199007|38070700018;
x-microsoft-antispam-message-info:
 =?us-ascii?Q?DJ1VGp655FiIdhJhG+XVuMdFZl+T5D9NnbJtmnHvLBzBL6U4Bdz1LwDvNbhX?=
 =?us-ascii?Q?YNt3VmzonXCOTZZnmxnDvqXLvtS8tnK/OftZTdxxwFopg6vbtxdV8m+nASYP?=
 =?us-ascii?Q?CunSMogfsWHui72ZEgPmj5g40CzyuGB2hgpHZPmVPIAKOdVvajDhlbsCeuyS?=
 =?us-ascii?Q?LnM1yJrt0GzF3VK5n9ti42qmNJGksukxr1Aj8DuxkCsgrvXx+HjmW07L/w86?=
 =?us-ascii?Q?QsdbP7P0Rac+W8ooCb/3GYtrXvgRby3bXNjH8Z8M8cySfJ88Zx5X7Zem/IJX?=
 =?us-ascii?Q?Y/vbh4gxEkEvtIUolBdRmSW0eSlcJ/TcVTsSSiqyv3zFTyTU8CazhTkgt4F0?=
 =?us-ascii?Q?WBbrBI7X49Co4SwuO5Cb418cmKK2SJlU1xYySNf7Yu/De/0PA10gYozGUBK8?=
 =?us-ascii?Q?T2stbxLZwWP3t0Arp/RiWplFPM8/R5rHmApMEvNH7YbUnvQ3yKfcI5omwWB2?=
 =?us-ascii?Q?CTIJa1qb+TUYEn4lN2AMgZx4sr0F1EtRWgL9XjWLBa7e6eItfpty8+ctO76L?=
 =?us-ascii?Q?lbj+2gt5kLr5pBZUgDrW8la224Q9j3ipNtwuXZSe6jh+MQ1+jstZTH1O8+Pf?=
 =?us-ascii?Q?Bvzn+4v6IKBshxee5G7z/7CYz58T5cWjvgkCHpjwlII/uKWqprK6427Y35l3?=
 =?us-ascii?Q?h+AJNsqzZ3P1Ej6WqIPRl2xE2r7ULkrWatpLDq09ul3MbMrUKBh2xFPbBR7c?=
 =?us-ascii?Q?5EQmY5yS4eB9GIjalCVxlo3ScxNFZncj1PbGamCx0TAgqdoi4+8r3Zl4Cz3C?=
 =?us-ascii?Q?3VkiiyK+vVkwLPgly/S3ceHQ+nnD6PcS5u2foLZ3JmOUZ27Wmt0RUgaWBvdV?=
 =?us-ascii?Q?ugSxUlmikNuiH69moRNXB62MqOtv2w5H3LpXBS68tPFne1tr10/Qj95ZvN/T?=
 =?us-ascii?Q?UPHnnsMTcb4PRuAwGyB+6kw7fXBeNKBZSCrSyS/oWz/YXenuuWWkwIaWe3/1?=
 =?us-ascii?Q?ZCrGawh0S3q2QjpMNeMm6KR30a7AnSSVgWyUUrKtSfIE6RYn3Zw1HV+o1LEh?=
 =?us-ascii?Q?rLWBdmWgTjos28sbRaecmkVyo7x/nywnYEK+FBhPamKwBiRvrG+aW5wFc59d?=
 =?us-ascii?Q?J9bJt8IKtGc+0Vq3mJayxuFRPQO0ilSFyEIrDIO6gIhZ8MLmuV1BhvIfPmw5?=
 =?us-ascii?Q?kEW0i0R/NQ7u0PxPxbcpmydhf96If5SG0LTIgsd8ti1mokx8eB46UwdGEj92?=
 =?us-ascii?Q?t/jhNi8YS2mQ/O/cB5sDZcRj8mkw1bBhq1xyAHn3XnPeGAai8q4Vtr3y/zQf?=
 =?us-ascii?Q?RY/XBLbnZBRyuyg6Q/W7XCbHjOXxpJ4wZSy4to5kZuCjL6MYy5ZJQrlej0Y/?=
 =?us-ascii?Q?ADZ0txM51AOagrXIPbNBz30K6uVf0Ep0EpWPJuue0Gx9TuJssXiaqdPiJulu?=
 =?us-ascii?Q?5w0+VFzXgZTQkQPW5vL3oMhEWehypazh694MrEQSGViMK6DfiuI1454gxqks?=
 =?us-ascii?Q?gJaCO1yNeZYvxlsyU+ws9USxmK7ySi8k?=
x-forefront-antispam-report:
 CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DU2PR04MB8920.eurprd04.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(376014)(1800799024)(10070799003)(366016)(8096899003)(13003099007)(7053199007)(38070700018);DIR:OUT;SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0:
 =?us-ascii?Q?X/185aH6eGpUBjJRBWu9OXXdNjzBrIfrmO/9Bab8c5xo26wWdUd3YzpQe+LU?=
 =?us-ascii?Q?lKh9g4wMOz2BRNHv1Hx7dkALFIx/EjmAPUhPNmkBlmVaa7HnbsK1YhqgyRV1?=
 =?us-ascii?Q?uNXdtG8igv24T+wMA04zIwn9iro5D5xZJkwMHUMfoyzE2ZseU+Uqe63aTvCi?=
 =?us-ascii?Q?mYZhywfv4NT7sLGl7Bm7RAm/Hq1+Jv8FyqBaSiFMkI1pDqoGAHs0tVG4/mGj?=
 =?us-ascii?Q?jFv6eRnDuQTqi/E35Ci0RJG7kZZoFPP0yoZoteDs94WPUs0jX8+7r5hokh+L?=
 =?us-ascii?Q?lXvZt0YyD4lJYiOpZ0g4F0O6eNsgqFW0wHaZH+rYYun+5exxPnAh1QMhF/Lk?=
 =?us-ascii?Q?e68nLrjncwM7++gslwRu9M4UWG27o5b15DE5RqzKnm4B5AzBcSbjPVjFFX4f?=
