SupportAbility Data Logs and Paid Investigations
SupportAbility stores detailed data access and change logs on all Staff activity as they use the system. Data logs are stored for 12 - 18 months.
It is important to note that, SupportAbility does not provide an interface that allows providers to query or report on these logs. As a result, any investigations that need to be conducted must be completed by our Engineering team, which is a highly manual and time-consuming process.
Therefore, investigations that require our Engineering team to query the data logs are limited to extenuating circumstances where a serious breach has occurred and often require paid support time in order to complete.
This article explains the nature of the data logs, what they were designed to achieve, and why investigations on those logs require paid support time.
Audience: Authorised Representatives, IT Specialist
The following list summarises the content within this article. Click on the links below to take you to the relevant sections:
- Why does SupportAbility store data change logs?
- Investigations - querying the data logs
Why does SupportAbility store data change logs?
SupportAbility's data logs were designed to address two key requirements:
- To provide an analytical tool for our Engineering team to investigate system behaviour and bugs,
- To provide historical detail in serious events, such as a court subpoena.
What data gets logged?
In light of these requirements, the data logs record immensely detailed technical event data for SupportAbility user sessions, including:
- The details of every page accessed and related user action,
- Every change to the SupportAbility installations underlying database, down to the field level.
Who has access to these logs?
Only the Senior Engineers and Chief Technology Officer (CTO) at SupportAbility can access and query the data logs; no one can edit these logs.
Only our CTO can delete the logs and does so once a notification is received that they are reaching capacity.
Investigations - querying the data logs
The data logs are low-level technical information designed specifically for software engineers performing quality assurance tasks or investigating bugs.
Performing investigations for providers using these data logs and querying them to generate reports is a very manual and time-consuming process. Each investigation requires our Engineering team to:
- Design custom queries to retrieve and filter the data required to answer the questions posed by the investigation
- Sift through the detailed results and perform analysis to answer the questions posed by the investigation
- Interpret the data and communicate the findings back to the provider
Other factors can also complicate and slow down investigations, as outlined below.
Due to the distinctly different nature of data associated with page access details and record updates, two separate databases are used with bespoke schemas.
This means that investigations usually involve querying both databases, merged in time sequence to provide accurate accounts of the events to see the actions of users and the database changes those actions triggered.
The granular nature of these data logs produces large databases that contain hundreds of millions of records and require terabytes of disk storage. For example, simply clicking the Save button on an Activity that has replications configured can trigger the creation of thousands of data logs as the data across many records gets updated.
Due to the immense scale of collected event log data, these log databases need to be rotated a few times a year. This rotation process involves archiving the current log databases once they reach a certain size limit and replacing them with new empty databases that store data from that point forward.
Thus investigations that require information across longer periods can take significantly longer because our Engineering team may need to query data from both current and archived event log databases.
If an organisation needs to query the data logs of your SupportAbility installation for any reason, investigation requests may be possible using paid support time. For more information regarding this, please see the Support Contract Pricing article for reference.
Most investigations take somewhere between 6 to 20 hours for our Engineering team to complete. Each investigation needs to be reviewed, accepted, quoted and approved before being scheduled by SupportAbility for completion based on availability.
In some cases, it can take our Engineering team over an hour to even scope the work required to complete the required investigation, therefore please be aware that this facility is reserved for serious cases requiring an audit.
We request that all investigation requests are sent via your organisation's Authorised Representatives to firstname.lastname@example.org