chore(deps): bump github.com/openfga/openfga from 1.11.2 to 1.14.0

Bumps [github.com/openfga/openfga](https://github.com/openfga/openfga) from 1.11.2 to 1.14.0.
- [Release notes](https://github.com/openfga/openfga/releases)
- [Changelog](https://github.com/openfga/openfga/blob/main/CHANGELOG.md)
- [Commits](https://github.com/openfga/openfga/compare/v1.11.2...v1.14.0)

---
updated-dependencies:
- dependency-name: github.com/openfga/openfga
  dependency-version: 1.14.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

.gitignore

@@ -51,8 +51,6 @@ ee/query-service/tests/test-deploy/data/
 # local data
 *.backup
 *.db
-*.db-shm
-*.db-wal
 **/db
 /deploy/docker/clickhouse-setup/data/
 /deploy/docker-swarm/clickhouse-setup/data/

deploy/docker-swarm/docker-compose.ha.yaml

@@ -190,7 +190,7 @@ services:
       # - ../common/clickhouse/storage.xml:/etc/clickhouse-server/config.d/storage.xml
   signoz:
     !!merge <<: *db-depend
-    image: signoz/signoz:v0.118.0
+    image: signoz/signoz:v0.117.1
     ports:
       - "8080:8080" # signoz port
     #   - "6060:6060"     # pprof port

deploy/docker-swarm/docker-compose.yaml

@@ -117,7 +117,7 @@ services:
       # - ../common/clickhouse/storage.xml:/etc/clickhouse-server/config.d/storage.xml
   signoz:
     !!merge <<: *db-depend
-    image: signoz/signoz:v0.118.0
+    image: signoz/signoz:v0.117.1
     ports:
       - "8080:8080" # signoz port
     volumes:

deploy/docker/docker-compose.ha.yaml

@@ -181,7 +181,7 @@ services:
       # - ../common/clickhouse/storage.xml:/etc/clickhouse-server/config.d/storage.xml
   signoz:
     !!merge <<: *db-depend
-    image: signoz/signoz:${VERSION:-v0.118.0}
+    image: signoz/signoz:${VERSION:-v0.117.1}
     container_name: signoz
     ports:
       - "8080:8080" # signoz port

deploy/docker/docker-compose.yaml

@@ -109,7 +109,7 @@ services:
       # - ../common/clickhouse/storage.xml:/etc/clickhouse-server/config.d/storage.xml
   signoz:
     !!merge <<: *db-depend
-    image: signoz/signoz:${VERSION:-v0.118.0}
+    image: signoz/signoz:${VERSION:-v0.117.1}
     container_name: signoz
     ports:
       - "8080:8080" # signoz port

