PostgreSQL Logs

Overview

Evidence: PostgreSQL Logs Description: Collect PostgreSQL Logs Category: Applications Platform: aix Short Name: pgrl Is Parsed: No Sent to Investigation Hub: Yes Collect File(s): Yes

Background

PostgreSQL database logs on macOS record database operations, queries, connections, authentication, and errors. Multiple PostgreSQL versions can coexist, and installation methods include system packages and Homebrew for different architectures.

Data Collected

This collector gathers structured data about postgresql logs.

Collection Method

This collector gathers PostgreSQL logs from system and Homebrew installations, supporting multiple PostgreSQL versions (postgresql, postgresql@14, etc.) across Intel and Apple Silicon architectures.

Forensic Value

PostgreSQL logs are essential for investigating database attacks, SQL injection, unauthorized access, data exfiltration, and privilege escalation. They provide detailed query logs, connection information, and authentication history.