Toucan 3.0
YouPrep documentationHelp centerGet a demo
  • Welcome
    • 👋Welcome to Toucan
    • ⚙️Technical resources
      • ⚙️Toucan stack
      • Setup mode
        • Toucan SaaS mode
      • ⚙️Security
        • Application Security
        • Source Code Quality
        • Global Security Practices
        • Security of Docker Images
  • TUTORIALS
    • 📊Getting Started : Embedded Analytics
    • 🤓Advanced tutorials
      • Embedding a story with user attributes
        • Dynamic filter with user attributes
        • Dynamic Tables
        • Dynamic Database
        • Dynamic Host
      • Using the HTTP API connector in advanced use cases
      • Using advanced syntax for SQL queries
      • Merging filters with our tool
      • Deep customization chart (CSS)
        • Homepage customization
        • Chart customization
        • Dashboard customization
  • Data Management
    • 🧮Overview of Data In Toucan
    • 📡Datasources in Toucan
      • 🔌Managing Connectors
        • 🔌Creating, editing and deleting a connector
        • 🔌Set up OAuth2 credentials for your platform
        • 🔌Setting up a connector
          • 🔌Generic Connectors
            • 🔌Setting up an HTTP API connector
            • 🔌Setting up an ODBC Connector
          • 🔌Database and data warehouse Connectors
            • 🔌Setting up an AWS Redshift Connector
            • 🔌Setting up a Snowflake Connector
            • 🔌Setting up a PostgreSQL Connector
            • 🔌Setting up a Google Big Query Connector
            • 🔌Setting up an AWS Athena connector
            • 🔌Setting up a MySQL connector
            • 🔌Setting up a MongoDB connector
            • 🔌Setting up a Microsoft SQL Server connector
            • 🔌Setting up an Azure SQL connector
            • 🔌Setting a Databricks Connector
            • 🔌Setting up a ElasticSearch Connector
            • 🔌Setting up a Clickhouse Connector
          • 🔌Online services connectors
            • 🔌Setting up a Sharepoint Connector
            • 🔌Setting up a Google Sheets Connector
            • 🔌Setting up a Salesforce Connector
            • 🔌Setting up a Hubspot Connector
          • 🔌Setting up an AWS S3 connector
      • 📁Managing Files
        • 📁Adding, editing and deleting local files
        • 📂Using advanced file settings
        • 📁Adding and combining remote files in Toucan
    • 🔢Datasets in Toucan
      • 🔢Stored and Live Datasets
      • 💿Managing datasets
        • 🔢Creating datasets
        • 🔢Editing, Duplicating and Deleting a dataset
        • 🔢Refreshing and Publishing Datasets
        • 📈Optimize data performance
        • 🗂️Adding indexes to stored datasets
        • 👩‍💻Code mode and single mode
      • 🛑Setting permissions on dataset
      • 🗃️Maintaining Data
        • 🗃️Tagging datasets
        • 🗃️Identifying datasets dependencies
        • 🗃️Set validation rules
    • 🧑‍🍳Preparing data
      • Overview of YouPrep™
        • 🎹Column header
          • Rename column
          • Duplicate column
          • Fill null values
          • Replace values
          • Sort values
          • Convert columns data types
        • Add
          • Add text column
          • Add formula column
          • Add conditional column
        • Filter
          • Delete columns
          • Keep columns
          • Filter rows
          • Top N rows
          • ArgMax
          • ArgMin
        • Aggregate
          • Group by
          • Add total rows
          • Hierarchical rollup
          • Get unique groups/values
        • Compute
          • Compute evolution
          • Cumulated sum
          • Percentage of total
          • Rank
          • Moving average
          • Compute statistics
          • Absolute value
        • Text
          • Concatenate
          • Split column
          • Extract substring
          • To lowercase
          • To uppercase
          • Compare text columns
          • Trim spaces
          • Replace text
        • Date
          • Convert text to date
          • Convert date to text
          • Extract date information
          • Add missing dates
          • Compute duration
        • Reshape
          • Pivot
          • Unpivot
          • Waterfall
        • Combine
          • Append datasets
          • Join datasets
        • Geo
          • Geographic dissolve
          • Geographic hierarchy
          • Geographic simplify
          • Prepare geo data (with basemap)
      • YouPrep™ Native SQL
      • Hybrid pipeline
    • ➿Managing variables in Toucan
      • ➿Variables hub
      • ♈Use variables in YouPrep™
      • ➿Easy reference to variables
    • 🧞Using advanced data concepts
      • 🧞Data personnalisation with user attributes
