Do you offer your customers audit logs?
Wondering what people are doing for audit logs.
I know a lot of people maintain them to some extent internally (for compliance or just as best practice).
But what about vending it to each customer (for a multi tenant SaaS), so they automatically have access to their specific logs.
I'm working on a solution in this space but curious to hear what people think.
I deal with analyzing logs of all kinds in large enterprise/corporate/government environments
System/application owners never lose access to their own logs ... but they also don't get to see "everyone else's" without proper RBACs in place
I know I can collect various introspective and monitoring data off cloud services I run - but only what they deign exportable (certainly not how the hypervisor of the physical box(es) running all my instances and services is currently doing, nor how my instance of a managed DB is working vs another customer's instance vs "all" instances etc)
If you want more-extensive logging, you need to be running the infra yourself