Getting started

Getting started with CipherStash Audit

CipherStash Audit enables SQL statement and data access logging for PostgreSQL databases. This tutorial walks you through how to get started with Audit. You will:

  • Install the prerequisites
  • Enable audit logging for a PostgreSQL database
  • View audit logs in the CipherStash Console

At the end of the guide, you will have enabled audit logging for your PostgreSQL database and be able to view the logs in the CipherStash Console.

Installing prerequisites

This guide assumes you have a CipherStash account, CipherStash Proxy running, the CipherStash CLI, and a PostgreSQL database. If you haven't already, follow the Getting started with CipherStash Proxy guide, and/or create a CipherStash account by visiting https://console.cipherstash.com/.

PostgreSQL

CipherStash CLI

PostgreSQL Note

This guide assumes you have a PostgreSQL instance running locally on port 5432. If you want to use a hosted PostgreSQL service, we recommend using Supabase or AWS RDS.

Enabling audit logging

To enable audit logging, you need to configure the CipherStash Proxy to start collecting logs and sending them to the CipherStash API.

Step 1: Configure CipherStash Proxy

CipherStash Proxy can be configured using a configuration file or environment variables. Use the following settings:

1username = "username"
2password = "password"
3
4workspace_id = "workspace_id"
5client_access_key = "client_access_key"
6
7query_logging = true
8
9[audit]
10mode = audit
11
12[database]
13name = "database_name"
14username = "database_username"
15host = "localhost"
16port = 5432
17

Step 2: Restart CipherStash Proxy

After updating the configuration file, restart CipherStash Proxy to apply the changes. Depending on how you have the proxy running, you may need to restart the Docker container or the service.

Step 3: Verify the logs are being sent

To verify that the logs are being sent to the CipherStash API, you can check the logs in the CipherStash Console either under the Statement Logs or Data Access Logs sections.

Viewing audit logs

Once you have enabled audit logging, you can view the logs in the CipherStash Console!

If you have any feedback on what type of visualizations or aggregations you'd like to see, let us know by emailing our Director of Solutions Engineering, CJ Brewer.

Previous
CipherStash Proxy
Next
CipherStash Encrypt