docs/api/openapi.yml

@@ -403,65 +403,27 @@ components:
       required:
       - regions
       type: object
-    CloudintegrationtypesAWSCloudWatchLogsSubscription:
+    CloudintegrationtypesAWSCollectionStrategy:
       properties:
-        filterPattern:
-          type: string
-        logGroupNamePrefix:
-          type: string
-      required:
-      - logGroupNamePrefix
-      - filterPattern
-      type: object
-    CloudintegrationtypesAWSCloudWatchMetricStreamFilter:
-      properties:
-        metricNames:
-          items:
-            type: string
-          type: array
-        namespace:
-          type: string
-      required:
-      - namespace
+        aws_logs:
+          $ref: '#/components/schemas/CloudintegrationtypesAWSLogsStrategy'
+        aws_metrics:
+          $ref: '#/components/schemas/CloudintegrationtypesAWSMetricsStrategy'
+        s3_buckets:
+          additionalProperties:
+            items:
+              type: string
+            type: array
+          type: object
       type: object
     CloudintegrationtypesAWSConnectionArtifact:
       properties:
-        connectionUrl:
+        connectionURL:
           type: string
       required:
-      - connectionUrl
+      - connectionURL
       type: object
-    CloudintegrationtypesAWSIntegrationConfig:
-      properties:
-        enabledRegions:
-          items:
-            type: string
-          type: array
-        telemetryCollectionStrategy:
-          $ref: '#/components/schemas/CloudintegrationtypesAWSTelemetryCollectionStrategy'
-      required:
-      - enabledRegions
-      - telemetryCollectionStrategy
-      type: object
-    CloudintegrationtypesAWSLogsCollectionStrategy:
-      properties:
-        subscriptions:
-          items:
-            $ref: '#/components/schemas/CloudintegrationtypesAWSCloudWatchLogsSubscription'
-          type: array
-      required:
-      - subscriptions
-      type: object
-    CloudintegrationtypesAWSMetricsCollectionStrategy:
-      properties:
-        streamFilters:
-          items:
-            $ref: '#/components/schemas/CloudintegrationtypesAWSCloudWatchMetricStreamFilter'
-          type: array
-      required:
-      - streamFilters
-      type: object
-    CloudintegrationtypesAWSPostableAccountConfig:
+    CloudintegrationtypesAWSConnectionArtifactRequest:
       properties:
         deploymentRegion:
           type: string
@@ -473,6 +435,46 @@ components:
       - deploymentRegion
       - regions
       type: object
+    CloudintegrationtypesAWSIntegrationConfig:
+      properties:
+        enabledRegions:
+          items:
+            type: string
+          type: array
+        telemetry:
+          $ref: '#/components/schemas/CloudintegrationtypesAWSCollectionStrategy'
+      required:
+      - enabledRegions
+      - telemetry
+      type: object
+    CloudintegrationtypesAWSLogsStrategy:
+      properties:
+        cloudwatch_logs_subscriptions:
+          items:
+            properties:
+              filter_pattern:
+                type: string
+              log_group_name_prefix:
+                type: string
+            type: object
+          nullable: true
+          type: array
+      type: object
+    CloudintegrationtypesAWSMetricsStrategy:
+      properties:
+        cloudwatch_metric_stream_filters:
+          items:
+            properties:
+              MetricNames:
+                items:
+                  type: string
+                type: array
+              Namespace:
+                type: string
+            type: object
+          nullable: true
+          type: array
+      type: object
     CloudintegrationtypesAWSServiceConfig:
       properties:
         logs:
@@ -484,7 +486,7 @@ components:
       properties:
         enabled:
           type: boolean
-        s3Buckets:
+        s3_buckets:
           additionalProperties:
             items:
               type: string
@@ -496,19 +498,6 @@ components:
         enabled:
           type: boolean
       type: object
-    CloudintegrationtypesAWSTelemetryCollectionStrategy:
-      properties:
-        logs:
-          $ref: '#/components/schemas/CloudintegrationtypesAWSLogsCollectionStrategy'
-        metrics:
-          $ref: '#/components/schemas/CloudintegrationtypesAWSMetricsCollectionStrategy'
-        s3Buckets:
-          additionalProperties:
-            items:
-              type: string
-            type: array
-          type: object
-      type: object
     CloudintegrationtypesAccount:
       properties:
         agentReport:
@@ -572,26 +561,6 @@ components:
           nullable: true
           type: array
       type: object
-    CloudintegrationtypesCloudIntegrationService:
-      nullable: true
-      properties:
-        cloudIntegrationId:
-          type: string
-        config:
-          $ref: '#/components/schemas/CloudintegrationtypesServiceConfig'
-        createdAt:
-          format: date-time
-          type: string
-        id:
-          type: string
-        type:
-          $ref: '#/components/schemas/CloudintegrationtypesServiceID'
-        updatedAt:
-          format: date-time
-          type: string
-      required:
-      - id
-      type: object
     CloudintegrationtypesCollectedLogAttribute:
       properties:
         name:
@@ -612,6 +581,13 @@ components:
         unit:
           type: string
       type: object
+    CloudintegrationtypesCollectionStrategy:
+      properties:
+        aws:
+          $ref: '#/components/schemas/CloudintegrationtypesAWSCollectionStrategy'
+      required:
+      - aws
+      type: object
     CloudintegrationtypesConnectionArtifact:
       properties:
         aws:
@@ -619,21 +595,12 @@ components:
       required:
       - aws
       type: object
-    CloudintegrationtypesCredentials:
+    CloudintegrationtypesConnectionArtifactRequest:
       properties:
-        ingestionKey:
-          type: string
-        ingestionUrl:
-          type: string
-        sigNozApiKey:
-          type: string
-        sigNozApiUrl:
-          type: string
+        aws:
+          $ref: '#/components/schemas/CloudintegrationtypesAWSConnectionArtifactRequest'
       required:
-      - sigNozApiUrl
-      - sigNozApiKey
-      - ingestionUrl
-      - ingestionKey
+      - aws
       type: object
     CloudintegrationtypesDashboard:
       properties:
@@ -659,7 +626,7 @@ components:
           nullable: true
           type: array
       type: object
-    CloudintegrationtypesGettableAccountWithConnectionArtifact:
+    CloudintegrationtypesGettableAccountWithArtifact:
       properties:
         connectionArtifact:
           $ref: '#/components/schemas/CloudintegrationtypesConnectionArtifact'
@@ -678,7 +645,7 @@ components:
       required:
       - accounts
       type: object
-    CloudintegrationtypesGettableAgentCheckIn:
+    CloudintegrationtypesGettableAgentCheckInResponse:
       properties:
         account_id:
           type: string
@@ -727,72 +694,12 @@ components:
             type: string
           type: array
         telemetry:
-          $ref: '#/components/schemas/CloudintegrationtypesOldAWSCollectionStrategy'
+          $ref: '#/components/schemas/CloudintegrationtypesAWSCollectionStrategy'
       required:
       - enabled_regions
       - telemetry
       type: object
-    CloudintegrationtypesOldAWSCollectionStrategy:
-      properties:
-        aws_logs:
-          $ref: '#/components/schemas/CloudintegrationtypesOldAWSLogsStrategy'
-        aws_metrics:
-          $ref: '#/components/schemas/CloudintegrationtypesOldAWSMetricsStrategy'
-        provider:
-          type: string
-        s3_buckets:
-          additionalProperties:
-            items:
-              type: string
-            type: array
-          type: object
-      type: object
-    CloudintegrationtypesOldAWSLogsStrategy:
-      properties:
-        cloudwatch_logs_subscriptions:
-          items:
-            properties:
-              filter_pattern:
-                type: string
-              log_group_name_prefix:
-                type: string
-            type: object
-          nullable: true
-          type: array
-      type: object
-    CloudintegrationtypesOldAWSMetricsStrategy:
-      properties:
-        cloudwatch_metric_stream_filters:
-          items:
-            properties:
-              MetricNames:
-                items:
-                  type: string
-                type: array
-              Namespace:
-                type: string
-            type: object
-          nullable: true
-          type: array
-      type: object
-    CloudintegrationtypesPostableAccount:
-      properties:
-        config:
-          $ref: '#/components/schemas/CloudintegrationtypesPostableAccountConfig'
-        credentials:
-          $ref: '#/components/schemas/CloudintegrationtypesCredentials'
-      required:
-      - config
-      - credentials
-      type: object
-    CloudintegrationtypesPostableAccountConfig:
-      properties:
-        aws:
-          $ref: '#/components/schemas/CloudintegrationtypesAWSPostableAccountConfig'
-      required:
-      - aws
-      type: object
-    CloudintegrationtypesPostableAgentCheckIn:
+    CloudintegrationtypesPostableAgentCheckInRequest:
       properties:
         account_id:
           type: string
@@ -820,8 +727,6 @@ components:
       properties:
         assets:
           $ref: '#/components/schemas/CloudintegrationtypesAssets'
-        cloudIntegrationService:
-          $ref: '#/components/schemas/CloudintegrationtypesCloudIntegrationService'
         dataCollected:
           $ref: '#/components/schemas/CloudintegrationtypesDataCollected'
         icon:
@@ -830,10 +735,12 @@ components:
           type: string
         overview:
           type: string
-        supportedSignals:
+        serviceConfig:
+          $ref: '#/components/schemas/CloudintegrationtypesServiceConfig'
+        supported_signals:
           $ref: '#/components/schemas/CloudintegrationtypesSupportedSignals'
         telemetryCollectionStrategy:
-          $ref: '#/components/schemas/CloudintegrationtypesTelemetryCollectionStrategy'
+          $ref: '#/components/schemas/CloudintegrationtypesCollectionStrategy'
         title:
           type: string
       required:
@@ -842,10 +749,9 @@ components:
       - icon
       - overview
       - assets
-      - supportedSignals
+      - supported_signals
       - dataCollected
       - telemetryCollectionStrategy
-      - cloudIntegrationService
       type: object
     CloudintegrationtypesServiceConfig:
       properties:
@@ -854,22 +760,6 @@ components:
       required:
       - aws
       type: object
-    CloudintegrationtypesServiceID:
-      enum:
-      - alb
-      - api-gateway
-      - dynamodb
-      - ec2
-      - ecs
-      - eks
-      - elasticache
-      - lambda
-      - msk
-      - rds
-      - s3sync
-      - sns
-      - sqs
-      type: string
     CloudintegrationtypesServiceMetadata:
       properties:
         enabled:
@@ -893,13 +783,6 @@ components:
         metrics:
           type: boolean
       type: object
-    CloudintegrationtypesTelemetryCollectionStrategy:
-      properties:
-        aws:
-          $ref: '#/components/schemas/CloudintegrationtypesAWSTelemetryCollectionStrategy'
-      required:
-      - aws
-      type: object
     CloudintegrationtypesUpdatableAccount:
       properties:
         config:
@@ -3198,7 +3081,7 @@ paths:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/CloudintegrationtypesPostableAgentCheckIn'
+              $ref: '#/components/schemas/CloudintegrationtypesPostableAgentCheckInRequest'
       responses:
         "200":
           content:
@@ -3206,7 +3089,7 @@ paths:
               schema:
                 properties:
                   data:
-                    $ref: '#/components/schemas/CloudintegrationtypesGettableAgentCheckIn'
+                    $ref: '#/components/schemas/CloudintegrationtypesGettableAgentCheckInResponse'
                   status:
                     type: string
                 required:
@@ -3307,7 +3190,7 @@ paths:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/CloudintegrationtypesPostableAccount'
+              $ref: '#/components/schemas/CloudintegrationtypesConnectionArtifactRequest'
       responses:
         "200":
           content:
@@ -3315,7 +3198,7 @@ paths:
               schema:
                 properties:
                   data:
-                    $ref: '#/components/schemas/CloudintegrationtypesGettableAccountWithConnectionArtifact'
+                    $ref: '#/components/schemas/CloudintegrationtypesGettableAccountWithArtifact'
                   status:
                     type: string
                 required:
@@ -3511,61 +3394,6 @@ paths:
       summary: Update account
       tags:
       - cloudintegration
-  /api/v1/cloud_integrations/{cloud_provider}/accounts/{id}/services/{service_id}:
-    put:
-      deprecated: false
-      description: This endpoint updates a service for the specified cloud provider
-      operationId: UpdateService
-      parameters:
-      - in: path
-        name: cloud_provider
-        required: true
-        schema:
-          type: string
-      - in: path
-        name: id
-        required: true
-        schema:
-          type: string
-      - in: path
-        name: service_id
-        required: true
-        schema:
-          type: string
-      requestBody:
-        content:
-          application/json:
-            schema:
-              $ref: '#/components/schemas/CloudintegrationtypesUpdatableService'
-      responses:
-        "204":
-          description: No Content
-        "401":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Unauthorized
-        "403":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Forbidden
-        "500":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Internal Server Error
-      security:
-      - api_key:
-        - ADMIN
-      - tokenizer:
-        - ADMIN
-      summary: Update service
-      tags:
-      - cloudintegration
   /api/v1/cloud_integrations/{cloud_provider}/accounts/check_in:
     post:
       deprecated: false
@@ -3581,7 +3409,7 @@ paths:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/CloudintegrationtypesPostableAgentCheckIn'
+              $ref: '#/components/schemas/CloudintegrationtypesPostableAgentCheckInRequest'
       responses:
         "200":
           content:
@@ -3589,7 +3417,7 @@ paths:
               schema:
                 properties:
                   data:
-                    $ref: '#/components/schemas/CloudintegrationtypesGettableAgentCheckIn'
+                    $ref: '#/components/schemas/CloudintegrationtypesGettableAgentCheckInResponse'
                   status:
                     type: string
                 required:
@@ -3623,59 +3451,6 @@ paths:
       summary: Agent check-in
       tags:
       - cloudintegration
-  /api/v1/cloud_integrations/{cloud_provider}/credentials:
-    get:
-      deprecated: false
-      description: This endpoint retrieves the connection credentials required for
-        integration
-      operationId: GetConnectionCredentials
-      parameters:
-      - in: path
-        name: cloud_provider
-        required: true
-        schema:
-          type: string
-      responses:
-        "200":
-          content:
-            application/json:
-              schema:
-                properties:
-                  data:
-                    $ref: '#/components/schemas/CloudintegrationtypesCredentials'
-                  status:
-                    type: string
-                required:
-                - status
-                - data
-                type: object
-          description: OK
-        "401":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Unauthorized
-        "403":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Forbidden
-        "500":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Internal Server Error
-      security:
-      - api_key:
-        - ADMIN
-      - tokenizer:
-        - ADMIN
-      summary: Get connection credentials
-      tags:
-      - cloudintegration
   /api/v1/cloud_integrations/{cloud_provider}/services:
     get:
       deprecated: false
@@ -3786,6 +3561,55 @@ paths:
       summary: Get service
       tags:
       - cloudintegration
+    put:
+      deprecated: false
+      description: This endpoint updates a service for the specified cloud provider
+      operationId: UpdateService
+      parameters:
+      - in: path
+        name: cloud_provider
+        required: true
+        schema:
+          type: string
+      - in: path
+        name: service_id
+        required: true
+        schema:
+          type: string
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/CloudintegrationtypesUpdatableService'
+      responses:
+        "204":
+          description: No Content
+        "401":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Unauthorized
+        "403":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Forbidden
+        "500":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Internal Server Error
+      security:
+      - api_key:
+        - ADMIN
+      - tokenizer:
+        - ADMIN
+      summary: Update service
+      tags:
+      - cloudintegration
   /api/v1/complete/google:
     get:
       deprecated: false

ee/query-service/rules/anomaly.go

@@ -49,6 +49,7 @@ func NewAnomalyRule(
 	logger *slog.Logger,
 	opts ...baserules.RuleOption,
 ) (*AnomalyRule, error) {
+
 	logger.Info("creating new AnomalyRule", slog.String("rule.id", id))
 
 	opts = append(opts, baserules.WithLogger(logger))
@@ -58,44 +59,44 @@ func NewAnomalyRule(
 		return nil, err
 	}
 
-	r := AnomalyRule{
+	t := AnomalyRule{
 		BaseRule: baseRule,
-		querier:  querier,
-		version:  p.Version,
-		logger:   logger.With(slog.String("rule.id", id)),
 	}
 
 	switch p.RuleCondition.Seasonality {
 	case ruletypes.SeasonalityHourly:
-		r.seasonality = anomaly.SeasonalityHourly
+		t.seasonality = anomaly.SeasonalityHourly
 	case ruletypes.SeasonalityDaily:
-		r.seasonality = anomaly.SeasonalityDaily
+		t.seasonality = anomaly.SeasonalityDaily
 	case ruletypes.SeasonalityWeekly:
-		r.seasonality = anomaly.SeasonalityWeekly
+		t.seasonality = anomaly.SeasonalityWeekly
 	default:
-		r.seasonality = anomaly.SeasonalityDaily
+		t.seasonality = anomaly.SeasonalityDaily
 	}
 
-	r.logger.Info("using seasonality", slog.String("rule.seasonality", r.seasonality.StringValue()))
+	logger.Info("using seasonality", slog.String("rule.id", id), slog.String("rule.seasonality", t.seasonality.StringValue()))
 
