Struct CallEvent 

#[non_exhaustive]
pub struct CallEvent {

    pub ts: String,
    pub call_id: String,
    pub tool_id: String,
    pub caller_id: Option<String>,
    pub granted_capabilities: Vec<String>,
    pub duration_ms: u64,
    pub outcome: Outcome,
    pub tier: String,
    pub dry_run: bool,
    pub schema_version: u32,
    pub secrets_resolved: bool,
    pub cursor_page: Option<u32>,
    pub capability_provenance: Option<Vec<CapProvenance>>,
}

One per-call audit event. Emitted at every Request::RunTool return point (success, invalid_args, execution_failed, cap_denied, rate_limited, tool_not_found). Ping / Hello / ToolList / ToolSchema do NOT emit events in v1.

Fields (Non-exhaustive)

Non-exhaustive structs could have additional fields added in future. Therefore, non-exhaustive structs cannot be constructed in external crates using the traditional Struct { .. } syntax; cannot be matched against without a wildcard ..; and struct update syntax will not work.

ts: String

call_id: String

tool_id: String

caller_id: Option<String>

granted_capabilities: Vec<String>

duration_ms: u64

outcome: Outcome

tier: String

dry_run: bool

schema_version: u32

secrets_resolved: bool

true iff a TokenBroker was configured AND it returned Ok(Some(_)) for this caller (SP-token-broker-phase1). Always false for early-return paths (capability denied, dry-run, rate-limited, tool-not-found) and for servers without a broker. No key names or values are recorded.

cursor_page: Option<u32>

SP-pagination-v1 — 1-based page index for paginated calls. None for non-paginated dispatches (the vast majority of events; saves bytes in the audit log). Some(1) for the initial RunTool that returned a cursor; Some(2..) for each RunToolContinue.

capability_provenance: Option<Vec<CapProvenance>>

SP-observability-completeness-v1 Axis C — per-capability source attribution. None when provenance wasn’t tracked (back-compat, early-return paths with no capability context); Some(vec) when dispatch recorded which mechanism granted each capability. Lets an operator trace each granted capability to the operator string allow-list or a specific UCAN chain link.

Implementations

impl CallEvent

pub fn new( ts: impl Into<String>, call_id: impl Into<String>, tool_id: impl Into<String>, duration_ms: u64, outcome: Outcome, tier: impl Into<String>, ) -> Self

Stable constructor. CallEvent is #[non_exhaustive]: external crates — adopters that emit their own audit events through an AuditSink (e.g. celia’s federation orchestrator) — MUST build it via new + the with_* setters rather than a struct literal, so that adding an audit field in a future minor is not a breaking change for them (the capability_provenance/cursor_page additions that broke struct-literal constructors are the motivation). Required fields are constructor args; everything else defaults — caller_id=None, granted_capabilities=[], dry_run=false, secrets_resolved=false, cursor_page=None, capability_provenance=None, schema_version=SCHEMA_VERSION.

pub fn with_caller_id(self, caller_id: Option<String>) -> Self

pub fn with_granted_capabilities(self, caps: Vec<String>) -> Self

pub fn with_dry_run(self, dry_run: bool) -> Self

pub fn with_secrets_resolved(self, resolved: bool) -> Self

pub fn with_cursor_page(self, page: Option<u32>) -> Self

pub fn with_capability_provenance( self, provenance: Option<Vec<CapProvenance>>, ) -> Self

Trait Implementations

impl Clone for CallEvent

fn clone(&self) -> CallEvent

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for CallEvent

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl<'de> Deserialize<'de> for CallEvent

fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>

where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer.

impl Serialize for CallEvent

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error>

where __S: Serializer,

Serialize this value into the given Serde serializer.