Postgres connection logging
For security monitoring and compliance audits, Postgres can log connection lifecycle events to your project's Postgres logs, including events such as connection received, connection authenticated, and connection authorized.
Default behavior#
By default, Supabase sets log_connections to off for new projects and you must enable it first. This behavior matches common managed Postgres defaults and reduces log volume from high-frequency connection events.
Existing projects may retain different settings depending on plan and compliance configuration:
- Team, Enterprise, and HIPAA organizations — Connection logging is typically enabled to support audit requirements.
- HIPAA projects — Supabase enables connection logging when a project is marked as high compliance. The Security Advisor warns if connection logging is later disabled.
Compliance considerations#
If you need connection audit evidence for SOC 2 or other compliance programs, you must enable it explicitly.
Connection logging supports audit and monitoring controls required by some compliance programs:
- HIPAA — High-compliance projects should keep connection logging enabled. See the shared responsibility model for healthcare data and HIPAA compliance guide.
- SOC 2 — Users who need connection audit evidence should enable logging and retain logs according to their own policies. See the SOC 2 compliance guide.
Disabling connection logging does not affect other Supabase logging (for example, Platform Audit Logs, Auth Audit Logs, or pgAudit).
Manage connection logging via the dashboard#
You can configure connection logging from the Log connections setting in the Database Settings section of the Dashboard.
Ensure that you have Owner or Admin permissions for the project.
Connection events appear in Postgres logs. In the Logs Explorer, connection lifecycle messages may be hidden by default to reduce noise. Use the connection logs filter in the sidebar to show or hide them.
Manage connection logging via the Management API#
You can also manage connection logging using the Management API:
1# Get your access token from https://supabase.com/dashboard/account/tokens2export SUPABASE_ACCESS_TOKEN="your-access-token"3export PROJECT_REF="your-project-ref"45# Get current Postgres config6curl -X GET "https://api.supabase.com/v1/projects/$PROJECT_REF/config/database/postgres" \7 -H "Authorization: Bearer $SUPABASE_ACCESS_TOKEN"89# Enable connection logging10curl -X PUT "https://api.supabase.com/v1/projects/$PROJECT_REF/config/database/postgres" \11 -H "Authorization: Bearer $SUPABASE_ACCESS_TOKEN" \12 -H "Content-Type: application/json" \13 -d '{14 "log_connections": true15 }'1617# Disable connection logging18curl -X PUT "https://api.supabase.com/v1/projects/$PROJECT_REF/config/database/postgres" \19 -H "Authorization: Bearer $SUPABASE_ACCESS_TOKEN" \20 -H "Content-Type: application/json" \21 -d '{22 "log_connections": false23 }'To verify the setting, use the SQL Editor:
1show log_connections;