# Monitoring & Backup ## Logging and monitoring Rockhopper uses centralized logging and real-time monitoring across all systems: | System | Purpose | | ----------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------- | | **AWS CloudWatch** | Centralized application log aggregation, search, and analysis | | **AWS CloudWatch Metrics & Alarms** | Real-time monitoring of traffic, API response times, error rates, and database performance — with automatic alerting when thresholds are exceeded | | **AWS CloudTrail** | Security monitoring and audit logging of API activity across the AWS environment | | **Intrusion detection** | Continuous monitoring of network activity for anomalous behavior and early detection of potential security breaches, with automated alerting | | **Threat detection** | Automated analysis of cloud activity for malicious behavior, unauthorized access attempts, and compromised resources | | **Sentry** | Real-time error tracking and alerting for application exceptions | | **Anti-malware** | Deployed on applicable infrastructure, automatically updated, and configured for periodic scanning | All logs are retained according to AWS CloudWatch retention policies and are accessible only to authorized personnel. Logs never contain authentication tokens, credentials, or other restricted data. ## Incident response Rockhopper maintains a formal Incident Response Plan that defines procedures for detecting, responding to, and recovering from security events and incidents. The incident response plan is **tested annually** through tabletop exercises to validate readiness. Post-incident reviews are conducted after any significant operational issue to capture root causes and drive preventive improvements. ## Backup and recovery ### Version snapshots Spreadsheet version snapshots are stored in **Amazon S3** with highly durable storage classes, providing **99.999999999%** (11 nines) durability. Each committed version is an immutable snapshot that cannot be overwritten. ### Database backups | Protection layer | Details | | -------------------------- | ------------------------------------------------------------------------------------ | | **Daily snapshots** | Automated daily backups of all database clusters | | **Point-in-time recovery** | Continuous backup with the ability to restore to any second within the last 24 hours | | **High availability** | Production databases run in multi-AZ configurations with automatic failover | ### Backup retention All backups are stored in a secure remote location and retained for **60 days**. Backups are tested annually by the engineering team to verify they can be restored and meet defined recovery time requirements. ### Disaster recovery Rockhopper maintains a documented **Business Continuity and Disaster Recovery (BC/DR) Plan** that is tested annually through simulated service disruptions. Test results are documented and used to improve recovery procedures. In the event of a service disruption: * Database failover to a standby replica is automatic * Version snapshots in S3 are replicated across multiple availability zones * Application services can be redeployed from infrastructure-as-code definitions --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.rockhopper.co/security-and-compliance/monitoring-backup.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.