Monitoring and Logging
Current State
- The identity service configures structured JSON logging with request identifiers.
- Chat moderation activity is persisted through audit records.
- The current documentation expects health checks and operational review of moderator access, legal-hold changes, and archive-expiry jobs.
Production Monitoring Targets
| Area | Recommended signal |
|---|---|
| Authentication | Login failures, token failures, refresh-token anomalies |
| Invite flow | Invite creation/redeem failures, expired-token rates |
| Gameplay | WebSocket connection health, reconnect rates, turn-processing failures |
| Chat | Delivery/read receipt lag, moderation review counts, archive-expiry job outcomes |
| Infrastructure | Container health, database saturation, Redis availability, backup success |
Logging Expectations
- Use structured logs with request IDs.
- Redact sensitive message content and credentials.
- Preserve privileged-access audit trails separately from routine application logs.
- Keep legal-hold and moderator-review events queryable for compliance review.
Current Gap
The repository documents the observability direction, but production dashboards, alert policies, and hosted logging infrastructure still remain to be implemented before launch.