 =?us-ascii?Q?DQiU7vG0l1fnKoqtNhHau3ZfPvfk3Y2J275joLXovQOCNsJqLLxabx4RSnN+?=
 =?us-ascii?Q?tWnFb/Nl+XFadbO0b8iwLon9WGRU8YDLuizSAFxcmLX6wC/fi/ANSkYdFflP?=
 =?us-ascii?Q?dOebCjoepuwT20yMzWd1ZTcSYAwAUW8YXiSMjhNNGHqKJxPyXpXG+iB+afaq?=
 =?us-ascii?Q?0BYX73cX6jrAmQlB7GGM2jvPQoxEU1ilBXQ2SzCxOZgvdiNwhfIsRFgMIQUb?=
 =?us-ascii?Q?y6Pj0xHw9mkIFJc3BA8vW+7Mx5FCH9AN7w1UnrHy4kGCnGgqI87dQrJ/cvky?=
 =?us-ascii?Q?lH6fOTA3ZrA1v04mE2GBUmiJmurMP2xLpmV+5fTj9z6RJuqdPNDMsRTdU/f4?=
 =?us-ascii?Q?VZz6+QlFRZQsKaonbilr/b04bObTtHLPyooMbKhR308Gmh/p9vVmTFlfsSKS?=
 =?us-ascii?Q?V/rzUMuzm6MYRqw1dlu5AUF6VbB39+YNa44z6jOkmPZwhJgQ/vT09yKACCRw?=
 =?us-ascii?Q?O+pbv+U9R0ljx35RJOtmK0g7wmjlOcAZm10Zw8lP6LmeY2HWPC9uuUEyNqKe?=
 =?us-ascii?Q?qJfbNCUQ5/EwayVhUMfls9r1yDs5GtJ4QEIPbCa8rTirABVCA1M9ROC8lVkz?=
 =?us-ascii?Q?AslV1MZ+AtTjkgMKucISry5axJDskQprB8lW0f/hfWEa7tBwo9lagYexQmKS?=
 =?us-ascii?Q?UCyoN21u28ieFm9RuUJdvW3xblWr8kCQyOuap9TUuN45jefgjhwst9oIGgn1?=
 =?us-ascii?Q?4ai/dgfy7LW0RQ2Wmg2+hVcwNON205/fHGbM3Iu+SZoVE3EmzmeafY7VPLAX?=
 =?us-ascii?Q?DjEjjWokgnUDjTM5s388JjzNarI0+XWtyZ08scBprcdxp21Ba3TGDUS9JnDR?=
 =?us-ascii?Q?MKKQYq3X1+thoVXFaOUADHdixkaP+pk4O+2tGnUZ68EWrHWIQHthhH3FuNRc?=
 =?us-ascii?Q?WDskBXxYFkQKb/7Bvx0PpyHRRJZnxCZXOKA/S2Rq0YyMRyAwoI/yuG22Ku9n?=
 =?us-ascii?Q?zH0MmHSMqug/Z+hK/9T05WPmQ4zch3vK+lSQsmvaL1aPXnmcYc7mu3yxKeiN?=
 =?us-ascii?Q?rtxmQKYNtPl1t1xmdYQcYGs1rN7Wzem9E7vz4wLpSOO8oPppDiu7Depevmsj?=
 =?us-ascii?Q?jE0qqMUqYJXRdibhsLs6PlnEwVo3Ly/sapeOfnOSzPkr/YOy0wwBjp5eW2Qm?=
 =?us-ascii?Q?ISJB76RQPPXv/G9mCWsWqpM829/jCVD2rE/6ymecki7mIqYGZmGbWRiuLNw4?=
 =?us-ascii?Q?ysT4Oh/y9hltLZC+5MltKC2ILAdwoKujzFSMLwJgny64xRi7gi94FuuEzG+U?=
 =?us-ascii?Q?wyyZ0Q=3D=3D?=
Content-Type: multipart/alternative;
	boundary="_000_DU2PR04MB89205D060A11DC35CD7C29DCEBC32DU2PR04MB8920eurp_"
MIME-Version: 1.0
X-OriginatorOrg: credots.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: DU2PR04MB8920.eurprd04.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 3fcae146-a095-430d-8a18-08dd55c095d0
X-MS-Exchange-CrossTenant-originalarrivaltime: 25 Feb 2025 17:19:39.1853
 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 09c33f4e-3945-4c36-896d-35ec9632e7a1
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: ioSiYXTHXvxSrfBDbF4C58AzoBGwfdY5QuqpqqVYIKE768/6EpJPWyIpX43z3jeb71Te22wEtrYVTyEo8pdNSw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DU2PR04MB8920
List-Id: <pgsql-general.lists.postgresql.org>
List-Help: <https://lists.postgresql.org/manage/>
List-Subscribe: <https://lists.postgresql.org/manage/>
List-Post: <mailto:pgsql-general@lists.postgresql.org>
List-Owner: <mailto:pgsql-general-owner@lists.postgresql.org>
List-Archive: <https://www.postgresql.org/list/pgsql-general>
Archived-At: <https://www.postgresql.org/message-id/DU2PR04MB89205D060A11DC35CD7C29DCEBC32%40DU2PR04MB8920.eurprd04.prod.outlook.com>
Precedence: bulk

