Skip to main content

Worked Answer: Frontend Observability

Prompt

Design frontend observability for a SaaS app with multiple routes, experiments, releases, tenants, and third-party scripts.

1. Clarify

Ask:

  • Which routes and workflows are business-critical?
  • What privacy constraints apply?
  • How are releases, feature flags, and experiments represented?
  • Which backend traces need frontend correlation?
  • Who owns alerts and incident response?
  • What third-party scripts can affect user experience?

2. Signal taxonomy

SignalPurpose
Web Vitalsuser-perceived loading, responsiveness, stability
route transitionsnavigation health and route-level failure
JS errorsclient defects and release regressions
API errorsfrontend/backend contract health
resource failuresCDN, image, script, font failures
user workflow eventstask completion and abandonment
feature flag/experiment contextrelease and variant attribution
third-party script costvendor performance and reliability risk
accessibility signalsdetected defects and user-impacting failures

3. Architecture

4. Event schema

Minimum fields:

  • event name
  • schema version
  • route id
  • release id
  • build id
  • feature flag snapshot
  • experiment assignment
  • device class
  • network class where available
  • tenant class, not raw tenant name
  • trace/request id
  • consent/purpose label

Avoid:

  • raw user input
  • full URLs with sensitive query params
  • emails, names, phone numbers
  • access tokens
  • free-form object dumps

5. Dashboards

DashboardAnswers
route healthwhich routes are failing or slow?
release healthdid the latest release regress?
experiment healthdid a variant affect performance/errors/conversion?
third-party healthwhich scripts add cost or fail?
critical journeywhere do users abandon?
security/privacy telemetryare events rejected, CSP violated, or scripts drifting?

6. Alerting

Alert only when action is clear:

  • critical route error spike by release
  • p75 INP regression on critical interaction
  • LCP regression on acquisition route
  • export workflow failure spike
  • CSP violation spike after release
  • telemetry sensitive-field rejection spike
  • third-party script cost exceeds budget

Every alert needs owner, runbook, severity, and rollback path.

7. Privacy model

Use first-party collection, typed schemas, and destination routing. Observability should be privacy-aware by design:

  • minimize before redaction
  • reject sensitive fields at SDK boundary
  • separate operational telemetry from growth analytics
  • store trace ids instead of raw account identifiers
  • apply retention rules by purpose

8. Tradeoffs

DecisionTradeoff
sample high-volume eventslower cost, less complete detail
first-party collectormore platform work, better control
route-level dashboardsmore taxonomy work, better ownership
strict schema validationdropped events, better privacy and data quality

Strong close

Frontend observability is successful when a regression can be answered quickly: what route, what release, what cohort, what user journey, what backend trace, what owner, and what rollback. It is not successful just because events are flowing.