Request Logs
Zerq logs every API request with full details — headers, body, latency, status, client identity, and more. Use the Logs section to debug issues, investigate clients, and trace specific requests.
Request log guides
What's logged
Every request log entry includes:
| Field | Description |
|---|---|
| Request ID | Unique identifier for tracing (also returned in X-Request-ID header) |
| Timestamp | When the request arrived |
| Method | HTTP method (GET, POST, etc.) |
| Path | The incoming request path |
| Target endpoint | The backend URL the request was forwarded to |
| Status code | HTTP response status |
| Latency | End-to-end response time in milliseconds |
| Client ID | Which client made the request |
| Profile ID | Which profile was used |
| Collection | Which collection was matched |
| Client IP | Source IP address |
| Request headers | Full request headers |
| Request body | Request payload |
| Response headers | Backend response headers |
| Response body | Response payload |
Logging and metrics assumptions
Request logs are captured through an asynchronous logging path for runtime performance. In failure conditions (for example abrupt process termination), a small subset of in-flight log writes may be delayed or dropped.
Operational metrics and dashboards are derived from logged request data, so metrics completeness depends on logging health.
Data handling and redaction
Request logs can contain sensitive payload content. Treat them as controlled data.
- Avoid sending secrets, raw credentials, or highly sensitive PII in request/response bodies.
- Apply token and secret masking in upstream systems where possible.
- Use role-based access for log viewers and keep access scoped to least privilege.
- Define retention periods based on compliance requirements and internal policy.
- If sensitive data is logged accidentally, remove the record promptly and rotate affected credentials.
Viewing logs
- Go to Logs in the sidebar
- Logs are displayed in reverse chronological order
- Click any log entry to see the full detail modal with all headers and bodies
Filtering logs
Use the filter panel to narrow down logs:
By content
| Filter | Description | Example |
|---|---|---|
| Path | Match by incoming path, supports wildcards | /payments/transactions, /payments/* |
| Method | HTTP method | GET, POST, PUT, DELETE, PATCH |
| Status code | Exact code or class | 200, 4xx, 5xx |
| Client ID | Filter to one specific client | UUID from the client detail page |
| Profile ID | Filter to one profile | UUID from the profile detail page |
| Client IP | Source IP address | 192.168.1.100 |
| Request ID | Find a specific request by trace ID | UUID returned in X-Request-ID response header |
| Target endpoint | Backend URL the request was forwarded to | https://api.upstream.internal/charges |
| Payload | Full-text search across both request body and response body simultaneously | "error": "invalid_token" |
| Collection | Filter to one collection | Select from dropdown |
Payload search — the payload filter searches both the request body and the response body in a single query. This is especially useful for finding specific error messages, correlation IDs, or field values without knowing which end of the transaction they appear on.
By latency
Set a latency threshold using an operator and a value in milliseconds:
| Operator | Effect | Example |
|---|---|---|
> (greater than) | Show only slow requests | > 500 — requests taking more than 500ms |
< (less than) | Show only fast requests | < 100 — requests completing under 100ms |
= (equals) | Find requests at an exact latency | Rarely used; mainly for debugging |
By time
| Preset | |
|---|---|
| Last 1 hour | |
| Last 24 hours | |
| Last 7 days | |
| Last 30 days | |
| Custom range | Select start and end date/time |
URL-synced filters and shareable links
All active filters are written into the browser URL as query parameters. This means:
- You can bookmark a filtered view and return to it later
- You can share a URL with a team member and they see exactly the same filtered results
- The Dashboard's View Logs deep link exploits this — it opens request logs pre-filtered for a specific endpoint and time window by constructing a URL with the right parameters
Log detail view
Click any log entry to open the full detail dialog:
- Request headers — all headers sent by the client
- Request body — the full request payload, pretty-printed if JSON
- Response headers — all headers returned by the gateway/upstream
- Response body — the full response, pretty-printed if JSON
- Error message — if the gateway rejected the request, the reason is shown here
- Metadata — latency breakdown, client ID, profile ID, matched collection and proxy, target URL, client IP, request ID
Pagination
Configure how many logs appear per page: 10, 25, 50, or 100 entries. Use the pagination controls to navigate through results.
Sorting
Sort by any column — timestamp, latency, status code, method — ascending or descending.
Use cases
Debugging a client issue
- Filter by Client ID to see only that client's requests
- Filter by Status code
4xxor5xxto find failures - Click into a failed request to see the full response body (error message from backend)
Investigating slow responses
- Filter Latency > 1000ms to find requests over 1 second
- Sort by latency descending
- Identify which endpoints are consistently slow
Tracing a specific request
If a user reports an issue and gives you a request ID:
- Filter by Request ID
- See the exact request, response, timing, and client identity
Compliance review
Filter by time range to export all requests for a compliance review period. Check which clients called which endpoints, with what payloads.
Log retention
Configure log retention in the gateway settings. For compliance-regulated environments, set a retention period that meets your regulatory requirements (e.g., 90 days, 1 year).
Deleting logs
Admin users can delete individual log entries if needed (e.g., to remove PII).
Related docs
- Audit Logs — track configuration changes
- Dashboard — aggregated metrics and trend charts