Logging flow
The illustration below describes the flow in Frends Architecture when a Process is executed.
Here is a more detailed explanation of the image above:
A Frends Agent processes an integration and all the messages/data within. In real time, status messages are sent to the Agent Connectivity Queues or Azure Service Bus queues. The connectivity between the queue and the Agent is secured using SSL and authenticated via SAS tokens.
The Frends Web App listens to incoming logging messages from all the queues created within that Frends Tenant.
When an incoming logging message is received the message is first inserted into the Logging Database for monitoring purposes. The Database is Always Encrypted using AES 256.
(Optional) If chosen by the user in the Frends Control Panel, the logging data can be split between the database and an Azure Blob Storage. The Blob Storage is recommended to be used in heavy load scenarios with hundreds of gigabytes of logging data as the Blob Storage does not have performance bottlenecks in heavy load situations. Similar to the logging database, the data is Always Encrypted using AES 256. In this model the data is stored as encrypted, and GZIP’ed JSON data files are accessed by the Frends Web Application.
(Optional) If chosen by the customer the Logging Database can be deployed outside the Frends Azure Virtual Network as a standard SQL server. In this case the customer is responsible for the security of said database and the security of the data within the database.
The logging data is gathered by back-end server functionality within the Frends Web Application and exposed to the end user.
The end user accesses the data through the Azure WAF.
At all stages secure keys and certificates are stored in the Azure Key Vault and accessed by the Web Application when needed.
The next article is Example on Frends Environment and Agent Setup View