-	if r.seasonality == anomaly.SeasonalityHourly {
-		r.provider = anomaly.NewHourlyProvider(
+	if t.seasonality == anomaly.SeasonalityHourly {
+		t.provider = anomaly.NewHourlyProvider(
 			anomaly.WithQuerier[*anomaly.HourlyProvider](querier),
-			anomaly.WithLogger[*anomaly.HourlyProvider](r.logger),
+			anomaly.WithLogger[*anomaly.HourlyProvider](logger),
 		)
-	} else if r.seasonality == anomaly.SeasonalityDaily {
-		r.provider = anomaly.NewDailyProvider(
+	} else if t.seasonality == anomaly.SeasonalityDaily {
+		t.provider = anomaly.NewDailyProvider(
 			anomaly.WithQuerier[*anomaly.DailyProvider](querier),
-			anomaly.WithLogger[*anomaly.DailyProvider](r.logger),
+			anomaly.WithLogger[*anomaly.DailyProvider](logger),
 		)
-	} else if r.seasonality == anomaly.SeasonalityWeekly {
-		r.provider = anomaly.NewWeeklyProvider(
+	} else if t.seasonality == anomaly.SeasonalityWeekly {
+		t.provider = anomaly.NewWeeklyProvider(
 			anomaly.WithQuerier[*anomaly.WeeklyProvider](querier),
-			anomaly.WithLogger[*anomaly.WeeklyProvider](r.logger),
+			anomaly.WithLogger[*anomaly.WeeklyProvider](logger),
 		)
 	}
 
-	return &r, nil
+	t.querier = querier
+	t.version = p.Version
+	t.logger = logger
+	return &t, nil
 }
 
 func (r *AnomalyRule) Type() ruletypes.RuleType {
@@ -103,11 +104,8 @@ func (r *AnomalyRule) Type() ruletypes.RuleType {
 }
 
 func (r *AnomalyRule) prepareQueryRange(ctx context.Context, ts time.Time) *qbtypes.QueryRangeRequest {
-	r.logger.InfoContext(
-		ctx, "prepare query range request", slog.Int64("ts", ts.UnixMilli()),
-		slog.Int64("eval.window_ms", r.EvalWindow().Milliseconds()),
-		slog.Int64("eval.delay_ms", r.EvalDelay().Milliseconds()),
-	)
+
+	r.logger.InfoContext(ctx, "prepare query range request", slog.String("rule.id", r.ID()), slog.Int64("ts", ts.UnixMilli()), slog.Int64("eval.window_ms", r.EvalWindow().Milliseconds()), slog.Int64("eval.delay_ms", r.EvalDelay().Milliseconds()))
 
 	startTs, endTs := r.Timestamps(ts)
 	start, end := startTs.UnixMilli(), endTs.UnixMilli()
@@ -147,7 +145,7 @@ func (r *AnomalyRule) buildAndRunQuery(ctx context.Context, orgID valuer.UUID, t
 	}
 
 	if queryResult == nil {
-		r.logger.WarnContext(ctx, "nil qb result", slog.Int64("ts", ts.UnixMilli()))
+		r.logger.WarnContext(ctx, "nil qb result", slog.String("rule.id", r.ID()), slog.Int64("ts", ts.UnixMilli()))
 		return ruletypes.Vector{}, nil
 	}
 
@@ -158,7 +156,7 @@ func (r *AnomalyRule) buildAndRunQuery(ctx context.Context, orgID valuer.UUID, t
 	if missingDataAlert := r.HandleMissingDataAlert(ctx, ts, hasData); missingDataAlert != nil {
 		return ruletypes.Vector{*missingDataAlert}, nil
 	} else if !hasData {
-		r.logger.WarnContext(ctx, "no anomaly result")
+		r.logger.WarnContext(ctx, "no anomaly result", slog.String("rule.id", r.ID()))
 		return ruletypes.Vector{}, nil
 	}
 
@@ -166,7 +164,7 @@ func (r *AnomalyRule) buildAndRunQuery(ctx context.Context, orgID valuer.UUID, t
 
 	scoresJSON, _ := json.Marshal(queryResult.Aggregations[0].AnomalyScores)
 	// TODO(srikanthccv): this could be noisy but we do this to answer false alert requests
-	r.logger.InfoContext(ctx, "anomaly scores", slog.String("anomaly.scores", string(scoresJSON)))
+	r.logger.InfoContext(ctx, "anomaly scores", slog.String("rule.id", r.ID()), slog.String("anomaly.scores", string(scoresJSON)))
 
 	// Filter out new series if newGroupEvalDelay is configured
 	seriesToProcess := queryResult.Aggregations[0].AnomalyScores
@@ -174,7 +172,7 @@ func (r *AnomalyRule) buildAndRunQuery(ctx context.Context, orgID valuer.UUID, t
 		filteredSeries, filterErr := r.BaseRule.FilterNewSeries(ctx, ts, seriesToProcess)
 		// In case of error we log the error and continue with the original series
 		if filterErr != nil {
-			r.logger.ErrorContext(ctx, "error filtering new series", errors.Attr(filterErr))
+			r.logger.ErrorContext(ctx, "error filtering new series", slog.String("rule.id", r.ID()), errors.Attr(filterErr))
 		} else {
 			seriesToProcess = filteredSeries
 		}
@@ -182,11 +180,7 @@ func (r *AnomalyRule) buildAndRunQuery(ctx context.Context, orgID valuer.UUID, t
 
 	for _, series := range seriesToProcess {
 		if !r.Condition().ShouldEval(series) {
-			r.logger.InfoContext(
-				ctx, "not enough data points to evaluate series, skipping",
-				slog.Int("series.num_points", len(series.Values)),
-				slog.Int("series.required_points", r.Condition().RequiredNumPoints),
-			)
+			r.logger.InfoContext(ctx, "not enough data points to evaluate series, skipping", slog.String("rule.id", r.ID()), slog.Int("series.num_points", len(series.Values)), slog.Int("series.required_points", r.Condition().RequiredNumPoints))
 			continue
 		}
 		results, err := r.Threshold.Eval(series, r.Unit(), ruletypes.EvalData{
@@ -210,7 +204,7 @@ func (r *AnomalyRule) Eval(ctx context.Context, ts time.Time) (int, error) {
 	var res ruletypes.Vector
 	var err error
 
-	r.logger.InfoContext(ctx, "running query")
+	r.logger.InfoContext(ctx, "running query", slog.String("rule.id", r.ID()))
 	res, err = r.buildAndRunQuery(ctx, r.OrgID(), ts)
 
 	if err != nil {
@@ -236,10 +230,7 @@ func (r *AnomalyRule) Eval(ctx context.Context, ts time.Time) (int, error) {
 		}
 		value := valueFormatter.Format(smpl.V, r.Unit())
 		threshold := valueFormatter.Format(smpl.Target, smpl.TargetUnit)
-		r.logger.DebugContext(
-			ctx, "alert template data for rule", slog.String("formatter.name", valueFormatter.Name()),
-			slog.String("alert.value", value), slog.String("alert.threshold", threshold),
-		)
+		r.logger.DebugContext(ctx, "alert template data for rule", slog.String("rule.id", r.ID()), slog.String("formatter.name", valueFormatter.Name()), slog.String("alert.value", value), slog.String("alert.threshold", threshold))
 
 		tmplData := ruletypes.AlertTemplateData(l, value, threshold)
 		// Inject some convenience variables that are easier to remember for users
@@ -259,7 +250,7 @@ func (r *AnomalyRule) Eval(ctx context.Context, ts time.Time) (int, error) {
 			result, err := tmpl.Expand()
 			if err != nil {
 				result = fmt.Sprintf("<error expanding template: %s>", err)
-				r.logger.ErrorContext(ctx, "expanding alert template failed", errors.Attr(err), slog.Any("alert.template_data", tmplData))
+				r.logger.ErrorContext(ctx, "expanding alert template failed", slog.String("rule.id", r.ID()), errors.Attr(err), slog.Any("alert.template_data", tmplData))
 			}
 			return result
 		}
@@ -289,7 +280,7 @@ func (r *AnomalyRule) Eval(ctx context.Context, ts time.Time) (int, error) {
 		resultFPs[h] = struct{}{}
 
 		if _, ok := alerts[h]; ok {
-			r.logger.ErrorContext(ctx, "the alert query returns duplicate records", slog.Any("alert", alerts[h]))
+			r.logger.ErrorContext(ctx, "the alert query returns duplicate records", slog.String("rule.id", r.ID()), slog.Any("alert", alerts[h]))
 			err = errors.NewInternalf(errors.CodeInternal, "duplicate alert found, vector contains metrics with the same labelset after applying alert labels")
 			return 0, err
 		}
@@ -308,7 +299,7 @@ func (r *AnomalyRule) Eval(ctx context.Context, ts time.Time) (int, error) {
 		}
 	}
 
-	r.logger.InfoContext(ctx, "number of alerts found", slog.Int("alert.count", len(alerts)))
+	r.logger.InfoContext(ctx, "number of alerts found", slog.String("rule.id", r.ID()), slog.Int("alert.count", len(alerts)))
 	// alerts[h] is ready, add or update active list now
 	for h, a := range alerts {
 		// Check whether we already have alerting state for the identifying label set.
@@ -335,7 +326,7 @@ func (r *AnomalyRule) Eval(ctx context.Context, ts time.Time) (int, error) {
 	for fp, a := range r.Active {
 		labelsJSON, err := json.Marshal(a.QueryResultLabels)
 		if err != nil {
-			r.logger.ErrorContext(ctx, "error marshaling labels", errors.Attr(err), slog.Any("alert.labels", a.Labels))
+			r.logger.ErrorContext(ctx, "error marshaling labels", slog.String("rule.id", r.ID()), errors.Attr(err), slog.Any("alert.labels", a.Labels))
 		}
 		if _, ok := resultFPs[fp]; !ok {
 			// If the alert was previously firing, keep it around for a given
@@ -390,7 +381,7 @@ func (r *AnomalyRule) Eval(ctx context.Context, ts time.Time) (int, error) {
 				state = ruletypes.StateFiring
 			}
 			a.State = state
-			r.logger.DebugContext(ctx, "converting alert state", slog.Any("alert.state", state))
+			r.logger.DebugContext(ctx, "converting alert state", slog.String("rule.id", r.ID()), slog.Any("alert.state", state))
 			itemsToAdd = append(itemsToAdd, rulestatehistorytypes.RuleStateHistory{
 				RuleID:       r.ID(),
 				RuleName:     r.Name(),
@@ -413,7 +404,7 @@ func (r *AnomalyRule) Eval(ctx context.Context, ts time.Time) (int, error) {
 		itemsToAdd[idx] = item
 	}
 
