Skip to main content

Audit & Logging

Breeze produces several layers of logs and audit records to support tenant administrators, security monitoring, and post-incident investigation.

Tenant audit events

Every state-changing operation — creating, updating, or deleting tenants, users, credentials, templates, and related objects — is recorded as a structured audit event. Each event captures:

  • What changed — the type of action and the affected object.
  • Before / after — the relevant fields prior to and after the change.
  • Who — the authenticated user identifier.
  • Where from — source IP address and session identifier.
  • When — server-side timestamp.
  • Request context — relevant request metadata (where useful for support).

Audit events are stored alongside the tenant's primary data and are retained on the same lifecycle.

Redaction of sensitive fields in audit events. When a credential or other record contains fields the tenant has marked as sensitive (see Data protection › Sensitive data fields), those values are redacted before the audit event is written. The audit log records that the field changed, but never the protected value itself. This means audit-log exports and bulk audit-log access do not re-expose data that the sensitive-field control was put in place to protect.

Application and error logging

The backend produces structured application logs that include:

  • HTTP request/response metadata (method, route, status, latency).
  • Background job and workflow lifecycle events.
  • Warnings and errors raised during request handling.

Unhandled exceptions and unexpected errors are forwarded to Sentry, which provides aggregated monitoring, alerting, and stack-trace inspection. Email addresses and other directly-identifying values are masked or omitted from Sentry payloads.

Authentication and security events

Security-relevant events are recorded in addition to the general audit stream:

  • Failed login attempts — captured for rate-limiting and incident detection.
  • MFA challenge issuance and validation — recorded with timing and outcome.
  • Token issuance and revocation — login and logout events.
  • Permission denials — captured when an authenticated user attempts an operation outside their authorized scope.

Database-layer audit

The MongoDB Atlas cluster has database-layer audit logging enabled. This is independent of the application audit log and captures connection, authentication, and administrative activity at the database tier.

Personal data in audit logs

Audit events include source IP address and session identifiers. Under the EU General Data Protection Regulation (GDPR) and the Norwegian personopplysningsloven, IP addresses are personal data.

Breeze processes this data only for the purposes of security, audit, abuse detection, and incident investigation, on the lawful basis of legitimate interests under GDPR Article 6(1)(f). This processing is expressly recognised as a legitimate interest in Recital 49 of the GDPR, which covers processing necessary to ensure network and information security.

Audit-log personal data is:

  • Not used for analytics, marketing, profiling, or any purpose unrelated to security.
  • Subject to the same access controls as the rest of the tenant's data, with access restricted to the tenant's authorized administrators and to Sotera personnel acting on documented operational or incident-response purposes.
  • Subject to data subject rights, including the right of access. The right to erasure is balanced against Sotera's and the customer's legitimate interest in maintaining a security audit trail; erasure requests are evaluated on a case-by-case basis as required by GDPR Article 17.

Log retention and access

  • Tenant audit events — retained alongside tenant data; not pruned automatically.
  • Application logs — short-term, retained for operational troubleshooting.
  • Sentry error data — retained per the Sentry retention policy on Sotera's plan.
  • Atlas audit logs — retained per the Atlas backup retention configuration.

Customer access to audit data is provided through the Breeze admin UI. Bulk exports or extended retention for specific compliance requirements can be arranged on request through your account contact.