        • Connector setup with a user attribute
        • Database selection with a user attribute
        • YouPrep data filtering with a user attribute
        • Filter data in SQL with a user attribute
      • 🧞Advanced syntax for variables
      • 🧞Data cache
  • Visualizations and Layouts
    • 📺Apps
      • 📺Managing Apps
        • ➕Creating Apps
        • 📄Duplicating Apps
        • 🖨️Publishing Apps
        • 🚮Deleting Apps
        • ✍️Editing within an App
      • 🖌️Customizing Apps
        • Customizing chart color elements
        • Customizing the app's font
        • Adding Assets
        • Adding Glossary
        • Setting up, Managing and testing custom visibilities
        • Customizing the "no data error" message
        • Creating a dynamic background based on an Filter's column
      • 🏠Home
        • Creating the Home
        • Creating Tiles
          • Tile Dynamic Value
          • Tile Leaderboard
          • Tile Line
          • Tile Scorecard
          • Tile Bullet
          • Tile Heatmap
          • Tile PDF
          • Tile Video
          • Tile Image
          • Tile Text
          • Tile HTML
          • Tile Separator
      • ✨Stories
        • Creating a Story
        • KPIs
        • Narrative
        • Crossfilter
      • 📽️Filters
        • Managing Filters
          • Creating, reusing and editing Filters
          • Applying Filters
          • Unpinning and deleting Filters
        • Type of Filters
          • Dropdown
          • Checkboxes
          • Buttons
          • Date Range
          • Hierarchical
          • Slider
        • Templating from Filters' values
        • Dependant Filters
      • 📈PDF Report
      • 🎡Datawall
      • 🏗️Dashboard Builder
        • Create a Dashboard Builder
        • Embed a Dashboard Builder
        • Dashboard export options
      • 🌟MyFavorites
    • 📊Creating Visualizations
      • 🤩Viz Gallery
        • Barchart
        • Barlinechart
        • Bubblechart
        • Bulletchart
        • Circularchart
        • Funnelchart
        • Gantt chart
        • Heatmap
        • HTML
        • Leaderboard
        • Leaderboard Centered Average
        • Linechart
        • Mapchart
          • Configure a drill
        • Mediachart
        • Radarchart
        • Tablechart
        • Timeline
        • Versuschart
        • Waterfallchart
        • Score Card
        • Stacked Barchart
      • 🧠Common Chart Configuration
      • 💅Customizing chart colors
      • 🧞‍♂️Advanced chart configuration
        • Templating from chart's dataset
        • Add units, precisions and sentiments
        • Adding Tutorials
        • Add sparklines
        • Navigate with stories
        • Group informations in your stories
        • Multiple charts in one story
        • Manage dates
        • Customize tiles' sources
        • Add stars to tiles' title
        • Manage data order in your tiles
        • Navigate with tiles
    • 👩‍💻Embedding
      • 🔐Authentication
      • 🖇️Integration
        • Generate and manage embeds
        • Customize embeds
        • Embedding a Toucan App Using iFrames
        • Passing Extra Variables to Your Toucan Embed
      • ⚙️Embed SDK
        • Embed SDK Authentication
      • ❓FAQ
    • 🙋Self-Service
      • Self-Service Dashboard
      • Self-service PDF Report
  • Collaboration
    • ⏰Creating alerts
    • 📧Managing notifications
    • ➕Enriching a story with descriptions
    • 💌Sharing content
    • 💬Adding comments to stories
  • Administration
    • Page
    • ⚙️Instance Management
      • ⚙️Managing operations in SaaS
      • ⚙️Customizing your instance (whitelabel)
    • 👥Managing Users
      • 👥Users
      • 👥Managing user groups
      • 👥Managing user properties
      • 👥Setting up permissions and visibilities
    • 🌐Managing languages in Toucan (internationalisation)
    • 📈Monitoring Engagement with User Analytics
      • 🎛️How to Filter your User Analytics?
      • 🖥️Understanding your User Analytics Dashboards
  • Additional Ressources
    • 📚External documentation
    • 🚁Support for App-builders
    • 🆕Latest releases
      • 🎁2025 Releases
      • 🎁2024 Releases
      • 🎁2023 Releases
    • 🔧Troubleshooting
      • Troubleshoot:: DataHub
      • Cross-Site Cookies
      • How to :: read the inspector error
      • How to :: troubleshoot the toucan way
Powered by GitBook
On this page
  • Deployments
  • Log Management
  • Vulnerability Scans
  • Alerts
  • Performance Monitoring
  • Watch and patch management
  • Backups
  • Issues logbook
  • Communication during issues
  • Support
  • On-Call duty team
  • Project instance and server decommission
  • Container runtime security monitoring

