At a glance
NEXT AI maintains multi-layer logging—application, infrastructure, and audit—backed by centralized alerting. Typical retention: application logs ≥ 30 days, infrastructure logs ≥ 365 days, and audit logs indefinitely for governance and investigations.
Why logging matters
Effective log collection, retention, and analysis are foundational to security operations, incident response, and compliance (see NIST guidance on building and assessing log management programs).
How l works
Application logging
Errors and operational events from the application are collected to support diagnosis and remediation.
Stored in AWS with a minimum retention of 30 days; alarms notify engineering on abnormal conditions.
Infrastructure logging
Resource and performance telemetry across the platform is logged to monitor health and capacity.
Retained for at least 365 days for trend analysis and operational forensics.
Audit logging
Governance- and compliance-oriented events (e.g., actions taken on AWS services) are captured to provide a durable audit trail, retained indefinitely.
Alerting & triage
AWS CloudTrail events can be streamed to CloudWatch Logs with metric filters and alarms for specific activities (e.g., sensitive API calls, console logins). This enables near-real-time alerting and automated notification/response.
Security posture monitoring
NEXT AI uses third-party compliance management platform Drata to watch for configuration drift and key identity events (e.g., new IdP accounts, permission changes), improving proactive detection of risky changes.
FAQ
Q: What does NEXT AI log?
Application errors/operations, infrastructure health and performance, and governance/audit events from underlying AWS services (via CloudTrail).
Q: How long are logs retained?
Application logs are retained for ≥ 30 days; infrastructure logs for ≥ 365 days; audit logs indefinitely.
Q: How are alerts generated from logs?
CloudTrail events can be routed to CloudWatch Logs with metric filters and alarms, enabling notifications and automated actions on specific patterns.
Q: Do you monitor for risky account or permission changes?
Yes. Security posture tooling (e.g., Drata) monitors for misconfigurations and identity changes like new IdP users or permission modifications.
Q: Where are logs stored and does region matter?
Logs are stored in AWS as part of NEXT AI’s platform operations. Data residency follows the hosting architecture; see Data Processing Location (Data Residency) for regional options and transfer safeguards.
Q: Can customers access raw platform logs?
Platform/infrastructure logs are used by NEXT AI for operations, security, and compliance. If you need event evidence for audits or investigations, contact NEXT AI support to coordinate a secure extract under your agreement.
Q: Which standards does your logging approach align with?
Our approach reflects recognized practices from NIST SP 800-92 (log management planning/operations).