Skip to main content

AuditEvent

Struct AuditEvent

pub struct AuditEvent {Show 14 fields
    pub timestamp: DateTime<Utc>,
    pub user: String,
    pub session_id: Option<String>,
    pub event_type: AuditEventType,
    pub resource: String,
    pub outcome: AuditOutcome,
    pub metadata: Option<Value>,
    pub workspace_id: Option<String>,
    pub tenant_id: Option<String>,
    pub request_id: Option<String>,
    pub ip_address: Option<String>,
    pub resource_id: Option<String>,
    pub action: Option<String>,
    pub prev_hash: Option<String>,
}

Available on crate feature auth only.

Expand description

An audit event with enterprise multi-tenant context.

All fields beyond timestamp, user, event_type, resource, and outcome are optional for backward compatibility. Enterprise platforms populate the additional context fields for multi-tenancy, tracing, and compliance.

Fields§

§timestamp: DateTime<Utc>

Timestamp of the event.

§user: String

User ID (email, subject, or system identifier).

§session_id: Option<String>

Session ID (if available).

§event_type: AuditEventType

Type of event.

§resource: String

Resource being accessed (tool name, agent name, or descriptive path).

§outcome: AuditOutcome

Outcome of the operation.

§metadata: Option<Value>

Additional metadata (arbitrary JSON).

§workspace_id: Option<String>

Workspace ID for multi-tenant scoping.

§tenant_id: Option<String>

Tenant ID for multi-tenant scoping (higher level than workspace).

§request_id: Option<String>

Request ID for distributed tracing correlation.

§ip_address: Option<String>

Client IP address.

§resource_id: Option<String>

Resource UUID (distinct from the human-readable resource name).

§action: Option<String>

Action verb (e.g., “read”, “write”, “delete”, “execute”).

§prev_hash: Option<String>

SHA-256 hash of the previous event (for cryptographic chaining).

Implementations§

impl AuditEvent

pub fn new( event_type: AuditEventType, user: impl Into<String>, resource: impl Into<String>, outcome: AuditOutcome, ) -> AuditEvent

Create a new audit event with the given type, user, resource, and outcome.

pub fn tool_access( user: &str, tool_name: &str, outcome: AuditOutcome, ) -> AuditEvent

Create a new tool access event.

pub fn agent_access( user: &str, agent_name: &str, outcome: AuditOutcome, ) -> AuditEvent

Create a new agent access event.

pub fn authentication(user: &str, outcome: AuditOutcome) -> AuditEvent

Create an authentication event.

pub fn resource_event( event_type: AuditEventType, user: &str, resource: &str, resource_id: &str, outcome: AuditOutcome, ) -> AuditEvent

Create a resource lifecycle event.

pub fn secret_accessed( user: &str, secret_name: &str, outcome: AuditOutcome, ) -> AuditEvent

Create a secret access event.

pub fn config_changed( user: &str, config_key: &str, outcome: AuditOutcome, ) -> AuditEvent

Create a configuration change event.

pub fn custom( event_type: &str, user: &str, resource: &str, outcome: AuditOutcome, ) -> AuditEvent

Create a custom event type for platform extensions.

pub fn with_session(self, session_id: impl Into<String>) -> AuditEvent

Set the session ID.

pub fn with_metadata(self, metadata: Value) -> AuditEvent

Set metadata.

pub fn with_workspace(self, workspace_id: impl Into<String>) -> AuditEvent

Set workspace ID for multi-tenant scoping.

pub fn with_tenant(self, tenant_id: impl Into<String>) -> AuditEvent

Set tenant ID for multi-tenant scoping.

pub fn with_request_id(self, request_id: impl Into<String>) -> AuditEvent

Set request ID for distributed tracing.

pub fn with_ip_address(self, ip: impl Into<String>) -> AuditEvent

Set client IP address.

pub fn with_resource_id(self, id: impl Into<String>) -> AuditEvent

Set resource UUID.

pub fn with_action(self, action: impl Into<String>) -> AuditEvent

Set action verb.

pub fn with_prev_hash(self, prev_event_json: &str) -> AuditEvent

Compute and set the cryptographic hash chain link.

The hash is SHA-256 of the JSON-serialized previous event. Call this before logging to maintain an append-only chain.

pub fn to_json(&self) -> Result<String, Error>

Serialize this event to JSON (for hash chaining).

Trait Implementations§

impl Clone for AuditEvent

fn clone(&self) -> AuditEvent

Returns a duplicate of the value. Read more

1.0.0 (const: unstable) · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more

impl Debug for AuditEvent

fn fmt(&self, f: &mut Formatter<'_>) -> Result<(), Error>

Formats the value using the given formatter. Read more

impl<'de> Deserialize<'de> for AuditEvent

fn deserialize<D>( deserializer: D, ) -> Result<AuditEvent, <D as Deserializer<'de>>::Error>
where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer. Read more

impl Serialize for AuditEvent

fn serialize<S>( &self, serializer: S, ) -> Result<<S as Serializer>::Ok, <S as Serializer>::Error>
where S: Serializer,

Serialize this value into the given Serde serializer. Read more

Auto Trait Implementations§

impl Freeze for AuditEvent

impl RefUnwindSafe for AuditEvent

impl Send for AuditEvent

impl Sync for AuditEvent

impl Unpin for AuditEvent

impl UnsafeUnpin for AuditEvent

impl UnwindSafe for AuditEvent

Blanket Implementations§

impl<T> Any for T
where T: 'static + ?Sized,

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more

impl<T> Borrow<T> for T
where T: ?Sized,

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more

impl<T> BorrowMut<T> for T
where T: ?Sized,

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more

impl<T> CloneToUninit for T
where T: Clone,

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)

Performs copy-assignment from self to dest. Read more

impl<T> DynClone for T
where T: Clone,

fn __clone_box(&self, _: Private) -> *mut ()

impl<T> From<T> for T

fn from(t: T) -> T

Returns the argument unchanged.

impl<T> FromRef<T> for T
where T: Clone,

fn from_ref(input: &T) -> T

Converts to this type from a reference to the input type.

impl<T> Instrument for T

fn instrument(self, span: Span) -> Instrumented<Self> ⓘ

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more

fn in_current_span(self) -> Instrumented<Self> ⓘ

Instruments this type with the current Span, returning an Instrumented wrapper. Read more

impl<T, U> Into<U> for T
where U: From<T>,

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

impl<T> PolicyExt for T
where T: ?Sized,

fn and<P, B, E>(self, other: P) -> And<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow only if self and other return Action::Follow. Read more

fn or<P, B, E>(self, other: P) -> Or<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow if either self or other returns Action::Follow. Read more

impl<T> Same for T

type Output = T

Should always be Self

impl<T> ToOwned for T
where T: Clone,

type Owned = T

The resulting type after obtaining ownership.

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more

impl<T, U> TryFrom<U> for T
where U: Into<T>,

type Error = Infallible

The type returned in the event of a conversion error.

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

fn vzip(self) -> V

impl<T> WithSubscriber for T

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self> ⓘ
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more

fn with_current_subscriber(self) -> WithDispatch<Self> ⓘ

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more

impl<T> DeserializeOwned for T
where T: for<'de> Deserialize<'de>,