Explore our platform and learn how it can help your application shine.
Learn about modern authentication techniques and best practices.
Learn about access management practices and technologies.
Learn to manage user accounts and access at scale.
Understand multi-tenancy, a foundation of shared computing.
Learn how to design and build successful SaaS applications.
Understand what is required to provide an enterprise-ready product.
Understand the uses and benefits of Attribute-Based Access Control.
Learn how Single Sign On (SSO) can improve security and UX.
Learn about OpenID Connect, an open authentication protocol.
Learn about SAML, a popular SSO protocol.
Learn about our history, our team, and our mission.
Following my previous blog post on Audit Logs for SaaS Enterprise Customers, I’ve received a bunch of questions on what’s the difference between Audit Logs and other types of Logs you would typically encounter while developing a SaaS application. SaaS log monitoring has come a long way in recent years.
These questions brought back memories from my days as R&D manager at a cyber solution product, with product management discussions we used to have. Back then, while planning a certain feature for a sprint cycle, I remember that we needed to decide where a certain log would go. The question that always arose was simple: ”Where does this log belong?” But with the VP R&D, VP Product and Solution Architect in the room, we had at least as many opinions.
In this blog I’ll use examples to explain the different SaaS log management options. But before we jump in, let’s briefly list the different types of logs we will encounter in almost any SaaS application.
This is probably the easiest one to grasp. TL;DR: log everything that happens on the backend of your SaaS application to a developer logs storage. Categorize by the level of importance (or severity), make sure you log the context — and that’s it. You should be all set.
In this type of logs we usually refer to any kind of business-related output your product produces for your customer’s administrators or end-users. Usually, the characteristics of this log type depend on the type of product you’re managing.
A Cloud Security Permission and Identity Management product might have events like:
An HR management product might have events like:
Learn first hand how easy it is to get your SaaS enterprise ready.
All of these are business-value events that your customers would love to know and be alerted about, since this is usually the core value they’re paying for.
As described in my previous blog post, you would usually log everything that might be interesting to your customer’s administrators in terms of traceability of system actions and administrative manners in your product.
Every SaaS application requires 3 types of logs: Developer Logs, Business Events, and Audit Logs. Accurately classifying your logs is important since each one of the log types has different characteristics for retention, scale, who uses them and for what reason, and privacy & compliance aspects.
Logging as a Service (LaaS) is the name of the game today. This upcoming IT model basically collects, records, and documents all application-related activity to eliminate the need for manual labor and be fully prepared for internal or compliance audits. This is extremely crucial for organizations looking to scale up fast.Frontegg provides a comprehensive LaaS solution for Audit Logs and Business event logging (coming soon), so your product can benefit from the highest level of scale, accurate retention, exporting to SIEM solutions, privacy, and compliance — all with a push of a button. Getting started was never easier.