This section contains information as to where relevant areas of logging can be located in the event of an audit.
The HMPPS Integration API doesn't store any data itself; Further to this, It is also not capable of creating or modifying the data it works with. The API is a single point of contact which will query upstream system's. It will then consolidate, standardised and pass the resulting data back to the requester.
Logs of each deployment can be located within the following areas:
A list of the changes made to project can be found through the history of commits and pull requests.
Build and deployment information. This is on a per-build basis.
Logs that contain access to various endpoints throughout our system can be located through Elasticsearch. Our interface to Elasticsearch is a tool called Kibana.
Logs contained within Elasticsearch will not contain any sensitive data. The logs will contain a request details as well as a timestamp as to when the record was accessed; This allows identification of the record. This information does not include any response data.
Elasticsearch logs have a retention period of 30 days. See the Application Log Collection and Storage section of the Cloud Platform documentation for more detail.
For further information on how to access our monitoring and alerting systems, please visit our Monitoring and Alerting page.