Introduction¶

This policy explains how Acquia manages and shares historical logs to ensure the security of customer data while supporting necessary technical and security activities. The policy also highlights how our Log Forwarding service can empower customers to independently access relevant logs.

Intended audience¶

This policy applies to all Acquia customers and individuals involved in managing or accessing logs on the Acquia platform.

Policy details¶

1. Log access¶

   • Restricted access: Historical logs are primarily accessed by authorized Acquia personnel for analysis and security purposes.
   • Customer requests: Logs are shared with customers only when they are necessary for resolving critical issues or investigating specific potential security incidents.

2. Self-service options¶

   • Log Forwarding service: Acquia recommends that customers use the Log Forwarding service to independently monitor and access their logs. The Log Forwarding service reduces the need for manual requests and provides a more efficient self-service experience.
   • Direct Access options: Acquia offers tools that enable customers to directly access certain logs through Acquia Cloud UI, Acquia Cloud API, or Acquia CLI, enhancing customers' capability to perform internal analyses and troubleshooting.

3. Log access conditions¶

   • Technical troubleshooting: Logs can be shared with customers when they are necessary for resolving significant technical issues that require historical data not available through self-service options.
   • Security investigations: Access to logs is granted to customers to help them investigate specific potential security incidents to ensure the safety and integrity of their environment.
   • Traffic and usage analysis: Logs shall not be shared for traffic analysis or for examining views and visits to check subscription usage. For such purposes, customers must download the available logs themselves.

4. Guidelines for processing log process requests¶

   Acquia Support adheres to the following guidelines to provide access to logs that are not available through self-service:

   • Review of log requests: All historical log requests are reviewed by a member of the Support Leadership team to ensure they meet our criteria and comply with this policy.
   • Record keeping: Acquia Support maintains records of all log access, detailing the reason for access, the personnel involved, and the outcomes.
   • Clear communication: Acquia Support is committed to clearly explain this policy and the benefits of our Log Forwarding service to all customers.

5. Policy exceptions¶

   • This policy typically does not allow exceptions. However, senior Acquia management may approve exceptions to this policy under rare or special circumstances.

6. Compliance¶

   • Adherence to this policy is important for maintaining security and trust. Acquia Support conducts regular audits to ensure compliance with this policy.

Contact information¶

For questions or further details about this policy, contact Acquia Support at [email protected].