-
Notifications
You must be signed in to change notification settings - Fork 3.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
release-23.1: pgwire: log session start and end unconditionally #124375
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This already gets logged in the processCommands function, right before the server enters the main command processing loop. Release note: None
Previously, the entire info text would be redacted, which made debugging harder. This improves it so we use the built in redaction facilities in order to get more detail. Release note: None
Release note (ops change): The client_authentication_ok and client_session_end messages are now logged to the SESSIONS log channel unconditionally. Previously, these would only be logged if the server.auth_log.sql_sessions.enabled cluster setting was changed to true. All other SESSIONS log messages are still only logged if server.auth_log.sql_sessions.enabled or server.auth_log.sql_connections.enabled are set to true. If you do not want to see client_authentication_ok or client_session_end messages, then the SESSIONS log channel can be disabled entirely.
Thanks for opening a backport. Please check the backport criteria before merging:
If your backport adds new functionality, please ensure that the following additional criteria are satisfied:
Also, please add a brief release justification to the body of your PR to justify this |
blathers-crl
bot
added
the
backport
Label PR's that are backports to older release branches
label
May 17, 2024
It looks like your PR touches production code but doesn't add or edit any test code. Did you consider adding tests to your PR? 🦉 Hoot! I am a Blathers, a bot for CockroachDB. My owner is dev-inf. |
souravcrl
approved these changes
May 18, 2024
mgartner
approved these changes
May 20, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Backport 3/3 commits from #124254.
/cc @cockroachdb/release
Release justification: high value logging change
pgwire: remove redundant log for JWT auth
This already gets logged in the processCommands function, right before
the server enters the main command processing loop.
pgwire: log auth info message as redactable string
Previously, the entire info text would be redacted, which made
debugging harder. This improves it so we use the built in
redaction facilities in order to get more detail.
pgwire: log session start and end unconditionally
Release note (ops change): The client_authentication_ok and
client_session_end messages are now logged to the SESSIONS log channel
unconditionally. Previously, these would only be logged if the
server.auth_log.sql_sessions.enabled cluster setting was changed to
true. All other SESSIONS log messages are still only logged if
server.auth_log.sql_sessions.enabled or
server.auth_log.sql_connections.enabled are set to true.
If you do not want to see client_authentication_ok or client_session_end
messages, then the SESSIONS log channel can be disabled entirely.
fixes #122684