Three flexible collection methods — pgAudit integration, WAL-embedded pg_secure_gather, and cloud API connectors — ensure complete audit coverage regardless of how and where your PostgreSQL databases run.
Scalefield Secure supports three distinct methods for capturing PostgreSQL audit data — each designed for different deployment scenarios, security requirements, and infrastructure constraints. All three produce the same tamper-proof, Parquet-archived compliance trail.
pgAudit is the standard PostgreSQL auditing extension, widely adopted and available in virtually every PostgreSQL distribution. Scalefield Secure integrates directly with pgAudit to collect its structured audit output — capturing SQL statements, object access, role changes, and DDL events.
This is the fastest path to compliance for teams already using pgAudit or running managed PostgreSQL services where kernel-level access is not available. Scalefield collects pgAudit output, transforms it into compressed Parquet format, and feeds it into the same centralized compliance pipeline used by all other collection methods.
pg_secure_gather is Scalefield Secure's highest-security collection method. Audit data is embedded directly into the PostgreSQL Write-Ahead Log using a custom output plugin. The WAL's built-in CRC checksums make any modification immediately detectable, creating a forensically sound audit trail by design.
Database administrators have no mechanism to view, alter, or delete the collected data — it flows through a separate shared memory ring buffer pipeline entirely outside normal database operations. This is the gold standard for environments where segregation of duties is a regulatory requirement.
For databases running on managed cloud services, Scalefield Secure connects directly to cloud provider APIs to fetch audit data. This approach works with environments where you have no access to the database kernel or filesystem — the collector pulls audit records through the cloud provider's native interfaces and feeds them into the Scalefield compliance pipeline.
Cloud API integration brings managed database instances into the same unified compliance view as your self-managed databases, ensuring consistent audit coverage across hybrid and multi-cloud environments.
Best for: quick evaluation, managed cloud databases, teams already using pgAudit. Works everywhere pgAudit is available, including RDS, Cloud SQL, and Azure. Fastest path to first compliance data.
Best for: maximum security, regulated environments requiring segregation of duties, self-managed PostgreSQL and CYBERTEC PGEE. Provides tamper-proof WAL-embedded collection with zero admin access to audit data.
Best for: fully managed cloud databases where no kernel access is available, hybrid environments mixing on-premise and cloud instances. Brings managed services into the same compliance pipeline.
Request a demo to see how Scalefield Secure's tamper-proof audit trail protects your compliance data.