Docs: Log access and retention for GitLab.com
Problem to solve
We often get questions about log access and retention both internally and externally.
Further details
From Slack thread (internal):
see also https://gitlab.com/gitlab-com/gl-infra/infrastructure/issues/6666#note_215951175
The “official” position right now is https://about.gitlab.com/handbook/people-group/code-of-conduct/#record-retention-policy, which links back to the spreadsheet above. Our security controls state 1 year cold 90 hot, referring back to the retention policy above in the handbook: https://about.gitlab.com/handbook/engineering/security/guidance/SYS.1.08_enterprise_protection_logging.html
Log access (Kibana):
ksmith 1 hour ago It's 7 days for some logs, 3 days for others. Not sure if that's changed with the new elastic cluster but the volume is too big to keep 7 days for everything.
ksmith 1 hour ago haproxy logs aren't available via kibana at all due to size.
in general per our workflow in https://about.gitlab.com/handbook/support/workflows/log_requests.html we wouldn’t provide logs in most cases.
Proposal
We should document this, probably in https://docs.gitlab.com/ee/user/gitlab_com/
distinguishing between what is available in Kibana (ready access, used for support troubleshooting) vs. retention for compliance with links to the relevant sections in the handbook
Who can address the issue
- infra should confirm what's available in kibana