What pgaudit does
=================

1. Uses an ExecutorCheckPerms_hook to log DML commands.

2. Uses event triggers to support some DDL commands, depending on the
   server version and the availability of ddl_command_end triggers with
   pg_event_trigger_get_creation_commands().

3. Uses a ProcessUtility_hook to log DDL and utility commands that are
   not supported by event triggers or the object_access_hook.

4. Uses an object_access_hook to log function execution and, if event
   triggers are not available, also CREATE/ALTER commands.

5. Logs to the server log file with ereport().

What else pgaudit could do
==========================

1. Support logging to a separate log file and to a table.

2. Use a ClientAuthentication_hook to record login events.

3. Decode and log read/written column names in DML commands.

4. Use a logical decoding output plugin to also record column
   values in DML commands.

5. Use extensible reloptions (or a similar mechanism) to allow
   per-object auditing configuration.

6. Use pg_event_trigger_get_deletion_commands(), once it has been
   implemented, to provide deparsed DDL for DROP commands.