Documentation Index
Fetch the complete documentation index at: https://mintlify.com/scooller/Leben-site/llms.txt
Use this file to discover all available pages before exploring further.
Keeping iLeben healthy in production means watching three things: the application log for PHP errors and integration failures, the queue worker log for background job activity, and the jobs database table for signs of a stalled worker. The sections below cover every monitoring surface, how logs are structured, how to run tests without touching production data, and a security checklist.
Log Files
iLeben writes to two log files on a standard cPanel deployment.
| File | Contents |
|---|
storage/logs/laravel.log | Main application log — PHP errors, Salesforce sync output, payment events, scheduler runs |
storage/logs/queue-worker.log | Stdout/stderr from the queue worker cron job |
Tailing logs in real time
# Follow the main application log
tail -f storage/logs/laravel.log
# Follow the queue worker output
tail -f storage/logs/queue-worker.log
Filtering for specific integration errors
# Transbank payment errors
grep -i "transbank" storage/logs/laravel.log
# Mercado Pago errors
grep -i "mercadopago" storage/logs/laravel.log
# Salesforce errors (invalid_grant, sync failures, SOQL errors)
grep -i "salesforce" storage/logs/laravel.log
# Any ERROR or CRITICAL level entry
grep -E "ERROR|CRITICAL" storage/logs/laravel.log
FlowLogMatrix — Centralised Log Level Standards
iLeben uses App\Support\FlowLogMatrix to enforce consistent log severity across every major integration flow. Instead of ad-hoc log levels scattered across services, FlowLogMatrix provides a single source of truth for which events map to which PSR-3 level.
The matrix covers the following flows and their event severity:
| Flow | debug | info | warning | error | critical |
|---|
| Payments (Transbank / Mercado Pago) | Raw request/response traces | Transaction created, confirmed | Retry triggered, partial data | Payment processing failure | Unrecoverable gateway error |
| Salesforce Job | SOQL query details | Record synced successfully | Skipped record, field mismatch | API call failed, retrying | OAuth invalid, job aborted |
| Production Sync | HTTP request details | — | Config missing, HTTP non-2xx response | Network error, sync failed | — |
When searching logs, filter by the relevant flow keywords (Transbank, MercadoPago, Salesforce, ProductionSync) combined with the severity level to narrow results quickly.
Log Security
iLeben applies two hardening measures to payment and webhook logs:
- Token sanitisation — Transbank and Mercado Pago log entries strip raw API tokens and session tokens before writing. You will never see a live credential in
laravel.log.
- Minimum-necessary metadata —
transbank_abort_payload and mercadopago_payment webhook metadata are persisted with only the fields required for reconciliation. Sensitive fields (full card data, raw personal identifiers) are excluded.
Do not disable or override these sanitisation steps when extending payment services.
Database Monitoring
Checking for stuck queue jobs
Query the jobs table to detect a stalled worker. Jobs with attempts = 0 and reserved_at = NULL have never been picked up, which means the queue worker cron job is not running.
// Count unprocessed jobs
DB::table('jobs')->where('attempts', 0)->whereNull('reserved_at')->count();
// Inspect the oldest waiting job
DB::table('jobs')->orderBy('created_at')->first();
If this count is growing, confirm the queue worker cron job is active in cPanel and check storage/logs/queue-worker.log for errors.
Debugging slow or unexpected queries
Use Laravel’s DB::listen callback inside Tinker to dump every SQL query as it executes:
DB::listen(fn($query) => dump($query->sql, $query->bindings));
// Then trigger the operation you want to inspect, e.g.:
// App\Models\Plant::with('proyecto')->paginate(20);
Testing Setup
iLeben’s test suite is isolated from development and production databases. Tests run against a dedicated SQLite file so RefreshDatabase never touches MySQL.
| Setting | Value |
|---|
| Connection name | sqlite_testing |
| Database file | database/testing.sqlite |
| Configured in | phpunit.xml / .env.testing |
The database/testing.sqlite file must exist before you run tests for the first time. Create it once with:touch database/testing.sqlite
On Windows PowerShell:New-Item -Path database/testing.sqlite -ItemType File -Force
Running tests
# Run the full test suite (compact output)
php artisan test --compact
# Run a single test file
php artisan test --compact tests/Feature/SomeTest.php
# Run tests matching a name pattern
php artisan test --compact --filter=testName
Always run php artisan test --compact after every deploy to confirm no regressions were introduced.
Security Checklist
iLeben implements the following security controls. Review these after each deploy to confirm no configuration drift has occurred.
| Control | Implementation |
|---|
| CSRF protection | VerifyCsrfToken middleware active on all web routes |
| Rate limiting | API routes throttled at 10 requests per minute per IP |
| API authentication | Laravel Sanctum tokens; token.origin middleware rejects invalid or absent tokens |
| Webhook signature verification | Mercado Pago webhooks verified with MERCADOPAGO_WEBHOOK_SECRET; Transbank uses its own SDK-level verification |
| HTML sanitisation | RichEditor content sanitised before persistence; prevents stored XSS |
| Idempotent payment webhooks | Duplicate webhook deliveries are detected and ignored to prevent double-processing |
| CAPTCHA | Cloudflare Turnstile validates the contact form server-side via CLOUDFLARE_TURNSTILE_SECRET_KEY |
Production Cache Safety
To flush application caches in production, always use php artisan optimize:clear. This safely clears config, route, view, and event caches without touching the database. Never use migrate:fresh, migrate:reset, or db:wipe to “reset” a production environment — these commands are irreversible and will destroy all data.