Skip to main content

Privacera Documentation

Table of ContentsTable of Contents

Accessing PostgreSQL Audits in Azure

This topic describes how to access PostgreSQL audits in Azure database. This configuration serves both the PrivaceraCloud and the Platform.

Prerequisites
  • Make sure that you have PostgreSQL server up and running in your Azure account. For more information about Postgres server on Azure, see Azure database for PostgreSQL.

Create Log Analytics workspace

To enable resource logs using the Azure portal:

  1. Login to the Azure Portal and create a Log Analytics workspace. For more information, see Create a Log Analytics workspace.

    Note

    Provide a name for the new Log Analytics workspace, such as postgres-audits-workspace.

  2. In the Overview section of your Log Analytics workspace, copy the Workspace ID.

Create Azure AD application

Follow these steps to create an Azure AD application and obtain the required values.

  1. Create Azure AD Application with name, such as postgres-audits. For more information about creating Azure AD application, see Create an Azure Active Directory application registration in Azure Data Explorer.

  2. Setup authentication between your Azure AD application and Log Analytics Workspace. For more information, see Set up authentication.

At the end of this configuration, you will obtain the following values. These values will be required for configuring the Platform and PrivaceraCloud.

  • Application Tenant ID

  • Application Client ID

  • Application Client Secret

Enable access audits on PostgreSQL server

These steps describes how to configure Azure PostgreSQL Server to send audits to Log Analytics Workspace.

  1. Login to the Azure Portal and navigate to the Postgres Server that you have created.

  2. Go to Diagnostics settings, and click Add diagnostic setting.

  3. In the Diagnostics settings name text box, enter postgres-access-audits.

  4. In the Categories section, select the PostgreSQL Server Logs checkbox.

  5. In the Destination details section:

    1. Select the Send to log Analytics workspace checkbox.

    2. In the Log Analytics workspace dropdown, select your workspace i.e., postgres-audits-workspace.

    3. Click Save.

  6. You need to enable the access audits on Postgres Server. For more information, see Audit logging in Azure Database for PostgreSQL.

    Note

    In the Azure portal, when you set the pgaudit parameters, set the value of pgaudit.log to ALL instead of WRITE.

  7. For Audit Log Format, you need to set the log_line_prefix parameter value as:

    t=%m u=%u db=%d pid=[%p]:

Configure Access Audits Application Properties in Privacera Platform

Set the following properties in your vars.connector-postgres.yml folder:

CONNECTOR_POSTGRES_AUDIT_SOURCE: "azure_audit"
CONNECTOR_POSTGRES_AZURE_CLIENT_ID: "<PLEASE_CHANGE>"
CONNECTOR_POSTGRES_AZURE_TENANT_ID: "<PLEASE_CHANGE>"
CONNECTOR_POSTGRES_AZURE_CLIENT_SECRET_VALUE: "<PLEASE_CHANGE>"
CONNECTOR_POSTGRES_AZURE_WORKSPACE_ID: "<PLEASE_CHANGE>"

Configure Access Audits Application Properties in Privacera Cloud

Go to PrivaceraCloud Portal > PostgreSQL application and update the following properties for the PostgreSQL audit.Edit applications on PrivaceraCloud

Add the values in the following fields for access audit:

PrivaceraCloud field name

Value

Audit source for postgres

azure_audit

Client id to connect to azure for access audits

<Client ID>

Tenant id to connect to azure for access audits

<Tenant ID>

Client secret value to connect to azure for access audits

<Client Secret>

Workspace id to connect to azure for access audits

<Workspace ID>