-	_ = r.RecordRuleStateHistory(ctx, itemsToAdd)
+	r.RecordRuleStateHistory(ctx, prevState, currentState, itemsToAdd)
 
 	return len(r.Active), nil
 }

frontend/src/api/generated/services/cloudintegration/index.ts

@@ -24,8 +24,8 @@ import type {
 	AgentCheckInDeprecated200,
 	AgentCheckInDeprecatedPathParameters,
 	AgentCheckInPathParameters,
-	CloudintegrationtypesPostableAccountDTO,
-	CloudintegrationtypesPostableAgentCheckInDTO,
+	CloudintegrationtypesConnectionArtifactRequestDTO,
+	CloudintegrationtypesPostableAgentCheckInRequestDTO,
 	CloudintegrationtypesUpdatableAccountDTO,
 	CloudintegrationtypesUpdatableServiceDTO,
 	CreateAccount200,
@@ -33,8 +33,6 @@ import type {
 	DisconnectAccountPathParameters,
 	GetAccount200,
 	GetAccountPathParameters,
-	GetConnectionCredentials200,
-	GetConnectionCredentialsPathParameters,
 	GetService200,
 	GetServicePathParameters,
 	ListAccounts200,
@@ -53,14 +51,14 @@ import type {
  */
 export const agentCheckInDeprecated = (
 	{ cloudProvider }: AgentCheckInDeprecatedPathParameters,
-	cloudintegrationtypesPostableAgentCheckInDTO: BodyType<CloudintegrationtypesPostableAgentCheckInDTO>,
+	cloudintegrationtypesPostableAgentCheckInRequestDTO: BodyType<CloudintegrationtypesPostableAgentCheckInRequestDTO>,
 	signal?: AbortSignal,
 ) => {
 	return GeneratedAPIInstance<AgentCheckInDeprecated200>({
 		url: `/api/v1/cloud-integrations/${cloudProvider}/agent-check-in`,
 		method: 'POST',
 		headers: { 'Content-Type': 'application/json' },
-		data: cloudintegrationtypesPostableAgentCheckInDTO,
+		data: cloudintegrationtypesPostableAgentCheckInRequestDTO,
 		signal,
 	});
 };
@@ -74,7 +72,7 @@ export const getAgentCheckInDeprecatedMutationOptions = <
 		TError,
 		{
 			pathParams: AgentCheckInDeprecatedPathParameters;
-			data: BodyType<CloudintegrationtypesPostableAgentCheckInDTO>;
+			data: BodyType<CloudintegrationtypesPostableAgentCheckInRequestDTO>;
 		},
 		TContext
 	>;
@@ -83,7 +81,7 @@ export const getAgentCheckInDeprecatedMutationOptions = <
 	TError,
 	{
 		pathParams: AgentCheckInDeprecatedPathParameters;
-		data: BodyType<CloudintegrationtypesPostableAgentCheckInDTO>;
+		data: BodyType<CloudintegrationtypesPostableAgentCheckInRequestDTO>;
 	},
 	TContext
 > => {
@@ -100,7 +98,7 @@ export const getAgentCheckInDeprecatedMutationOptions = <
 		Awaited<ReturnType<typeof agentCheckInDeprecated>>,
 		{
 			pathParams: AgentCheckInDeprecatedPathParameters;
-			data: BodyType<CloudintegrationtypesPostableAgentCheckInDTO>;
+			data: BodyType<CloudintegrationtypesPostableAgentCheckInRequestDTO>;
 		}
 	> = (props) => {
 		const { pathParams, data } = props ?? {};
@@ -114,7 +112,7 @@ export const getAgentCheckInDeprecatedMutationOptions = <
 export type AgentCheckInDeprecatedMutationResult = NonNullable<
 	Awaited<ReturnType<typeof agentCheckInDeprecated>>
 >;
-export type AgentCheckInDeprecatedMutationBody = BodyType<CloudintegrationtypesPostableAgentCheckInDTO>;
+export type AgentCheckInDeprecatedMutationBody = BodyType<CloudintegrationtypesPostableAgentCheckInRequestDTO>;
 export type AgentCheckInDeprecatedMutationError = ErrorType<RenderErrorResponseDTO>;
 
 /**
@@ -130,7 +128,7 @@ export const useAgentCheckInDeprecated = <
 		TError,
 		{
 			pathParams: AgentCheckInDeprecatedPathParameters;
-			data: BodyType<CloudintegrationtypesPostableAgentCheckInDTO>;
+			data: BodyType<CloudintegrationtypesPostableAgentCheckInRequestDTO>;
 		},
 		TContext
 	>;
@@ -139,7 +137,7 @@ export const useAgentCheckInDeprecated = <
 	TError,
 	{
 		pathParams: AgentCheckInDeprecatedPathParameters;
-		data: BodyType<CloudintegrationtypesPostableAgentCheckInDTO>;
+		data: BodyType<CloudintegrationtypesPostableAgentCheckInRequestDTO>;
 	},
 	TContext
 > => {
@@ -257,14 +255,14 @@ export const invalidateListAccounts = async (
  */
 export const createAccount = (
 	{ cloudProvider }: CreateAccountPathParameters,
-	cloudintegrationtypesPostableAccountDTO: BodyType<CloudintegrationtypesPostableAccountDTO>,
+	cloudintegrationtypesConnectionArtifactRequestDTO: BodyType<CloudintegrationtypesConnectionArtifactRequestDTO>,
 	signal?: AbortSignal,
 ) => {
 	return GeneratedAPIInstance<CreateAccount200>({
 		url: `/api/v1/cloud_integrations/${cloudProvider}/accounts`,
 		method: 'POST',
 		headers: { 'Content-Type': 'application/json' },
-		data: cloudintegrationtypesPostableAccountDTO,
+		data: cloudintegrationtypesConnectionArtifactRequestDTO,
 		signal,
 	});
 };
@@ -278,7 +276,7 @@ export const getCreateAccountMutationOptions = <
 		TError,
 		{
 			pathParams: CreateAccountPathParameters;
-			data: BodyType<CloudintegrationtypesPostableAccountDTO>;
+			data: BodyType<CloudintegrationtypesConnectionArtifactRequestDTO>;
 		},
 		TContext
 	>;
@@ -287,7 +285,7 @@ export const getCreateAccountMutationOptions = <
 	TError,
 	{
 		pathParams: CreateAccountPathParameters;
-		data: BodyType<CloudintegrationtypesPostableAccountDTO>;
+		data: BodyType<CloudintegrationtypesConnectionArtifactRequestDTO>;
 	},
 	TContext
 > => {
@@ -304,7 +302,7 @@ export const getCreateAccountMutationOptions = <
 		Awaited<ReturnType<typeof createAccount>>,
 		{
 			pathParams: CreateAccountPathParameters;
-			data: BodyType<CloudintegrationtypesPostableAccountDTO>;
+			data: BodyType<CloudintegrationtypesConnectionArtifactRequestDTO>;
 		}
 	> = (props) => {
 		const { pathParams, data } = props ?? {};
@@ -318,7 +316,7 @@ export const getCreateAccountMutationOptions = <
 export type CreateAccountMutationResult = NonNullable<
 	Awaited<ReturnType<typeof createAccount>>
 >;
-export type CreateAccountMutationBody = BodyType<CloudintegrationtypesPostableAccountDTO>;
+export type CreateAccountMutationBody = BodyType<CloudintegrationtypesConnectionArtifactRequestDTO>;
 export type CreateAccountMutationError = ErrorType<RenderErrorResponseDTO>;
 
 /**
@@ -333,7 +331,7 @@ export const useCreateAccount = <
 		TError,
 		{
 			pathParams: CreateAccountPathParameters;
-			data: BodyType<CloudintegrationtypesPostableAccountDTO>;
+			data: BodyType<CloudintegrationtypesConnectionArtifactRequestDTO>;
 		},
 		TContext
 	>;
@@ -342,7 +340,7 @@ export const useCreateAccount = <
 	TError,
 	{
 		pathParams: CreateAccountPathParameters;
-		data: BodyType<CloudintegrationtypesPostableAccountDTO>;
+		data: BodyType<CloudintegrationtypesConnectionArtifactRequestDTO>;
 	},
 	TContext
 > => {
@@ -630,117 +628,20 @@ export const useUpdateAccount = <
 
