PostgreSQL database instance ‘log_disconnections’ database flag should be set to ‘on’

Description

The PostgreSQL database instance flag ‘log_disconnections’ causes session terminations to be logged. This data is useful for troubleshooting and identifying unusual activity. This flag and the ‘log_connections’ flag are typically used together.

Remediation Steps

Google Cloud Console

  • Navigate to Cloud SQL instances.

  • Click on the Cloud SQL PostgreSQL database instance name to go to the Overview page.

  • Click EDIT and scroll down to the Flags section.

  • Select ADD FLAG, choose the log_disconnections flag, and set the value to on.

  • Click DONE.

gcloud CLI

  • Set the log_disconnections database flag to on for each Cloud SQL PostgreSQL database instance:

    • gcloud sql instances patch INSTANCE_NAME --database-flags log_disconnections=on