Skip to content

Ensure all temporary files are logged

Description

Temporary files are created for sorts, hashes, and temporary query results when these operations exceed work_mem. A log entry is made for each temporary file when it is deleted. Setting log_temp_files to 0 causes all temporary file information to be logged, while positive values log only files whose size is greater than or equal to the specified number of kilobytes. A value of -1 disables temporary file information logging.

Unless directed otherwise by your organization's logging policy, you should set this to 0.

Rationale

If all temporary files are not logged, it may be more difficult to identify potential performance issues that may be either poor application coding or deliberate resource starvation attempts.

Applies To

  • Databases

Tags

This rule is applied when the following tags are present:

Tag With Value
secureclouddb/provider aws
secureclouddb/service rds
secureclouddb/engine postgres

Default Rule

const { checkServerSetting, checkRdsVersion, OK_SKIP_VERSION } = module

/**
 * @param {Object} databaseSettings - database settings object
 * @returns {boolean} true if the log_temp_files log level is set correctly
 */

function validate(databaseSettings, parameters = { log_temp_files : '0' }) {
    const supportedVersions = ['9.5']
    const supported = checkRdsVersion(databaseSettings, supportedVersions)
    if(!supported) {
        return OK_SKIP_VERSION
    }

    const settingName = 'log_temp_files'
    const expectedValue = parameters.log_temp_files
    const success = checkServerSetting(databaseSettings, settingName, expectedValue)
    return {
        success,
    }
}

// invoke
// TODO: add parameters
validate(databaseSettings);