DIREKT Observability¶
Objectives¶
Detect user-facing failure, verification backlog, integration failure, abuse and data-integrity risk without leaking sensitive data.
Signals¶
Logs¶
Structured JSON with correlation ID, environment, service, safe entity reference, outcome and latency. Redact tokens, document content, exact private coordinates and allegations.
Metrics¶
- API request rate/error/latency;
- database pool/query;
- job queue age/failure;
- evidence processing;
- search success/latency;
- verification queue age/turnaround;
- notification delivery;
- payment/reconciliation;
- Android crash/ANR/startup;
- storage and backup.
Traces¶
Cross API, database and integration calls using sampling and safe attributes.
Audit¶
Separate immutable business/security audit for privileged actions.
Alerts¶
Alert on user impact and actionable thresholds:
- authentication outage;
- search failure;
- evidence access anomaly;
- overdue high-risk verification;
- webhook/reconciliation backlog;
- backup failure;
- crash/ANR regression;
- suspicious privileged activity.
Environment¶
No production personal data in lower environments. Production diagnostics require least privilege and access logging.
Correlation¶
Expose a safe support reference to users; map it to internal traces without exposing internal stack details.