Logs FAQ
Common questions related to GRAX application logs
Can I Save GRAX App Logs?
GRAX forwards app logs to a central GRAX service to help with automatic monitoring and customer support. GRAX retains these logs indefinitely. For more details see here here.
However, in self-managed GRAX deployments, you are in control of the configuration of your GRAX application servers, and can configure them to forward logs to your own external storage systems.
How to do this depends on how your server is configured to run GRAX, as well as what log storage system you use. If you are using the standard GRAX AWS templates, GRAX logs go through:
- systemd journal
- rsyslog
/var/log/grax.log- AWS CloudWatch
Consult with your cloud team and logging service provider on how to configure the server to forwarding from one of these subsystems.
Can I Use GRAX App Logs for Auditing?
In self-managed GRAX deployments, after you forward logs to your own logging service, you also are in control of how these are used, and can use them for auditing, monitoring and alerting.
While the format of application logs is subject to change, every API call is logged and includes:
- HTTP method, path, and status
- Remote address and user agent
- Salesforce Org ID and User ID of the caller
Here is an example log for when the user with ID 0054o000002Yz6lAAC updated storage settings:
{"keys":{"jwtAuth":"sfid_00D770000008i1kEAA_0054o000002Yz6lAAC","method":"PUT","path":"/api/v1/secrets/StorageSecret","remoteAddr":"[2600:1700:9da3:c850:3c02:8217:4d9f:2507]:52529","route":"/api/v1/secrets/:id","status":200,"userAgent":"Mozilla/5.0"}}
Updated 9 days ago