Skip to main content
Foveus captures telemetry that helps engineering teams understand what happened during an execution. That telemetry can include request context, response context, logs, timings, failure evidence, and searchable context fields. This page explains how Foveus approaches data safety and retention.

What Foveus captures

The exact data captured depends on your SDK configuration. Foveus can capture:
  • execution metadata
  • service name
  • environment
  • mode
  • endpoint or operation
  • request query values
  • request body context
  • response body context
  • exception details
  • logs, if logging integration is configured
  • outcome and failure evidence
  • searchable context fields

What Foveus does not try to be

Foveus is not a long-term raw payload archive. Foveus is designed to help you investigate executions and issues with bounded, useful telemetry. Execution Context Search uses indexed context fields. It does not scan arbitrary raw request or response bodies.

Redaction

Foveus applies redaction to help protect sensitive fields and headers. Common sensitive values include: 
password
pin
otp
token
authorization
cookie
secret
api_key
cardNumber
cvv
You can add your own redacted fields. 
{
  "Foveus": {
    "ApiKey": "fov_test_...",
    "RedactedFields": ["nationalId", "accountNumber", "dateOfBirth"]
  }
}
Redacted values are masked before they are stored or indexed.
Redaction is a safety layer. Do not intentionally send secrets, credentials, card data, or highly sensitive personal data to Foveus.

Searchable context

Foveus can index safe scalar context fields so you can search for executions by business values. For example: 
{
  "customerId": "cus_12345",
  "orderStatus": {
    "value": 1,
    "label": "Confirmed"
  }
}
Foveus can index: 
customerId = cus_12345
orderStatus.value = 1
orderStatus.label = Confirmed
Then you can search: 
service:orders-api context:customerId="cus_12345"
or: 
service:orders-api context:orderStatus.value=1

Searchable context safety

Before context is indexed, Foveus applies safety controls. These can include:
  • sensitive-key denylist
  • redaction
  • scalar-only indexing
  • bounded key length
  • bounded value length
  • bounded traversal depth
  • maximum indexed properties per execution
  • allowed context sources
  • workspace and service policy controls
Sensitive fields are not searchable. For example, if accountNumber is redacted, this search should not work: 
service:orders-api context:accountNumber="1234567890"
Use safer identifiers such as request IDs, customer IDs, transaction IDs, or internal references.

Context sources

Foveus can index context from enabled sources.
SourceDescription
request_queryQuery string values from the request URL.
request_bodyJSON fields sent to your API.
response_bodyJSON fields returned by your API or provider.
custom_contextValues added by your application or SDK configuration.
Response body context is useful when you need to understand what your service or a third-party provider returned. Use redaction, sampling, truncation, and path exclusions to keep capture safe and bounded.

Retention

Foveus retention depends on your workspace plan. Telemetry is grouped into retention categories.
PlanRawExecutionAggregated
Free2 days7 days30 days
Starter7 days30 days90 days
Pro30 days90 days180 days
Enterprise90 days180 days365 days

Raw retention

Raw retention applies to short-lived diagnostic payloads. This can include richer request or response context used for detail views and short-term debugging. Raw data has the shortest retention window because it can contain the most detailed telemetry.

Execution retention

Execution retention applies to execution-level records and searchable execution evidence. This includes:
  • executions
  • execution metadata
  • linked failure evidence
  • searchable context properties
Searchable context follows execution retention. If an execution expires, its searchable context should expire too.

Aggregated retention

Aggregated retention applies to summarized telemetry. This can include rollups, metrics, trends, and aggregate views that do not need the full execution payload. Aggregated data can be retained longer because it is less detailed than raw execution context.

Why searchable context follows execution retention

Searchable context exists to find and explain executions. It should not outlive the execution it belongs to. For example, if an execution expires after 30 days, the indexed context used to search for that execution should expire with it. This keeps context search aligned with the execution data it explains.

Production capture guidance

For most production services, start with the Balanced capture profile and explicit redaction. 
{
  "Foveus": {
    "ApiKey": "fov_live_...",
    "Mode": "live",
    "CaptureProfile": "Balanced",
    "CaptureRequestBodies": true,
    "CaptureResponseBodies": true,
    "ContextSamplingRate": 0.01,
    "ExcludedPathPrefixes": ["/health", "/metrics"],
    "RedactedFields": ["nationalId", "accountNumber", "dateOfBirth"]
  }
}
This lets Foveus capture useful execution evidence while keeping capture bounded. For highly sensitive services, reduce body capture or exclude sensitive routes. 
{
  "Foveus": {
    "ApiKey": "fov_live_...",
    "Mode": "live",
    "CaptureProfile": "HighThroughput",
    "CaptureRequestBodies": false,
    "CaptureResponseBodies": false,
    "ExcludedPathPrefixes": ["/health", "/metrics", "/auth"]
  }
}

Path exclusions

Use path exclusions to avoid capturing noisy or sensitive routes. 
{
  "Foveus": {
    "ApiKey": "fov_live_...",
    "Mode": "live",
    "ExcludedPathPrefixes": ["/health", "/metrics", "/auth"]
  }
}
Common exclusions include: 
/health
/metrics
/ready
/live
/auth

Sampling

Use ContextSamplingRate to control how often successful context snapshots are captured. 
{
  "Foveus": {
    "ApiKey": "fov_live_...",
    "Mode": "live",
    "ContextSamplingRate": 0.01
  }
}
A value of 0.01 means 1%. Sampling helps reduce storage, CPU, and network overhead for high-volume services.

Body size limits

Use MaxBodyCaptureSizeBytes to keep captured payloads bounded. 
{
  "Foveus": {
    "ApiKey": "fov_live_...",
    "Mode": "live",
    "MaxBodyCaptureSizeBytes": 65536
  }
}
Large request or response bodies should be truncated or skipped depending on SDK behavior. Before sending live telemetry:
  1. Use a live API key.
  2. Set Mode to live.
  3. Confirm redacted fields for your domain.
  4. Exclude sensitive or noisy paths.
  5. Confirm response body capture is intentional.
  6. Set sampling for high-volume services.
  7. Trigger a test request.
  8. Open the execution in Foveus.
  9. Confirm sensitive fields are masked.
  10. Confirm context search only exposes safe values.

Troubleshooting

A sensitive field appears in Foveus

Add the field to RedactedFields. 
{
  "Foveus": {
    "ApiKey": "fov_test_...",
    "RedactedFields": ["sessionCredential"]
  }
}
Then trigger a new request. Redaction changes apply to newly captured telemetry.

Context search finds a value that should not be searchable

Check whether the field should be added to RedactedFields or blocked by policy. Use a safer identifier for search where possible.

Context search does not find a value

Check that:
  • the field was captured
  • the value is scalar
  • the path was not excluded
  • the value was not redacted
  • the value was ingested after context indexing was enabled
  • the selected time range includes the execution
  • the execution still exists within retention

Old executions disappeared

Retention removes data based on your workspace plan. If an execution has expired, its searchable context should expire too.

What to do next