 	return useMutation(mutationOptions);
 };
-/**
- * This endpoint updates a service for the specified cloud provider
- * @summary Update service
- */
-export const updateService = (
-	{ cloudProvider, id, serviceId }: UpdateServicePathParameters,
-	cloudintegrationtypesUpdatableServiceDTO: BodyType<CloudintegrationtypesUpdatableServiceDTO>,
-) => {
-	return GeneratedAPIInstance<void>({
-		url: `/api/v1/cloud_integrations/${cloudProvider}/accounts/${id}/services/${serviceId}`,
-		method: 'PUT',
-		headers: { 'Content-Type': 'application/json' },
-		data: cloudintegrationtypesUpdatableServiceDTO,
-	});
-};
-
-export const getUpdateServiceMutationOptions = <
-	TError = ErrorType<RenderErrorResponseDTO>,
-	TContext = unknown
->(options?: {
-	mutation?: UseMutationOptions<
-		Awaited<ReturnType<typeof updateService>>,
-		TError,
-		{
-			pathParams: UpdateServicePathParameters;
-			data: BodyType<CloudintegrationtypesUpdatableServiceDTO>;
-		},
-		TContext
-	>;
-}): UseMutationOptions<
-	Awaited<ReturnType<typeof updateService>>,
-	TError,
-	{
-		pathParams: UpdateServicePathParameters;
-		data: BodyType<CloudintegrationtypesUpdatableServiceDTO>;
-	},
-	TContext
-> => {
-	const mutationKey = ['updateService'];
-	const { mutation: mutationOptions } = options
-		? options.mutation &&
-		  'mutationKey' in options.mutation &&
-		  options.mutation.mutationKey
-			? options
-			: { ...options, mutation: { ...options.mutation, mutationKey } }
-		: { mutation: { mutationKey } };
-
-	const mutationFn: MutationFunction<
-		Awaited<ReturnType<typeof updateService>>,
-		{
-			pathParams: UpdateServicePathParameters;
-			data: BodyType<CloudintegrationtypesUpdatableServiceDTO>;
-		}
-	> = (props) => {
-		const { pathParams, data } = props ?? {};
-
-		return updateService(pathParams, data);
-	};
-
-	return { mutationFn, ...mutationOptions };
-};
-
-export type UpdateServiceMutationResult = NonNullable<
-	Awaited<ReturnType<typeof updateService>>
->;
-export type UpdateServiceMutationBody = BodyType<CloudintegrationtypesUpdatableServiceDTO>;
-export type UpdateServiceMutationError = ErrorType<RenderErrorResponseDTO>;
-
-/**
- * @summary Update service
- */
-export const useUpdateService = <
-	TError = ErrorType<RenderErrorResponseDTO>,
-	TContext = unknown
->(options?: {
-	mutation?: UseMutationOptions<
-		Awaited<ReturnType<typeof updateService>>,
-		TError,
-		{
-			pathParams: UpdateServicePathParameters;
-			data: BodyType<CloudintegrationtypesUpdatableServiceDTO>;
-		},
-		TContext
-	>;
-}): UseMutationResult<
-	Awaited<ReturnType<typeof updateService>>,
-	TError,
-	{
-		pathParams: UpdateServicePathParameters;
-		data: BodyType<CloudintegrationtypesUpdatableServiceDTO>;
-	},
-	TContext
-> => {
-	const mutationOptions = getUpdateServiceMutationOptions(options);
-
-	return useMutation(mutationOptions);
-};
 /**
  * This endpoint is called by the deployed agent to check in
  * @summary Agent check-in
  */
 export const agentCheckIn = (
 	{ cloudProvider }: AgentCheckInPathParameters,
-	cloudintegrationtypesPostableAgentCheckInDTO: BodyType<CloudintegrationtypesPostableAgentCheckInDTO>,
+	cloudintegrationtypesPostableAgentCheckInRequestDTO: BodyType<CloudintegrationtypesPostableAgentCheckInRequestDTO>,
 	signal?: AbortSignal,
 ) => {
 	return GeneratedAPIInstance<AgentCheckIn200>({
 		url: `/api/v1/cloud_integrations/${cloudProvider}/accounts/check_in`,
 		method: 'POST',
 		headers: { 'Content-Type': 'application/json' },
-		data: cloudintegrationtypesPostableAgentCheckInDTO,
+		data: cloudintegrationtypesPostableAgentCheckInRequestDTO,
 		signal,
 	});
 };
@@ -754,7 +655,7 @@ export const getAgentCheckInMutationOptions = <
 		TError,
 		{
 			pathParams: AgentCheckInPathParameters;
-			data: BodyType<CloudintegrationtypesPostableAgentCheckInDTO>;
+			data: BodyType<CloudintegrationtypesPostableAgentCheckInRequestDTO>;
 		},
 		TContext
 	>;
@@ -763,7 +664,7 @@ export const getAgentCheckInMutationOptions = <
 	TError,
 	{
 		pathParams: AgentCheckInPathParameters;
-		data: BodyType<CloudintegrationtypesPostableAgentCheckInDTO>;
+		data: BodyType<CloudintegrationtypesPostableAgentCheckInRequestDTO>;
 	},
 	TContext
 > => {
@@ -780,7 +681,7 @@ export const getAgentCheckInMutationOptions = <
 		Awaited<ReturnType<typeof agentCheckIn>>,
 		{
 			pathParams: AgentCheckInPathParameters;
-			data: BodyType<CloudintegrationtypesPostableAgentCheckInDTO>;
+			data: BodyType<CloudintegrationtypesPostableAgentCheckInRequestDTO>;
 		}
 	> = (props) => {
 		const { pathParams, data } = props ?? {};
@@ -794,7 +695,7 @@ export const getAgentCheckInMutationOptions = <
 export type AgentCheckInMutationResult = NonNullable<
 	Awaited<ReturnType<typeof agentCheckIn>>
 >;
-export type AgentCheckInMutationBody = BodyType<CloudintegrationtypesPostableAgentCheckInDTO>;
+export type AgentCheckInMutationBody = BodyType<CloudintegrationtypesPostableAgentCheckInRequestDTO>;
 export type AgentCheckInMutationError = ErrorType<RenderErrorResponseDTO>;
 
 /**
@@ -809,7 +710,7 @@ export const useAgentCheckIn = <
 		TError,
 		{
 			pathParams: AgentCheckInPathParameters;
-			data: BodyType<CloudintegrationtypesPostableAgentCheckInDTO>;
+			data: BodyType<CloudintegrationtypesPostableAgentCheckInRequestDTO>;
 		},
 		TContext
 	>;
@@ -818,7 +719,7 @@ export const useAgentCheckIn = <
 	TError,
 	{
 		pathParams: AgentCheckInPathParameters;
-		data: BodyType<CloudintegrationtypesPostableAgentCheckInDTO>;
+		data: BodyType<CloudintegrationtypesPostableAgentCheckInRequestDTO>;
 	},
 	TContext
 > => {
@@ -826,114 +727,6 @@ export const useAgentCheckIn = <
 
 	return useMutation(mutationOptions);
 };
-/**
- * This endpoint retrieves the connection credentials required for integration
- * @summary Get connection credentials
- */
-export const getConnectionCredentials = (
-	{ cloudProvider }: GetConnectionCredentialsPathParameters,
-	signal?: AbortSignal,
-) => {
-	return GeneratedAPIInstance<GetConnectionCredentials200>({
-		url: `/api/v1/cloud_integrations/${cloudProvider}/credentials`,
-		method: 'GET',
-		signal,
-	});
-};
-
-export const getGetConnectionCredentialsQueryKey = ({
-	cloudProvider,
-}: GetConnectionCredentialsPathParameters) => {
-	return [`/api/v1/cloud_integrations/${cloudProvider}/credentials`] as const;
-};
-
-export const getGetConnectionCredentialsQueryOptions = <
-	TData = Awaited<ReturnType<typeof getConnectionCredentials>>,
-	TError = ErrorType<RenderErrorResponseDTO>
->(
-	{ cloudProvider }: GetConnectionCredentialsPathParameters,
-	options?: {
-		query?: UseQueryOptions<
-			Awaited<ReturnType<typeof getConnectionCredentials>>,
-			TError,
-			TData
-		>;
-	},
-) => {
-	const { query: queryOptions } = options ?? {};
-
-	const queryKey =
-		queryOptions?.queryKey ??
-		getGetConnectionCredentialsQueryKey({ cloudProvider });
-
-	const queryFn: QueryFunction<
-		Awaited<ReturnType<typeof getConnectionCredentials>>
-	> = ({ signal }) => getConnectionCredentials({ cloudProvider }, signal);
-
-	return {
-		queryKey,
-		queryFn,
-		enabled: !!cloudProvider,
-		...queryOptions,
-	} as UseQueryOptions<
-		Awaited<ReturnType<typeof getConnectionCredentials>>,
-		TError,
-		TData
-	> & { queryKey: QueryKey };
-};
-
-export type GetConnectionCredentialsQueryResult = NonNullable<
-	Awaited<ReturnType<typeof getConnectionCredentials>>
->;
-export type GetConnectionCredentialsQueryError = ErrorType<RenderErrorResponseDTO>;
-
-/**
- * @summary Get connection credentials
- */
-
-export function useGetConnectionCredentials<
-	TData = Awaited<ReturnType<typeof getConnectionCredentials>>,
-	TError = ErrorType<RenderErrorResponseDTO>
->(
-	{ cloudProvider }: GetConnectionCredentialsPathParameters,
-	options?: {
-		query?: UseQueryOptions<
-			Awaited<ReturnType<typeof getConnectionCredentials>>,
-			TError,
-			TData
-		>;
-	},
-): UseQueryResult<TData, TError> & { queryKey: QueryKey } {
-	const queryOptions = getGetConnectionCredentialsQueryOptions(
-		{ cloudProvider },
-		options,
-	);
-
-	const query = useQuery(queryOptions) as UseQueryResult<TData, TError> & {
-		queryKey: QueryKey;
-	};
-
-	query.queryKey = queryOptions.queryKey;
-
-	return query;
-}
-
-/**
- * @summary Get connection credentials
- */
-export const invalidateGetConnectionCredentials = async (
-	queryClient: QueryClient,
-	{ cloudProvider }: GetConnectionCredentialsPathParameters,
-	options?: InvalidateOptions,
-): Promise<QueryClient> => {
-	await queryClient.invalidateQueries(
-		{ queryKey: getGetConnectionCredentialsQueryKey({ cloudProvider }) },
-		options,
-	);
-
-	return queryClient;
-};
-
 /**
  * This endpoint lists the services metadata for the specified cloud provider
  * @summary List services metadata
@@ -1148,3 +941,101 @@ export const invalidateGetService = async (
 
