Docs: Log access and retention for GitLab.com

Problem to solve

We often get questions about log access and retention both internally and externally.

Further details

From Slack thread (internal):

see also https://gitlab.com/gitlab-com/gl-infra/infrastructure/issues/6666#note_215951175

The “official” position right now is https://about.gitlab.com/handbook/people-group/code-of-conduct/#record-retention-policy, which links back to the spreadsheet above. Our security controls state 1 year cold 90 hot, referring back to the retention policy above in the handbook: https://about.gitlab.com/handbook/engineering/security/guidance/SYS.1.08_enterprise_protection_logging.html

Log access (Kibana):

ksmith 1 hour ago It's 7 days for some logs, 3 days for others. Not sure if that's changed with the new elastic cluster but the volume is too big to keep 7 days for everything.

ksmith 1 hour ago haproxy logs aren't available via kibana at all due to size.

in general per our workflow in https://about.gitlab.com/handbook/support/workflows/log_requests.html we wouldn’t provide logs in most cases.

Proposal

We should document this, probably in https://docs.gitlab.com/ee/user/gitlab_com/

distinguishing between what is available in Kibana (ready access, used for support troubleshooting) vs. retention for compliance with links to the relevant sections in the handbook

Who can address the issue

• infra should confirm what's available in kibana