DynamoEval Logs
- A DynamoEval test execution involves logs from multiple components: the API, attack execution, and test report generation
- This document covers the logging structure and attributes for DynamoEval-specific components
DynamoEval: Attack Logs
Each DynamoEval test executes multiple attacks, each running in a Kubernetes pod. All attack logs include structured attributes that allow you to filter and trace logs for specific attacks.
Structured Logging Attributes
Every log entry from DynamoEval attack execution includes the following attributes:
| Attribute Name | Description |
|---|---|
log_processed.product | Always set to "dynamoeval" to identify DynamoEval logs |
log_processed.component | Always set to "pentest-attack" for attack execution logs |
log_processed.test_id | The test ID of the DynamoEval test for which the attack is being performed |
log_processed.attack_id | The unique ID of the specific attack being executed |
log_processed.job_id | The Kubernetes job ID associated with the attack execution |
log_processed.logger | The name of the logger, typically the module/file name (e.g., privacy_attacks.pii_leakage.models.huggingLM) |
Using These Attributes
You can use these attributes to filter logs in your logging backend:
- Filter by attack: Use
log_processed.attack_idto view all logs for a specific attack - Filter by test: Use
log_processed.test_idto view all attack logs for a specific test - Filter by component: Use
log_processed.component="pentest-attack"to view all attack logs - Filter by product: Use
log_processed.product="dynamoeval"to view all DynamoEval-related logs
Note: For CloudWatch-specific query examples, see the CloudWatch Guide.
DynamoEval: Test Report Generation Logs
Some DynamoEval tests include a test report generation job that executes after the test completes. These logs have a distinct structure to differentiate them from attack logs.
Structured Logging Attributes
Every log entry from test report generation includes the following attributes:
| Attribute Name | Description |
|---|---|
log_processed.product | Always set to "dynamoeval" to identify DynamoEval logs |
log_processed.component | Always set to "test-report-generation" for report generation logs |
log_processed.test_id | The test ID of the DynamoEval test for which the report is being generated |
log_processed.job_id | The Kubernetes job ID associated with the report generation |
log_processed.logger | The name of the logger, typically the module/file name |
Using These Attributes
You can use these attributes to filter logs in your logging backend:
- Filter by test: Use
log_processed.test_idto view all report generation logs for a specific test - Filter by component: Use
log_processed.component="test-report-generation"to view all report generation logs - Filter by product: Use
log_processed.product="dynamoeval"combined withlog_processed.component="test-report-generation"to view all report generation logs
Note: For CloudWatch-specific query examples, see the CloudWatch Guide.