Lookout
000 015 030 045 060 075 090 105 120 135 150 165 180 195 210 225 240 255 270 285 300 315 330 345 360

Build log

Building Lookout in public

A day-by-day, commit-by-commit devlog of shipping a full observability platform — error tracking, watchers, dashboards, alerting, source maps, on-call, and mobile SDKs. The honest version, trade-offs and all.

3 min read

Catching my own bugs: why I built Lookout

I was tired of finding production errors from customer emails and paying enterprise prices for noise. So I built an error tracker that installs in one line, groups the flood into issues, and wakes the right person — free to start.

build-in-public laravel observability
Read post
2 min read

Mobile SDKs: iOS and Android

Shipping Swift (iOS/macOS) and Kotlin (Android) crash-reporting SDKs against the same ingest contract, with server-side contract tests as the runnable proof.

build-in-public mobile swift kotlin sdk
Read post
3 min read Deep dive

An escalation state machine with signed-link acknowledgement

A deep dive on building native on-call escalation in Laravel — the incident state machine, a per-minute scheduler that advances tiers, repeat-until-acknowledged, incident dedup, and stopping escalation with a signed URL.

deep-dive escalation on-call alerting laravel
Read post
2 min read Deep dive

Writing a Source Map v3 VLQ decoder from scratch

A deep dive on JavaScript symbolication — decoding Base64 VLQ mappings, the cumulative-vs-reset field rule, binary-searching segments by column, and matching minified frames to the right source map.

deep-dive source-maps javascript symbolication vlq
Read post
2 min read

Anomaly detection with z-scores

Catching problems no threshold was set for — z-score anomaly detection over error rate, latency, and throughput, wired into the alert engine.

build-in-public anomaly-detection statistics alerting
Read post
2 min read

PII redaction and retention

Scrubbing personal data at ingest and pruning old events on a schedule — privacy controls that make an observability tool safe to point at production.

build-in-public privacy pii retention
Read post
2 min read

SLOs and error budgets

Defining service level objectives and tracking attainment, error budget, and burn rate from existing uptime checks and request traces.

build-in-public slo reliability
Read post
3 min read Deep dive

Building a service dependency map from trace spans

A deep dive on synthesizing a service/dependency graph from existing trace spans — extracting destinations per span op, portable JSON extraction across SQLite and MySQL, and collapsing spans into nodes and edges.

deep-dive tracing performance observability
Read post
2 min read

The Security section

Turning auth, gate, and rate-limit signals into a Security dashboard — failed logins, denied authorizations, and HTTP 429s in one place.

build-in-public security dashboards
Read post
2 min read

Remote config for signals

Letting the dashboard control what the SDKs collect — turning signals on and off and tuning sample rates from the server, no redeploy required.

build-in-public sdk configuration
Read post
2 min read

Porting watchers to Rails and WordPress

One ingest contract, many SDKs — porting the new auth and storage watchers to the Rails and WordPress clients, and fixing the Ruby 2.7 test suite.

build-in-public sdk rails wordpress
Read post
2 min read

Auth and storage watchers

Adding watchers for authentication events and filesystem access — tracking logins, logouts, failures, and file reads/writes as first-class signals.

build-in-public watchers security laravel
Read post
3 min read Deep dive

Designing a pluggable alert engine

A deep dive on Lookout's alert engine — the event catalogue, severity mapping, channels and subscriptions, the single notifier seam, and cache-based deduplication that makes adding a new alert a one-liner.

deep-dive alerting architecture laravel
Read post
2 min read

An operator admin panel

Building a super-admin area to support real users — org management, an audit log, plan overrides, and safe impersonation for debugging.

build-in-public admin support
Read post
2 min read

Syncing releases from GitHub

Tracking releases automatically by mirroring GitHub tags into Lookout, so every error can be tied to the version that shipped it.

build-in-public releases github
Read post
2 min read

Stable Composer installs for the SDK

Getting lookout/tracing to install cleanly from a split mirror repo — version constraints, stability flags, and the path-repo trick for local development.

build-in-public composer php sdk
Read post
2 min read

API-only mode

Letting an ingest endpoint answer like an API instead of a web app — JSON errors, no redirects — so SDKs and curl get clean, predictable responses.

build-in-public api laravel
Read post
3 min read Deep dive

Keeping a Laravel test suite fast with schema:dump

A deep dive on squashing migrations with php artisan schema:dump --prune in Laravel — how schema dumps work, why they speed up tests, and the cross-database SQLite gotcha.

deep-dive laravel database testing migrations
Read post
2 min read

Day one: the first commit

Why I'm building yet another error tracker, and the foundation that landed on day one — auth, organizations, projects, and an ingest API.

build-in-public laravel observability
Read post