Building observability for a multi-tenant marketplace

The moment we invited multiple companies into Cooperate, we needed guardrails to detect performance regressions and policy violations per tenant—without mixing their data.

Three pillars we monitor

• Structured logging. API route handlers append tenant and membership context so we can trace issues without leaking PII.
• Metrics per domain. Key functions in src/server/domains/** emit timing histograms to highlight slow queries before they affect every customer.
• Audit events. Admin actions, agreement updates, and messaging attachments flow into the same audit log, giving platform staff the full picture.

Dashboards that matter

1. Latency by tenant surfaces RLS-heavy queries that might need additional indexes.
2. Authorization errors alerts us when policy changes break customer flows.
3. Storage usage protects attachments and agreement PDFs from exhausting buckets.

Alerting philosophy

We prefer low-noise alerts anchored to customer impact. That means SLOs for agreement creation time, messaging delivery, and onboarding completion, plus manual weekly reviews of audit spikes.

What’s next

• Correlating Supabase log drains with frontend Web Vitals.
• Shipping a self-serve analytics panel for company admins.
• Expanding anomaly detection around sudden increases in hidden listings.

Want to chat observability? Reach out at platform@cooperate.no.