Google Cloud SQL
      Back to home
      1. CNS Policies
      2. GCP Knowledge Base
      3. Google Cloud SQL

      PostgreSQL Undesired Error Logging Level

      Ensures that the log_min_error_statement flag is set to Error for all the PostgreSQL instances.

      Risk Level: Medium

      Description

      This plugin ensures that the log min error statement flag is set to Error for SQL instances of the PostgreSQL type. The log_min_error_statement flag is available in SQL instances for PostgreSQL databases. When this flag is enabled, it controls which SQL statements that cause errors are recorded in the logs. By default, this flag is set to error.

      About the Service

      Google Cloud SQL:

      Google Cloud SQL is a relational database for MySQL, PostgreSQL, and SQL Server that is fully managed. It automates database provisioning, storage capacity management, replication, and backups while lowering maintenance costs. It can be set up easily using the built-in migration tools and lets you scale your instances effortlessly. To know more about Cloud SQL, read here

      Impact

      Setting log_min_error to Error helps you log statements causing errors, log messages, fatal errors, or panics. This will automatically assist you in locating faults and resolving them in a much faster and easier manner. This improves the performance and efficiency of the SQL instances.

      Steps to Reproduce

      Using GCP Console-

      1. Log In to your GCP Console.
      2. From the top navigation bar, select the GCP project you want to investigate.
      3. From the navigation panel on the left side of the console, go to SQL. You can use this link here to navigate directly if you’re already logged in.
      4. Set Type to PostgreSQL in the Filter box to only see PostgreSQL database instances.
      5. Select the ID of the SQL instance you want to investigate from the list of instances available and click on the OVERVIEW tab to check the configuration settings of the selected instance.
      6. In the Database flags section under Configuration, check the configuration of log_min_error_statement. The current error logging level is not desirable if it is set to anything other than error or if the log min error statement flag is not set.
      7. Repeat steps 5 and 6 for all the SQL instances you want to investigate in the selected project.
      8. If you have multiple projects, repeat steps 2 to 7 for each project in your GCP Console. 

      Steps for Remediation

      Follow the steps to make the necessary changes to set the desired error logging level using the steps below.


      Using GCP Console-

      1. Log In to your GCP Console.
      2. From the top navigation bar, select the GCP project you want to investigate.
      3. From the navigation panel on the left side of the console, go to SQL. You can use this link here to navigate directly if you’re already logged in.
      4. Set Type to PostgreSQL in the Filter box to only see MySQL database instances.
      5. Select the ID of the SQL instance you want to reconfigure in the list of instances available. (In case you aren’t sure which SQL instance needs to be configured, follow the steps to reproduce listed above to determine which to choose.)
      6. Go to the OVERVIEW tab and click on the Edit button found on the top navigation bar.
      7. Under the Flags section, set the value of log_min_error_statement to error and click the SAVE button to save all the changes.
        Note: If you do not find the log_min_error_statement flag, click on the Add flag button, choose log_min_error_statement from the dropdown list provided and set the value to error and click on DONE.
      8. Repeat steps 5 to 7 for all the SQL instances you want to reconfigure in the selected project.
      9. If you have multiple projects, repeat steps 2 to 8 for each project in your GCP console.