# Logs, Audit Logs, and Backups ### Scope This page covers **platform logs**, **audit logs**, and **backup schedules**. For retention of **evaluation data and exports**, see [Evaluation Data Retention](/security/platform-controls/evaluation-data-retention.md). #### Authentication Logs * **Auth0 sign-on and failure logs**: Retained for 6 days * **Extended analytics**: Authentication events are forwarded to Segment.io with 180-day retention * **Monitoring**: Threshold-based monitoring runs via scheduled cron jobs * **Analysis**: Currently, no active real-time analysis is performed on authentication logs #### Audit Logging Every API request generates an audit log entry containing: * **JTI** (JWT Token ID) * **User ID** * **Token thumbprint** * **Token expiration time** * **Request timestamp** * **Resolver-level access logs** for data access operations This zero-trust transaction recording ensures complete traceability of all platform actions. #### Data Backup Schedule **PostgreSQL Database**: * Hourly backups with minimum 3-day retention * Encrypted and compressed backups stored behind firewall * Nightly off-site backups for disaster recovery * State tracking with built-in attribution and archiving **Redis Database**: * Replicated database with persistent storage * Designed for continuous availability * Persistent storage on backed-up volumes * Stores current state (not historical data) **Object Storage**: * Used for evaluation configurations, generated exports, cached calculations, and static assets * Buckets are private and not publicly accessible * Access is key-based and scoped per service (least privilege) * Encryption keys are held by application services, not stored in object storage * Sensitive buckets use additional encryption controls * Most objects are regenerable from the database (backups focus on databases) **Block Storage**: * Linode-managed with replication * Periodic snapshots for application data * Database data handled through PostgreSQL/Redis mechanisms above --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.taloflow.ai/security/platform-controls/logs-audit-logs-and-backups.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.