Document log-aggregation and SIEM integration guide for Fluxora structured logs

[Jagadeeshftw]

Description

src/config/logger.ts emits structured JSON logs throughout the application but there is no documentation describing the log schema, field inventory, or how to route logs to common aggregation platforms (Datadog, Elastic/ECS, Splunk, Loki). Platform engineers integrating Fluxora into their observability stack must reverse-engineer the log format from source code. A comprehensive log-integration guide must be written.

Requirements and context

• Document all top-level log fields (level, msg, timestamp, correlation_id, request_id, service, version) and their types
• Provide sample Logstash/Filebeat/Vector pipeline configs for ECS normalisation and Datadog ingestion
• Document PII scrubbing rules applied before log emission (fields masked in src/pii/)
• Must be secure, tested, and documented
• Should be efficient and easy to review

Suggested execution

Fork the repo and create a branch

git checkout -b feature/log-aggregation-docs

Implement changes

• Update/Write: docs/observability.md — comprehensive log schema and field inventory
• Update/Write: docs/integrations/datadog.md — Datadog log pipeline configuration
• Update/Write: docs/integrations/elastic.md — ECS mapping and Filebeat config
• Write comprehensive tests: tests/config/logger.schema.test.ts — assert all documented fields are present in log output
• Add documentation: docs/observability.md
• Include clear code comments and types
• Validate security assumptions

Test and commit

• Run tests: pnpm test (or pnpm test:coverage)
• Cover edge cases: error log includes stack trace, PII fields absent, correlation_id propagated across async boundaries
• Include test output and security notes

Example commit message

docs: add log-aggregation and SIEM integration guide

Guidelines

• Minimum 95 percent test coverage
• Clear documentation
• Timeframe: 96 hours

[od-hunter]

Hello, can I be assigned this issue please? I've gone through the description and I'm up for the task. Kindly assign me please.

[devEunicee]

@devEunicee has applied to work on this issue as part of the Stellar Wave Program's 5th wave.

Hi, I’d like to work on this because I’m interested in observability, structured logging, and production-grade system visibility. I can document the full log schema, explain field meanings and PII scrubbing behavior, add SIEM integration guides (Datadog, Elastic/ECS, etc.), and ensure the emitted logs match the documentation through tests.

Thank you!

ℹ️ Repo Maintainers: To accept this application, review their application or assign @devEunicee to this issue.

[drips-wave]

Congratulations, @devEunicee! 🎉 Your application was accepted by the repo's maintainers, and the issue is due on June 2, 2026.

🧑‍💻 @devEunicee: Please resolve the issue such that the repo's maintainers have enough time to review your contribution before the due date. You'll earn Points for completing the issue on-time, which will make you eligible for a share of the Stellar Wave Program's reward pool.

Warning

When opening a PR, please link it to this issue to ensure it gets tracked accurately. Points are awarded when this issue is marked as completed by the maintainer.

🤠 Repo maintainers: Please keep an eye on the contributor's progress and review their work before the due date. You can manage this issue, including adjusting its complexity and points, here.

🌊 Happy Wave 🌊