Introduction
Logging is important for developers, system administrators and information security team members.
Log Aggregation
OrgChart logs are aggregated using Splunk SIEM (Security information and event management). Log aggregation allows for monitoring of all servers using a single system.
Log Monitoring
Logs are monitored by data center operations team. Errors, warnings, security alerts and performance issues are proactively detected in order to minimize (or eliminate) impact to customer.
- Logs are actively monitored from 6AM PST to 6PM PST Monday through Friday
- All critical events generate email notifications (24 X 7)
- There is always one or more data center operations team members monitoring for critical events (24 X 7)
- Data center operations is responsible reporting incidents (as defined in the Incident Management Procedure)
Log Contents
Logs shall contain enough information so that developers and customers can understand and remediate issues. Logs shall never contain confidential customer information.
Log Retention
Log retention guidelines are covered in the Security Overview article.
Revision 1.0.1 - last updated December 4, 2019