Skip to main content
Spec: PF-07 Phase 2 & 3 — Error Handling & Monitoring
Last Updated: 2026-03-14

1. Overview

Encore OS uses Sentry for error tracking, performance monitoring, and session replay. Custom performance metrics are stored in pf_health_metrics via the platform performanceMonitor.

Architecture


2. Sentry Configuration

File: src/platform/monitoring/sentry.ts

PHI Scrubbing

The beforeSend callback:
  • Truncates all event/exception messages to 500 characters
  • Strips emails, phone numbers, SSNs, DOBs via regex
  • Drops breadcrumb messages matching PHI patterns
  • Only UUIDs are sent as user/org context — never names, emails, or clinical data

Source Maps

Source maps are uploaded via @sentry/vite-plugin during the Vercel build. The SENTRY_AUTH_TOKEN, SENTRY_ORG, and SENTRY_PROJECT environment variables must be set in the Vercel project settings. Verification: After a deploy, check Sentry → Settings → Source Maps → Artifacts to confirm the release has uploaded maps.

3. Alerting Thresholds

Error Rate

Performance (Web Vitals)

API Performance


4. Dashboards

Sentry Project

  • Issues: Real-time error feed with stack traces and session replay
  • Performance: Transaction duration, Web Vitals, throughput
  • Replays: Session recordings for error context
  • Logs: Structured log search (Sentry.logger.*)

Key Sentry Queries

Platform Health Metrics

Custom metrics in pf_health_metrics (Supabase):
  • Page load timing (page_load, dom_ready)
  • Custom marks (startMark/endMark)
  • API response time histograms
Query via Supabase dashboard or the platform health module.

5. Error Boundaries

The application uses a layered error boundary strategy: The double global boundary (main.tsx + App.tsx) is intentional — the outer boundary catches errors that occur during provider initialization.

6. Correlation IDs

Every auth state change (sign-in, sign-out, token refresh) generates a correlation_id via crypto.randomUUID(). This ID is:
  • Set in the logger context for all subsequent logs
  • Included in structured log entries
  • Useful for tracing a user session across log entries

7. Escalation Procedure

  1. P3 (Low): New non-critical issue appears in Sentry → assign to relevant core team in next standup
  2. P2 (Medium): Error rate warning threshold → investigate within 4 hours
  3. P1 (High): Error rate critical threshold or auth/billing errors → investigate within 1 hour
  4. P0 (Critical): Application-wide crash or data integrity issue → page on-call immediately

8. Maintenance

Sentry Housekeeping

  • Review and resolve/archive stale issues monthly
  • Update ignoreErrors patterns when new non-actionable errors are identified
  • Verify source map uploads after Vite/build tool upgrades
  • Review sampling rates quarterly (adjust based on event volume and budget)

Performance Monitor

  • performanceMonitor flushes metrics to pf_health_metrics every 30 seconds
  • Metrics are sampled at 10% in production, 100% in development
  • Stale metrics can be cleaned up via SQL on pf_health_metrics

9. Structured Logging

Application logs use a JSON structure emitted by src/platform/monitoring/logger.ts. Format:
Standard Fields:
  • timestamp — ISO 8601 timestamp
  • level — Log level (debug, info, warn, error)
  • module — Module/core name
  • action — Action being performed
  • message — Human-readable message
  • user_id — User ID (stable UUID, not PHI)
  • org_id — Organization ID
  • site_id — Site ID (if applicable)
  • correlation_id — Request correlation ID (see §6)
PHI Protection:
  • Never log names, emails, SSNs, addresses
  • Only log stable IDs (UUIDs)
  • Sanitize error messages

10. Planned Integration: LogRocket

LogRocket is a planned complement to Sentry for richer session context (session replay, user-interaction tracking, network-request monitoring). Not yet wired. Setup Steps (Future):
  1. Create a LogRocket project.
  2. Install the SDK:
  3. Initialize in src/main.tsx:

11. Monitoring Checklist

Setup

  • Error tracking configured (Sentry/LogRocket)
  • Performance monitoring initialized
  • Log aggregation configured
  • Alerts configured
  • Dashboard created
  • On-call rotation established

Ongoing

  • Daily error review
  • Weekly performance review
  • Monthly alert tuning
  • Quarterly monitoring review
  • Incident post-mortems completed

12. Troubleshooting

Logs Not Appearing

Symptoms: No logs in console; missing log entries. Solutions:
  1. Check log level (may filter out)
  2. Verify logger initialized
  3. Check browser console filters
  4. Verify structured format
  5. Test with an explicit log call

Performance Monitoring Not Working

Symptoms: No metrics collected; dashboard empty. Solutions:
  1. Verify initialization:
  2. Check sample rate (may be too low)
  3. Verify the web-vitals library is installed
  4. Check the browser console for errors
  5. Test in development (100% sampling)

Too Many Alerts

Symptoms: Alert fatigue; important alerts missed. Solutions:
  1. Increase alert thresholds
  2. Reduce alert frequency
  3. Group similar alerts
  4. Use alert suppression
  5. Review and tune alerts

Missing Alerts

Symptoms: Issues not detected; users report before alerts. Solutions:
  1. Lower alert thresholds
  2. Add more alert types
  3. Improve monitoring coverage
  4. Test alert delivery
  5. Review alert configuration