Data Flow

Qpoint handles two distinct types of data, Events and Objects. Importantly, we've architected the system so that:

Your sensitive data never leaves your environment
Our team never has access to sensitive data
All processing occurs where connections originate
You maintain full control over data storage and access

Objects

Objects contain the actual content of your service interactions, including both request and response data along with their associated headers and bodies. Since this data often contains sensitive information, Qpoint ensures it never leaves your environment. All object data is stored exclusively within your own storage infrastructure, giving you complete control over your sensitive information.

Object Data Flow

Capture: Qtap agent captures connection data on your servers
Processing: Data processed locally on the host where connections occur
Storage: Payloads sent directly to your S3-compatible storage in your environment
Access: Your team accesses payloads through the Qpoint UI, which loads data directly from your storage

Events

Events consist of anonymized information about your service connections, capturing essential metadata while carefully excluding sensitive content. This includes basic connection details like IP addresses and domains, timing information such as timestamps and durations, and performance metrics like bandwidth usage statistics. The events also include fundamental request and response metadata such as status codes and paths.

Event Metadata Flow

Generation: Qtap agent creates anonymized connection metadata
Transmission: Data transmitted to Qpoint for processing and storage
Storage: Events processed by Pulse endpoint for ingestion into Clickhouse database
Access: Retrieved through Pulse API for dashboard visualization

Self-Hosted Events are coming soon! Contact our team to request more details at hello@qpoint.io

Key Privacy Considerations

Data Residency
- Sensitive data never leaves your environment
- You maintain full control over storage locations
- Direct access paths avoid unnecessary data transmission
Access Control
- You control access to payload storage
- Credentials managed within your environment
- Browser-based direct access to your storage
Data Isolation
- Clear separation between metadata and payload data
- Different storage and access patterns for each data type
- Granular control over data retention and access

PreviousArchitecture NextHow It Works

Last updated 16 days ago