 	return queryClient;
 };
+
+/**
+ * This endpoint updates a service for the specified cloud provider
+ * @summary Update service
+ */
+export const updateService = (
+	{ cloudProvider, serviceId }: UpdateServicePathParameters,
+	cloudintegrationtypesUpdatableServiceDTO: BodyType<CloudintegrationtypesUpdatableServiceDTO>,
+) => {
+	return GeneratedAPIInstance<void>({
+		url: `/api/v1/cloud_integrations/${cloudProvider}/services/${serviceId}`,
+		method: 'PUT',
+		headers: { 'Content-Type': 'application/json' },
+		data: cloudintegrationtypesUpdatableServiceDTO,
+	});
+};
+
+export const getUpdateServiceMutationOptions = <
+	TError = ErrorType<RenderErrorResponseDTO>,
+	TContext = unknown
+>(options?: {
+	mutation?: UseMutationOptions<
+		Awaited<ReturnType<typeof updateService>>,
+		TError,
+		{
+			pathParams: UpdateServicePathParameters;
+			data: BodyType<CloudintegrationtypesUpdatableServiceDTO>;
+		},
+		TContext
+	>;
+}): UseMutationOptions<
+	Awaited<ReturnType<typeof updateService>>,
+	TError,
+	{
+		pathParams: UpdateServicePathParameters;
+		data: BodyType<CloudintegrationtypesUpdatableServiceDTO>;
+	},
+	TContext
+> => {
+	const mutationKey = ['updateService'];
+	const { mutation: mutationOptions } = options
+		? options.mutation &&
+		  'mutationKey' in options.mutation &&
+		  options.mutation.mutationKey
+			? options
+			: { ...options, mutation: { ...options.mutation, mutationKey } }
+		: { mutation: { mutationKey } };
+
+	const mutationFn: MutationFunction<
+		Awaited<ReturnType<typeof updateService>>,
+		{
+			pathParams: UpdateServicePathParameters;
+			data: BodyType<CloudintegrationtypesUpdatableServiceDTO>;
+		}
+	> = (props) => {
+		const { pathParams, data } = props ?? {};
+
+		return updateService(pathParams, data);
+	};
+
+	return { mutationFn, ...mutationOptions };
+};
+
+export type UpdateServiceMutationResult = NonNullable<
+	Awaited<ReturnType<typeof updateService>>
+>;
+export type UpdateServiceMutationBody = BodyType<CloudintegrationtypesUpdatableServiceDTO>;
+export type UpdateServiceMutationError = ErrorType<RenderErrorResponseDTO>;
+
+/**
+ * @summary Update service
+ */
+export const useUpdateService = <
+	TError = ErrorType<RenderErrorResponseDTO>,
+	TContext = unknown
+>(options?: {
+	mutation?: UseMutationOptions<
+		Awaited<ReturnType<typeof updateService>>,
+		TError,
+		{
+			pathParams: UpdateServicePathParameters;
+			data: BodyType<CloudintegrationtypesUpdatableServiceDTO>;
+		},
+		TContext
+	>;
+}): UseMutationResult<
+	Awaited<ReturnType<typeof updateService>>,
+	TError,
+	{
+		pathParams: UpdateServicePathParameters;
+		data: BodyType<CloudintegrationtypesUpdatableServiceDTO>;
+	},
+	TContext
+> => {
+	const mutationOptions = getUpdateServiceMutationOptions(options);
+
+	return useMutation(mutationOptions);
+};

frontend/src/api/generated/services/sigNoz.schemas.ts

@@ -512,58 +512,27 @@ export interface CloudintegrationtypesAWSAccountConfigDTO {
 	regions: string[];
 }
 
-export interface CloudintegrationtypesAWSCloudWatchLogsSubscriptionDTO {
-	/**
-	 * @type string
-	 */
-	filterPattern: string;
-	/**
-	 * @type string
-	 */
-	logGroupNamePrefix: string;
-}
+export type CloudintegrationtypesAWSCollectionStrategyDTOS3Buckets = {
+	[key: string]: string[];
+};
 
-export interface CloudintegrationtypesAWSCloudWatchMetricStreamFilterDTO {
+export interface CloudintegrationtypesAWSCollectionStrategyDTO {
+	aws_logs?: CloudintegrationtypesAWSLogsStrategyDTO;
+	aws_metrics?: CloudintegrationtypesAWSMetricsStrategyDTO;
 	/**
-	 * @type array
+	 * @type object
 	 */
-	metricNames?: string[];
-	/**
-	 * @type string
-	 */
-	namespace: string;
+	s3_buckets?: CloudintegrationtypesAWSCollectionStrategyDTOS3Buckets;
 }
 
 export interface CloudintegrationtypesAWSConnectionArtifactDTO {
 	/**
 	 * @type string
 	 */
-	connectionUrl: string;
+	connectionURL: string;
 }
 
-export interface CloudintegrationtypesAWSIntegrationConfigDTO {
-	/**
-	 * @type array
-	 */
-	enabledRegions: string[];
-	telemetryCollectionStrategy: CloudintegrationtypesAWSTelemetryCollectionStrategyDTO;
-}
-
-export interface CloudintegrationtypesAWSLogsCollectionStrategyDTO {
-	/**
-	 * @type array
-	 */
-	subscriptions: CloudintegrationtypesAWSCloudWatchLogsSubscriptionDTO[];
-}
-
-export interface CloudintegrationtypesAWSMetricsCollectionStrategyDTO {
-	/**
-	 * @type array
-	 */
-	streamFilters: CloudintegrationtypesAWSCloudWatchMetricStreamFilterDTO[];
-}
-
-export interface CloudintegrationtypesAWSPostableAccountConfigDTO {
+export interface CloudintegrationtypesAWSConnectionArtifactRequestDTO {
 	/**
 	 * @type string
 	 */
@@ -574,6 +543,56 @@ export interface CloudintegrationtypesAWSPostableAccountConfigDTO {
 	regions: string[];
 }
 
+export interface CloudintegrationtypesAWSIntegrationConfigDTO {
+	/**
+	 * @type array
+	 */
+	enabledRegions: string[];
+	telemetry: CloudintegrationtypesAWSCollectionStrategyDTO;
+}
+
+export type CloudintegrationtypesAWSLogsStrategyDTOCloudwatchLogsSubscriptionsItem = {
+	/**
+	 * @type string
+	 */
+	filter_pattern?: string;
+	/**
+	 * @type string
+	 */
+	log_group_name_prefix?: string;
+};
+
+export interface CloudintegrationtypesAWSLogsStrategyDTO {
+	/**
+	 * @type array
+	 * @nullable true
+	 */
+	cloudwatch_logs_subscriptions?:
+		| CloudintegrationtypesAWSLogsStrategyDTOCloudwatchLogsSubscriptionsItem[]
+		| null;
+}
+
+export type CloudintegrationtypesAWSMetricsStrategyDTOCloudwatchMetricStreamFiltersItem = {
+	/**
+	 * @type array
+	 */
+	MetricNames?: string[];
+	/**
+	 * @type string
+	 */
+	Namespace?: string;
+};
+
+export interface CloudintegrationtypesAWSMetricsStrategyDTO {
+	/**
+	 * @type array
+	 * @nullable true
+	 */
+	cloudwatch_metric_stream_filters?:
+		| CloudintegrationtypesAWSMetricsStrategyDTOCloudwatchMetricStreamFiltersItem[]
+		| null;
+}
+
 export interface CloudintegrationtypesAWSServiceConfigDTO {
 	logs?: CloudintegrationtypesAWSServiceLogsConfigDTO;
 	metrics?: CloudintegrationtypesAWSServiceMetricsConfigDTO;
@@ -591,7 +610,7 @@ export interface CloudintegrationtypesAWSServiceLogsConfigDTO {
 	/**
 	 * @type object
 	 */
-	s3Buckets?: CloudintegrationtypesAWSServiceLogsConfigDTOS3Buckets;
+	s3_buckets?: CloudintegrationtypesAWSServiceLogsConfigDTOS3Buckets;
 }
 
 export interface CloudintegrationtypesAWSServiceMetricsConfigDTO {
@@ -601,19 +620,6 @@ export interface CloudintegrationtypesAWSServiceMetricsConfigDTO {
 	enabled?: boolean;
 }
 
-export type CloudintegrationtypesAWSTelemetryCollectionStrategyDTOS3Buckets = {
-	[key: string]: string[];
-};
-
-export interface CloudintegrationtypesAWSTelemetryCollectionStrategyDTO {
-	logs?: CloudintegrationtypesAWSLogsCollectionStrategyDTO;
-	metrics?: CloudintegrationtypesAWSMetricsCollectionStrategyDTO;
-	/**
-	 * @type object
-	 */
-	s3Buckets?: CloudintegrationtypesAWSTelemetryCollectionStrategyDTOS3Buckets;
-}
-
 export interface CloudintegrationtypesAccountDTO {
 	agentReport: CloudintegrationtypesAgentReportDTO;
 	config: CloudintegrationtypesAccountConfigDTO;
@@ -687,32 +693,6 @@ export interface CloudintegrationtypesAssetsDTO {
 	dashboards?: CloudintegrationtypesDashboardDTO[] | null;
 }
 
-/**
- * @nullable
- */
-export type CloudintegrationtypesCloudIntegrationServiceDTO = {
-	/**
-	 * @type string
-	 */
-	cloudIntegrationId?: string;
-	config?: CloudintegrationtypesServiceConfigDTO;
-	/**
-	 * @type string
-	 * @format date-time
-	 */
-	createdAt?: Date;
-	/**
-	 * @type string
-	 */
-	id: string;
-	type?: CloudintegrationtypesServiceIDDTO;
-	/**
-	 * @type string
-	 * @format date-time
-	 */
-	updatedAt?: Date;
-} | null;
-
 export interface CloudintegrationtypesCollectedLogAttributeDTO {
 	/**
 	 * @type string
@@ -747,27 +727,16 @@ export interface CloudintegrationtypesCollectedMetricDTO {
 	unit?: string;
 }
 
+export interface CloudintegrationtypesCollectionStrategyDTO {
+	aws: CloudintegrationtypesAWSCollectionStrategyDTO;
+}
+
 export interface CloudintegrationtypesConnectionArtifactDTO {
 	aws: CloudintegrationtypesAWSConnectionArtifactDTO;
 }
 
-export interface CloudintegrationtypesCredentialsDTO {
-	/**
-	 * @type string
-	 */
-	ingestionKey: string;
-	/**
-	 * @type string
-	 */
-	ingestionUrl: string;
-	/**
-	 * @type string
-	 */
-	sigNozApiKey: string;
-	/**
-	 * @type string
-	 */
-	sigNozApiUrl: string;
+export interface CloudintegrationtypesConnectionArtifactRequestDTO {
+	aws: CloudintegrationtypesAWSConnectionArtifactRequestDTO;
 }
 
 export interface CloudintegrationtypesDashboardDTO {
@@ -799,7 +768,7 @@ export interface CloudintegrationtypesDataCollectedDTO {
 	metrics?: CloudintegrationtypesCollectedMetricDTO[] | null;
 }
 
