1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
use JsonSchema;
use Serialize;
/// Represents a standardized security event for SIEM ingestion.
///
/// Args:
/// * `timestamp` - Unix epoch seconds when the event was recorded.
/// * `actor_did` - The KERI decentralized identifier initiating the action.
/// * `action` - The specific capability or operation attempted.
/// * `status` - The resolution of the event (e.g., "Success", "Denied").
/// * `trace_id` - Optional W3C traceparent-compatible trace identifier.
///
/// Usage:
/// ```rust
/// use auths_telemetry::build_audit_event;
/// let event = build_audit_event("did:keri:abc...", "assume_role", "Denied", 0);
/// ```
/// Constructs a standardized audit event for security tracking.
///
/// Args:
/// * `actor_did` - The identifier of the actor.
/// * `action` - The capability being exercised.
/// * `status` - The policy evaluation outcome.
/// * `timestamp` - Unix epoch seconds for this event (caller supplies).
///
/// Usage:
/// ```rust
/// use auths_telemetry::build_audit_event;
/// let event = build_audit_event("did:keri:abc...", "session_verification", "Success", 0);
/// ```