Was this helpful?

  1. Administration
  2. Instance Management

Managing operations in SaaS

Last updated 1 year ago

Was this helpful?

Deployments

All deployments are automated thanks to our .

All our playbooks are versioned, maintained and reviewed by the Toucan tech team.

Benefits

As a best practice, we never directly connect to a Toucan node in order to run manual commands. We reduce the risk of human error and deployment is able to auto-scale.

Log Management

All logs generated by Toucan’s applications are centralized in an . Toucan’s tech team can follow activity on these apps as well as any warnings and errors thanks to dashboards.

We also have a centralized system logs management which consolidates all our logs (e.g.: syslog, auth, nginx access/error, security tools…). We are able to detect brute force attacks, spam and malicious behavior on our dashboards. For each detected pattern, we receive automated alerts thanks to .

Our log retention policy is about 8 weeks long in our , but we keep - by default - 14 weeks of web access/error logs and 52 weeks of app logs in our servers.

Benefits

As a best practice, we never need to directly connect to a Toucan node to follow activity and logs. This is at the core of our ability to scale our monitoring.

Vulnerability Scans

We regularly and automatically scan our servers in search for:

  • open ports

  • misconfiguration

  • lack of security updates

Benefits

We ensure having an up-to-date environment (system, security, patches…).

Alerts

Our monitoring services alert us when:

  • a server becomes unresponsive

  • a server shows unusual CPU, memory or disk activity

  • a server is getting closer to its hardware limits

  • an application status page shows that it’s not OK

  • one of the following ports is not listening: 443/80/22

Benefits

This monitoring runs 24/7 and every alert is checked to ensure a fast reaction from the Toucan tech team.

Performance Monitoring

Every week these services send us detailed performance and uptime reports.

Benefits

These regular reports help us to identify potential regressions or bottlenecks that can then be fixed.

Watch and patch management

To discover new vulnerabilities and patch against them as quickly as possible, we follow:

Item
Name
Descriptif

Database

MongoDB

Database

MongoDB

Application

Python

Container

Docker

Container

Docker

System

Ubuntu

Ubuntu LTS packages

System

Ubuntu

System

Debian

System

InstallingfSense

Auto-updates

And Github's issues/announces of main projects we use.

These update processes can very occasionally lead to a short downtime that we do out of office hours.

If the infrastructure or the applications are impacted by a known vulnerability, we always send a mail report to the client to warn and explain how we recover it.

Backups

We run a daily backup process for each instance/project.

The backup is a complete snapshot which is encrypted by a GPG key (dedicated to the instance/project) and exported over rsync+ssh to our exclusive backup nodes.

GPG keys are only available to the Toucan’s admins and stored in our passwords manager system.

All the backups are exported to dedicated storage service.

By default we keep a retention of 20 daily backups for each instance/project.

Benefits

We also regularly test and challenge our backup and restoration scripts.

Restoring an instance or a project is a fully automated and fast process.

Issues logbook

By culture, we keep a logbook of every issue on the infrastructure.

Each logbook entry describes:

  • what’s going on

  • how did we understand the issue

  • what did we do to solve the problem

  • what are the impacts

  • what do we need to do to avoid it next times

Benefits

The logbook is open to every Toucan employees. The knowledge, about the life and the issues on the infrastructure, is shared and maintained by every one.

Communication during issues

As soon as we detect an issue, your dedicated account manager and/or client success manager will contact you to explain the issue, the potential impacts and give you an estimated resolution time.

When the issue is closed, you can expect a post-mortem report, mainly extracted from our logbook (cf previous paragraph), with details about the investigation and the resolution process.

This emergency communication is available 24x7.

Your instance has a dedicated status page at the following URL {instance-name}.status.toucantoco.com on which you can check the status of the services, find information about scheduled maintenances and consult incident reports. You can subscribe to this page by email in order to receive updates.

Support

This support is open between 9:00 and 18:00 (Paris hour) during the working days.

On-Call duty team

We have a dedicated “on-call duty” team (level 1,2,3) at night and on weekends to watch and fix major issues.

Project instance and server decommission

Each time we need to decommission a project instance:

  • the dedicated stack is shutdown (virtual hosts, API process, workers, queue server, database)

  • all data, logs and associated configuration are erased

Each time we need to decommission a server:

  • data and home partition are fully formatted

  • we force a basic rewrite of the partition (with a basic dd command), thus no block could be restored from their previous state

  • then we release the server to Scaleway.

Benefits

A decommissioned server is always left without any data.

We have exactly the same approach for any SAN or storage volumes.

Container runtime security monitoring

Here are some examples of suspicious activities:

  • RCE (Remote Code Execution) inside a container.

  • Package installation during the runtime of a container.

  • Shell binding to a suspicious file descriptor.

  • Netcat Program runs inside a container that allows remote code execution.

Furthermore, we use to alert us to possible intrusions.

Our infrastructure and applications are continuously monitored by several external services (like , , or ).

As soon a security patch is available, we automatically applied it to our whole infrastructure by using our scripts.

Otherwise, our infrastructure is fully updated every 2 months with our . But before applying updates everywhere, we use a staging node to be sure there will be no regression.

Our main support channels are emails via .

To ensure that our customer’s instances are not compromised while running and detect any suspicious behavior which can lead to security issue, Toucan uses on its infrastructure to monitor running containers and hosts in real-time.

Whenever detects a scenario that is not on the Toucan team’s whitelist, it sends an alert to the team.

⚙️
⚙️
Ansible playbooks
Elastic stack
Kibana
Elastalert
Elastic stack
OSSEC
NewRelic
Sentry
StatusCake
BetterUptime
Ansible
Ansible playbooks
help@toucantoco.com
Falco
Falco
Mongo CVE DAdministration, exploitation & internal security details
Mongo Security Checklist
Python CvAdministration, exploitation & internal security Database
Docker Dev Mailing list
Docker User Mailing list
Ubuntu Security List
Debian Security List