-export interface CloudintegrationtypesGettableAccountWithConnectionArtifactDTO {
+export interface CloudintegrationtypesGettableAccountWithArtifactDTO {
 	connectionArtifact: CloudintegrationtypesConnectionArtifactDTO;
 	/**
 	 * @type string
@@ -814,7 +783,7 @@ export interface CloudintegrationtypesGettableAccountsDTO {
 	accounts: CloudintegrationtypesAccountDTO[];
 }
 
-export interface CloudintegrationtypesGettableAgentCheckInDTO {
+export interface CloudintegrationtypesGettableAgentCheckInResponseDTO {
 	/**
 	 * @type string
 	 */
@@ -862,85 +831,17 @@ export type CloudintegrationtypesIntegrationConfigDTO = {
 	 * @type array
 	 */
 	enabled_regions: string[];
-	telemetry: CloudintegrationtypesOldAWSCollectionStrategyDTO;
+	telemetry: CloudintegrationtypesAWSCollectionStrategyDTO;
 } | null;
 
-export type CloudintegrationtypesOldAWSCollectionStrategyDTOS3Buckets = {
-	[key: string]: string[];
-};
-
-export interface CloudintegrationtypesOldAWSCollectionStrategyDTO {
-	aws_logs?: CloudintegrationtypesOldAWSLogsStrategyDTO;
-	aws_metrics?: CloudintegrationtypesOldAWSMetricsStrategyDTO;
-	/**
-	 * @type string
-	 */
-	provider?: string;
-	/**
-	 * @type object
-	 */
-	s3_buckets?: CloudintegrationtypesOldAWSCollectionStrategyDTOS3Buckets;
-}
-
-export type CloudintegrationtypesOldAWSLogsStrategyDTOCloudwatchLogsSubscriptionsItem = {
-	/**
-	 * @type string
-	 */
-	filter_pattern?: string;
-	/**
-	 * @type string
-	 */
-	log_group_name_prefix?: string;
-};
-
-export interface CloudintegrationtypesOldAWSLogsStrategyDTO {
-	/**
-	 * @type array
-	 * @nullable true
-	 */
-	cloudwatch_logs_subscriptions?:
-		| CloudintegrationtypesOldAWSLogsStrategyDTOCloudwatchLogsSubscriptionsItem[]
-		| null;
-}
-
-export type CloudintegrationtypesOldAWSMetricsStrategyDTOCloudwatchMetricStreamFiltersItem = {
-	/**
-	 * @type array
-	 */
-	MetricNames?: string[];
-	/**
-	 * @type string
-	 */
-	Namespace?: string;
-};
-
-export interface CloudintegrationtypesOldAWSMetricsStrategyDTO {
-	/**
-	 * @type array
-	 * @nullable true
-	 */
-	cloudwatch_metric_stream_filters?:
-		| CloudintegrationtypesOldAWSMetricsStrategyDTOCloudwatchMetricStreamFiltersItem[]
-		| null;
-}
-
-export interface CloudintegrationtypesPostableAccountDTO {
-	config: CloudintegrationtypesPostableAccountConfigDTO;
-	credentials: CloudintegrationtypesCredentialsDTO;
-}
-
-export interface CloudintegrationtypesPostableAccountConfigDTO {
-	aws: CloudintegrationtypesAWSPostableAccountConfigDTO;
-}
-
 /**
  * @nullable
  */
-export type CloudintegrationtypesPostableAgentCheckInDTOData = {
+export type CloudintegrationtypesPostableAgentCheckInRequestDTOData = {
 	[key: string]: unknown;
 } | null;
 
-export interface CloudintegrationtypesPostableAgentCheckInDTO {
+export interface CloudintegrationtypesPostableAgentCheckInRequestDTO {
 	/**
 	 * @type string
 	 */
@@ -957,7 +858,7 @@ export interface CloudintegrationtypesPostableAgentCheckInDTO {
 	 * @type object
 	 * @nullable true
 	 */
-	data: CloudintegrationtypesPostableAgentCheckInDTOData;
+	data: CloudintegrationtypesPostableAgentCheckInRequestDTOData;
 	/**
 	 * @type string
 	 */
@@ -970,7 +871,6 @@ export interface CloudintegrationtypesProviderIntegrationConfigDTO {
 
 export interface CloudintegrationtypesServiceDTO {
 	assets: CloudintegrationtypesAssetsDTO;
-	cloudIntegrationService: CloudintegrationtypesCloudIntegrationServiceDTO;
 	dataCollected: CloudintegrationtypesDataCollectedDTO;
 	/**
 	 * @type string
@@ -984,8 +884,9 @@ export interface CloudintegrationtypesServiceDTO {
 	 * @type string
 	 */
 	overview: string;
-	supportedSignals: CloudintegrationtypesSupportedSignalsDTO;
-	telemetryCollectionStrategy: CloudintegrationtypesTelemetryCollectionStrategyDTO;
+	serviceConfig?: CloudintegrationtypesServiceConfigDTO;
+	supported_signals: CloudintegrationtypesSupportedSignalsDTO;
+	telemetryCollectionStrategy: CloudintegrationtypesCollectionStrategyDTO;
 	/**
 	 * @type string
 	 */
@@ -996,21 +897,6 @@ export interface CloudintegrationtypesServiceConfigDTO {
 	aws: CloudintegrationtypesAWSServiceConfigDTO;
 }
 
-export enum CloudintegrationtypesServiceIDDTO {
-	alb = 'alb',
-	'api-gateway' = 'api-gateway',
-	dynamodb = 'dynamodb',
-	ec2 = 'ec2',
-	ecs = 'ecs',
-	eks = 'eks',
-	elasticache = 'elasticache',
-	lambda = 'lambda',
-	msk = 'msk',
-	rds = 'rds',
-	s3sync = 's3sync',
-	sns = 'sns',
-	sqs = 'sqs',
-}
 export interface CloudintegrationtypesServiceMetadataDTO {
 	/**
 	 * @type boolean
@@ -1041,10 +927,6 @@ export interface CloudintegrationtypesSupportedSignalsDTO {
 	metrics?: boolean;
 }
 
-export interface CloudintegrationtypesTelemetryCollectionStrategyDTO {
-	aws: CloudintegrationtypesAWSTelemetryCollectionStrategyDTO;
-}
-
 export interface CloudintegrationtypesUpdatableAccountDTO {
 	config: CloudintegrationtypesAccountConfigDTO;
 }
@@ -3568,7 +3450,7 @@ export type AgentCheckInDeprecatedPathParameters = {
 	cloudProvider: string;
 };
 export type AgentCheckInDeprecated200 = {
-	data: CloudintegrationtypesGettableAgentCheckInDTO;
+	data: CloudintegrationtypesGettableAgentCheckInResponseDTO;
 	/**
 	 * @type string
 	 */
@@ -3590,7 +3472,7 @@ export type CreateAccountPathParameters = {
 	cloudProvider: string;
 };
 export type CreateAccount200 = {
-	data: CloudintegrationtypesGettableAccountWithConnectionArtifactDTO;
+	data: CloudintegrationtypesGettableAccountWithArtifactDTO;
 	/**
 	 * @type string
 	 */
@@ -3617,27 +3499,11 @@ export type UpdateAccountPathParameters = {
 	cloudProvider: string;
 	id: string;
 };
-export type UpdateServicePathParameters = {
-	cloudProvider: string;
-	id: string;
-	serviceId: string;
-};
 export type AgentCheckInPathParameters = {
 	cloudProvider: string;
 };
 export type AgentCheckIn200 = {
-	data: CloudintegrationtypesGettableAgentCheckInDTO;
-	/**
-	 * @type string
-	 */
-	status: string;
-};
-
-export type GetConnectionCredentialsPathParameters = {
-	cloudProvider: string;
-};
-export type GetConnectionCredentials200 = {
-	data: CloudintegrationtypesCredentialsDTO;
+	data: CloudintegrationtypesGettableAgentCheckInResponseDTO;
 	/**
 	 * @type string
 	 */
@@ -3667,6 +3533,10 @@ export type GetService200 = {
 	status: string;
 };
 
+export type UpdateServicePathParameters = {
+	cloudProvider: string;
+	serviceId: string;
+};
 export type CreateSessionByGoogleCallback303 = {
 	data: AuthtypesGettableTokenDTO;
 	/**

