Cross-cluster Traffic Auditing
We understand that enterprise customers have strict data and log retention policies. Clients’ sensitive content is always stored within the private cloud and is retained as long as customers want the data to be available for their users. Clients can delete documents at will without any restriction. Log files and traces are retained for 30 days within the platform and after that will be deleted. Customers can retain the logs for longer periods by streaming the log’s files to any of their log management systems. We offer connectors to certain popular observability platforms. Please reach out to us for your unique needs. We also offer pre-canned monitoring dashboards for system performance and health. For customers who are using federated search to consume AlphaSense licensed content, we require customers to report readership and usage analytics. This data is streamed out of the system through the secured mTLS connectivity covered in the above Federated Search section. Customers can audit the connectivity through the envoy proxies. Customers can add cloud vendor-provided Intrusion Detection or Intrusion Prevention systems (IDS/IPS) to enhance the security protection in depth.
We sign a short live certificate for the proxy to establish mTLS connection with AlphaSense Enterprise Gateway. The certificate will be renewed and rotated with license heartbeat check. f the license is still valid, certificate will be renewed automatically.
Only outbound connections are initiated from the environment to AlphaSense Enterprise Gateway. All
connection to AlphaSense Enterprise Gateway will be forwarded by the egress envoy proxy to. The
proxy connectivity logs (including http request body) are visible under proxy pods in mothership
namespace.
kubectl -n mothership logs -f --prefix -lapp=proxy