--_000_DU2PR04MB89205D060A11DC35CD7C29DCEBC32DU2PR04MB8920eurp_
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

Hi Adrian,

I did receive an empty email body.
Kindly resend if you shared any information.

Thank you!
________________________________
From: Adrian Klaver <adrian.klaver@aklaver.com>
Sent: Tuesday, February 25, 2025 8:41:54 PM
To: Sakshi Behl <sakshi.behl@credots.com>; pgsql-general@postgresql.org <pg=
sql-general@postgresql.org>
Subject: Re: PgSQL - SIEM Integration

On 2/24/25 22:51, Sakshi Behl wrote:
> Hi Team,
>
> We are in the process of integrating pgSQL with our SIEM and would
> appreciate your expert guidance on this matter.
> Kindly refer to the attached document outlining the events of interest
> and provide your input based on the relevant postgreSQL log entries.

https://www.postgresql.org/docs/current/event-trigger-definition.html

>
> Looking forward to hearing from you.
>
> Thanks

--
Adrian Klaver
adrian.klaver@aklaver.com


--_000_DU2PR04MB89205D060A11DC35CD7C29DCEBC32DU2PR04MB8920eurp_
Content-Type: text/html; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

<html>
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dus-ascii"=
>
</head>
<body>
<div dir=3D"ltr">
<div dir=3D"ltr">Hi Adrian,&nbsp;</div>
<div dir=3D"ltr"><br>
</div>
<div dir=3D"ltr">I did receive an empty email body.&nbsp;</div>
<div dir=3D"ltr">Kindly resend if you shared any information.&nbsp;</div>
<div dir=3D"ltr"><br>
</div>
<div dir=3D"ltr">Thank you!&nbsp;</div>
<div id=3D"ms-outlook-mobile-signature" dir=3D"ltr"></div>
</div>
<hr style=3D"display:inline-block;width:98%" tabindex=3D"-1">
<div id=3D"divRplyFwdMsg" dir=3D"ltr"><font face=3D"Calibri, sans-serif" st=
yle=3D"font-size:11pt" color=3D"#000000"><b>From:</b> Adrian Klaver &lt;adr=
ian.klaver@aklaver.com&gt;<br>
<b>Sent:</b> Tuesday, February 25, 2025 8:41:54 PM<br>
<b>To:</b> Sakshi Behl &lt;sakshi.behl@credots.com&gt;; pgsql-general@postg=
resql.org &lt;pgsql-general@postgresql.org&gt;<br>
<b>Subject:</b> Re: PgSQL - SIEM Integration</font>
<div>&nbsp;</div>
</div>
<div class=3D"BodyFragment"><font size=3D"2"><span style=3D"font-size:11pt;=
">
<div class=3D"PlainText">On 2/24/25 22:51, Sakshi Behl wrote:<br>
&gt; Hi Team,<br>
&gt; <br>
&gt; We are in the process of integrating pgSQL with our SIEM and would <br=
>
&gt; appreciate your expert guidance on this matter.<br>
&gt; Kindly refer to the attached document outlining the events of interest=
 <br>
&gt; and provide your input based on the relevant postgreSQL log entries.<b=
r>
<br>
<a href=3D"https://www.postgresql.org/docs/current/event-trigger-definition=
.html">https://www.postgresql.org/docs/current/event-trigger-definition.htm=
l</a><br>
<br>
&gt; <br>
&gt; Looking forward to hearing from you.<br>
&gt; <br>
&gt; Thanks<br>
<br>
-- <br>
Adrian Klaver<br>
adrian.klaver@aklaver.com<br>
<br>
</div>
</span></font></div>
</body>
</html>

--_000_DU2PR04MB89205D060A11DC35CD7C29DCEBC32DU2PR04MB8920eurp_--