Trust Center / Logging & Monitoring
Logging & Monitoring
Workplace.io collects operational telemetry and security-relevant logs to support reliability, performance, and incident investigation. We minimize sensitive data in logs and avoid logging message content or credentials.
Last updated: December 16, 2025
At a glance
  • Operational monitoring: we track service health, job processing, and error rates to keep the platform stable.
  • Security visibility: we log key events needed for investigation and auditability.
  • Log hygiene: we minimize sensitive payload logging and avoid logging message content and credentials.
  • Incident support: logs and metrics support incident response and post-incident review.
What we log
Logging is designed to support troubleshooting, operational reliability, and investigation. Examples of logged information include service errors, integration sync status, background job execution status, and administrative actions.
  • Application events: request errors, performance signals, and service health indicators.
  • Background processing: job execution status and failures for asynchronous workflows.
  • Integration activity: connection events, sync state transitions, and ingestion processing counts.
  • Administrative actions: access-controlled changes such as role updates, integration connects/disconnects, and workspace archiving.
Message content and credentials
We avoid logging message bodies and OAuth credentials. Operational logs focus on status, counts, timing, and error diagnostics. Where external payloads are used (e.g., webhooks), payload logging is minimized and authenticated requests are validated.
Monitoring
We monitor the platform to detect operational issues and potential security events. Monitoring helps us identify elevated error rates, processing delays, and abnormal patterns that may indicate misuse or service degradation.
  • Availability: health checks and uptime monitoring for core services.
  • Performance: latency and throughput indicators, background queue depth, and processing delays.
  • Errors: alerting on error spikes and recurring failures.
  • Integration health: ingestion and sync monitoring to detect provider outages or permission failures.
Security-relevant events
We log security-relevant events to support investigation and response. These include authentication activity, administrative actions, integration authorization changes, and other events that affect access or data flow.
  • Authentication: sign-in activity and failures (at an appropriate level for investigation).
  • Authorization: role changes and privileged actions performed by workspace administrators.
  • Integration security: connect/disconnect events and OAuth state changes.
  • Webhook authentication: validation outcomes for authenticated webhook requests.
Retention and access
Log retention is managed to balance investigation needs with data minimization. Access to operational logs is restricted to authorized personnel and systems that require it for support, security review, and incident response.
  • Access restriction: least privilege access for operational and security staff.
  • Change control: controlled changes to monitoring and alerting configuration.
  • Minimization: sensitive data is avoided or redacted where appropriate.
Incident Response →
Need operational details?
If your team needs additional monitoring or logging information as part of due diligence, contact us and we’ll help.
Contact Trust & Security Back to Trust Center
Warning
This is a warning message
Cancel
Continue