Owner: Multibook, Inc. · Version 1.0 · Reviewed annually.
Logs acquired
| Log type | Source | Contents |
|---|---|---|
| Audit / activity log | Audit microservice (dedicated DB) | All user and admin actions, logins (success/fail) with IP + user-agent, privileged operations |
| Web access/error logs | nginx on each droplet | HTTP requests, status, client IP, user-agent |
| Application logs | Application containers | App-level events/errors |
| Edge security logs | Cloudflare | WAF events, rate-limit challenges, blocked requests |
| Server/auth logs | OS, Tailscale | SSH/auth, fail2ban, device access |
Retention periods
- Audit / activity log: 24 months (append-only, partitioned) — exceeds the ≥6-month requirement.
- nginx web access/error logs: ~12 months (logrotate
rotate 372, daily + compress, on all droplets). - Application (Docker) logs: operational/debug only — security and audit events are captured in the audit database — retained on a rolling basis via the Docker
json-filedriver’s size/file rotation. - Cloudflare edge logs: per plan retention; security events reviewable in the dashboard.
- Server/auth logs: OS default rotation, retained ≥3 months.
Integrity & attribution
The audit database is append-only — entries are not editable after write. Privileged operations are attributable to a named account; deployment actions are attributable via GitHub Actions logs.
Provision on request
Operation and security logs (or analysis results) are provided to the customer on legitimate request, subject to the Customer Data Access Policy.