Audit Logs
Audit logs provide a complete audit trail of all changes made to your organization's resources, ensuring compliance, security, and accountability.
Deployment Logs
Deployment logs provide detailed visibility into the deployment process, helping you track progress, identify issues, and debug deployment failures.
Runtime Logs
Runtime logs from the project compute provide real-time visibility into your project's execution, helping you understand the project behavior, monitor performance and debug issues. These logs capture your project's output to process.stdout/stderr, console.log events as well as incoming requests.
To access runtime logs through the OwnStak Console:
- Navigate to your organization and project
- Select the environment you want to monitor
- Go to the "Runtime Logs" section
- Choose between "Events" and "Requests" views
Live Logs
The live logs feature provides real-time monitoring of your application's runtime behavior, allowing you to see incoming requests and troubleshoot issues as they happen.
Log Views
Events - The Events view gives you insight into all outputs from stdout/stderr and console.log events made by your project.
- Every
console.log/info/debug/warn/errorcall made by your project creates a separate log entry based on the configured log level. - Every new line written to
process.stdout/stderrcreates a separate logINFO/ERRORentry based on the configured log level.
Requests - The Requests view gives you insight into incoming HTTP/s requests to your application compute.
- Incoming requests and outgoing responses are captured only with
DEBUGorINFOlog level. - Every incoming request represents a separate log entry. The request tracking feature allows you to trace all other events that happened within the request context as well as the outgoing response for debugging purposes.
Request Details Include:
- Request ID for tracing
- Request method (e.g.,
GET,POST,PUT,PATCH,DELETE,OPTIONS) - Request URL (protocol, host, path, query)
- Request headers (captured only with
DEBUGlog level) - Response status code
- Client remote IPv4/IPv6 address
Response Details Include:
- Request ID for tracing
- Response status code
- Response duration (measured as execution time of your application inside compute)
- Response headers (captured only with
DEBUGlog level)
Log Levels
The log level is configurable per project environment and controls how many runtime logs your application produces and what information is captured.
| Level | Use Case |
|---|---|
| DEBUG | Logs detailed diagnostic information for debugging. This log level should never be used for production environment. captures: console.debug calls, underlying upstream requests made by the fetch calls and upstream responses, incoming request and outgoing response from your project with header details |
| INFO | Normal operational mode. captures: console.log/info calls, process.stdout events, incoming requests and outgoing responses from your project with basic details |
| WARN | Logs potentially harmful situations, deprecated features or recoverable errors. Cost effective operational mode. captures: console.warn calls |
| ERROR | Logs exceptions, failed operations, critical issues that need your attention. captures: console.error calls, unhandled exceptions, process.stderr events |
Log Retention
The log retention period is configurable per project environment and controls how long the runtime logs are kept. The retention period can be between 1 day and 3,653 days (up to 10 years).
Log Redaction
OwnStak automatically removes environment variable secrets and other potentially sensitive information from all runtime logs and their metadata, regardless of the configured log level, to protect your data and minimize the risk of breaches. The values are replaced with the [OWNSTAK_REDACTED_xxx] placeholder.
This includes:
- Environment Variable Secrets: All environment variables marked as secret
- HTTP/s req/res Cookies: All cookie/set-cookie headers
- HTTP/s req/res Authorization headers: Common HTTP authorization headers
- Credit/Debit card numbers: Any string values that match the credit/debit card numbers format
- OwnStak doesn't know the type and context of logged data. Too aggressive redacting can make debugging difficult and have undesired side effects.
- It's highly recommended to apply additional sanitization logic in your project as close to the source as possible before calling console.log to make sure sensitive details such as full contact details including birthdates, phone numbers, emails, national/social/passport/driver license IDs, geolocation data, biometric data, session IDs, private keys/tokens, request/response bodies are never captured in the runtime logs.