go.mod

@@ -5,7 +5,7 @@ go 1.25.0
 require (
 	dario.cat/mergo v1.0.2
 	github.com/AfterShip/clickhouse-sql-parser v0.4.16
-	github.com/ClickHouse/clickhouse-go/v2 v2.40.1
+	github.com/ClickHouse/clickhouse-go/v2 v2.43.0
 	github.com/DATA-DOG/go-sqlmock v1.5.2
 	github.com/SigNoz/govaluate v0.0.0-20240203125216-988004ccc7fd
 	github.com/SigNoz/signoz-otel-collector v0.144.2
@@ -28,15 +28,15 @@ require (
 	github.com/gorilla/mux v1.8.1
 	github.com/gorilla/websocket v1.5.4-0.20250319132907-e064f32e3674
 	github.com/huandu/go-sqlbuilder v1.35.0
-	github.com/jackc/pgx/v5 v5.7.6
+	github.com/jackc/pgx/v5 v5.9.1
 	github.com/json-iterator/go v1.1.13-0.20220915233716-71ac16282d12
 	github.com/knadh/koanf v1.5.0
 	github.com/knadh/koanf/v2 v2.3.2
 	github.com/mailru/easyjson v0.9.0
 	github.com/open-telemetry/opamp-go v0.22.0
 	github.com/open-telemetry/opentelemetry-collector-contrib/pkg/stanza v0.144.0
-	github.com/openfga/api/proto v0.0.0-20250909172242-b4b2a12f5c67
-	github.com/openfga/language/pkg/go v0.2.0-beta.2.0.20251027165255-0f8f255e5f6c
+	github.com/openfga/api/proto v0.0.0-20260319214821-f153694bfc20
+	github.com/openfga/language/pkg/go v0.2.0-beta.2.0.20251202173232-1e8bf16f1dce
 	github.com/opentracing/opentracing-go v1.2.0
 	github.com/pkg/errors v0.9.1
 	github.com/prometheus/alertmanager v0.31.0
@@ -68,26 +68,26 @@ require (
 	go.opentelemetry.io/collector/pdata v1.51.0
 	go.opentelemetry.io/contrib/config v0.10.0
 	go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux v0.63.0
-	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.65.0
-	go.opentelemetry.io/otel v1.40.0
-	go.opentelemetry.io/otel/metric v1.40.0
-	go.opentelemetry.io/otel/sdk v1.40.0
-	go.opentelemetry.io/otel/trace v1.40.0
+	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.67.0
+	go.opentelemetry.io/otel v1.42.0
+	go.opentelemetry.io/otel/metric v1.42.0
+	go.opentelemetry.io/otel/sdk v1.42.0
+	go.opentelemetry.io/otel/trace v1.42.0
 	go.uber.org/multierr v1.11.0
 	go.uber.org/zap v1.27.1
-	golang.org/x/crypto v0.47.0
-	golang.org/x/exp v0.0.0-20260112195511-716be5621a96
-	golang.org/x/net v0.49.0
-	golang.org/x/oauth2 v0.34.0
-	golang.org/x/sync v0.19.0
-	golang.org/x/text v0.33.0
+	golang.org/x/crypto v0.48.0
+	golang.org/x/exp v0.0.0-20260218203240-3dfff04db8fa
+	golang.org/x/net v0.51.0
+	golang.org/x/oauth2 v0.35.0
+	golang.org/x/sync v0.20.0
+	golang.org/x/text v0.34.0
 	gonum.org/v1/gonum v0.17.0
 	google.golang.org/api v0.265.0
 	google.golang.org/protobuf v1.36.11
 	gopkg.in/yaml.v2 v2.4.0
 	gopkg.in/yaml.v3 v3.0.1
 	k8s.io/apimachinery v0.35.0
-	modernc.org/sqlite v1.40.1
+	modernc.org/sqlite v1.47.0
 )
 
 require (
@@ -130,7 +130,7 @@ require (
 	github.com/hashicorp/go-metrics v0.5.4 // indirect
 	github.com/leodido/go-urn v1.4.0 // indirect
 	github.com/mattn/go-isatty v0.0.20 // indirect
-	github.com/ncruces/go-strftime v0.1.9 // indirect
+	github.com/ncruces/go-strftime v1.0.0 // indirect
 	github.com/prometheus/client_golang/exp v0.0.0-20260108101519-fb0838f53562 // indirect
 	github.com/redis/go-redis/extra/rediscmd/v9 v9.15.1 // indirect
 	github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec // indirect
@@ -147,7 +147,7 @@ require (
 	go.opentelemetry.io/collector/pdata/xpdata v0.144.0 // indirect
 	go.yaml.in/yaml/v2 v2.4.3 // indirect
 	golang.org/x/arch v0.20.0 // indirect
-	modernc.org/libc v1.66.10 // indirect
+	modernc.org/libc v1.70.0 // indirect
 	modernc.org/mathutil v1.7.1 // indirect
 	modernc.org/memory v1.11.0 // indirect
 )
@@ -161,7 +161,7 @@ require (
 	github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.13.1 // indirect
 	github.com/Azure/azure-sdk-for-go/sdk/internal v1.11.2 // indirect
 	github.com/AzureAD/microsoft-authentication-library-for-go v1.6.0 // indirect
-	github.com/ClickHouse/ch-go v0.67.0 // indirect
+	github.com/ClickHouse/ch-go v0.71.0 // indirect
 	github.com/Masterminds/squirrel v1.5.4 // indirect
 	github.com/Yiling-J/theine-go v0.6.2 // indirect
 	github.com/alecthomas/units v0.0.0-20240927000941-0f3dac36c52b // indirect
@@ -208,7 +208,7 @@ require (
 	github.com/golang/protobuf v1.5.4 // indirect
 	github.com/golang/snappy v1.0.0 // indirect
 	github.com/google/btree v1.1.3 // indirect
-	github.com/google/cel-go v0.26.1 // indirect
+	github.com/google/cel-go v0.27.0 // indirect
 	github.com/google/s2a-go v0.1.9 // indirect
 	github.com/googleapis/enterprise-certificate-proxy v0.3.11 // indirect
 	github.com/googleapis/gax-go/v2 v2.16.0 // indirect
@@ -216,7 +216,7 @@ require (
 	github.com/grafana/regexp v0.0.0-20250905093917-f7b3be9d1853 // indirect
 	github.com/grpc-ecosystem/go-grpc-middleware v1.4.0 // indirect
 	github.com/grpc-ecosystem/go-grpc-middleware/v2 v2.3.3 // indirect
-	github.com/grpc-ecosystem/grpc-gateway/v2 v2.27.7 // indirect
+	github.com/grpc-ecosystem/grpc-gateway/v2 v2.28.0 // indirect
 	github.com/hashicorp/errwrap v1.1.0 // indirect
 	github.com/hashicorp/go-immutable-radix v1.3.1 // indirect
 	github.com/hashicorp/go-msgpack/v2 v2.1.5 // indirect
@@ -237,7 +237,7 @@ require (
 	github.com/josharian/intern v1.0.0 // indirect
 	github.com/jpillora/backoff v1.0.0 // indirect
 	github.com/jtolds/gls v4.20.0+incompatible // indirect
-	github.com/klauspost/compress v1.18.3 // indirect
+	github.com/klauspost/compress v1.18.4 // indirect
 	github.com/klauspost/cpuid/v2 v2.3.0 // indirect
 	github.com/kylelemons/godebug v1.1.0 // indirect
 	github.com/lann/builder v0.0.0-20180802200727-47ae307949d0 // indirect
@@ -268,14 +268,14 @@ require (
 	github.com/open-telemetry/opentelemetry-collector-contrib/internal/exp/metrics v0.145.0 // indirect
 	github.com/open-telemetry/opentelemetry-collector-contrib/pkg/pdatautil v0.145.0 // indirect
 	github.com/open-telemetry/opentelemetry-collector-contrib/processor/deltatocumulativeprocessor v0.145.0 // indirect
-	github.com/openfga/openfga v1.11.2
-	github.com/paulmach/orb v0.11.1 // indirect
+	github.com/openfga/openfga v1.14.0
+	github.com/paulmach/orb v0.12.0 // indirect
 	github.com/pelletier/go-toml/v2 v2.2.4 // indirect
-	github.com/pierrec/lz4/v4 v4.1.23 // indirect
+	github.com/pierrec/lz4/v4 v4.1.25 // indirect
 	github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c // indirect
 	github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
 	github.com/power-devops/perfstat v0.0.0-20240221224432-82ca36839d55 // indirect
-	github.com/pressly/goose/v3 v3.26.0 // indirect
+	github.com/pressly/goose/v3 v3.27.0 // indirect
 	github.com/prometheus/client_model v0.6.2 // indirect
 	github.com/prometheus/exporter-toolkit v0.15.1 // indirect
 	github.com/prometheus/otlptranslator v1.0.0 // indirect
@@ -285,7 +285,7 @@ require (
 	github.com/robfig/cron/v3 v3.0.1 // indirect
 	github.com/sagikazarmark/locafero v0.9.0 // indirect
 	github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529 // indirect
-	github.com/segmentio/asm v1.2.0 // indirect
+	github.com/segmentio/asm v1.2.1 // indirect
 	github.com/segmentio/backo-go v1.0.1 // indirect
 	github.com/sethvargo/go-retry v0.3.0 // indirect
 	github.com/shirou/gopsutil/v4 v4.25.12 // indirect
@@ -298,7 +298,6 @@ require (
 	github.com/spf13/cast v1.10.0 // indirect
 	github.com/spf13/pflag v1.0.10 // indirect
 	github.com/spf13/viper v1.20.1 // indirect
-	github.com/stoewer/go-strcase v1.3.0 // indirect
 	github.com/stretchr/objx v0.5.2 // indirect
 	github.com/subosito/gotenv v1.6.0 // indirect
 	github.com/swaggest/openapi-go v0.2.60
@@ -362,27 +361,27 @@ require (
 	go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp v0.14.0 // indirect
 	go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc v1.39.0 // indirect
 	go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.39.0 // indirect
-	go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.40.0 // indirect
-	go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.40.0 // indirect
-	go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.40.0 // indirect
+	go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.42.0 // indirect
+	go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.42.0 // indirect
+	go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.41.0 // indirect
 	go.opentelemetry.io/otel/exporters/prometheus v0.60.0
 	go.opentelemetry.io/otel/exporters/stdout/stdoutlog v0.14.0 // indirect
 	go.opentelemetry.io/otel/exporters/stdout/stdoutmetric v1.39.0 // indirect
 	go.opentelemetry.io/otel/exporters/stdout/stdouttrace v1.39.0 // indirect
 	go.opentelemetry.io/otel/log v0.15.0 // indirect
 	go.opentelemetry.io/otel/sdk/log v0.14.0 // indirect
-	go.opentelemetry.io/otel/sdk/metric v1.40.0
-	go.opentelemetry.io/proto/otlp v1.9.0
+	go.opentelemetry.io/otel/sdk/metric v1.42.0
+	go.opentelemetry.io/proto/otlp v1.10.0
 	go.uber.org/atomic v1.11.0 // indirect
 	go.uber.org/mock v0.6.0 // indirect
 	go.yaml.in/yaml/v3 v3.0.4 // indirect
-	golang.org/x/mod v0.32.0 // indirect
-	golang.org/x/sys v0.40.0 // indirect
+	golang.org/x/mod v0.33.0 // indirect
+	golang.org/x/sys v0.42.0 // indirect
 	golang.org/x/time v0.14.0 // indirect
-	golang.org/x/tools v0.41.0 // indirect
-	google.golang.org/genproto/googleapis/api v0.0.0-20260203192932-546029d2fa20 // indirect
-	google.golang.org/genproto/googleapis/rpc v0.0.0-20260128011058-8636f8732409
-	google.golang.org/grpc v1.78.0 // indirect
+	golang.org/x/tools v0.42.0 // indirect
+	google.golang.org/genproto/googleapis/api v0.0.0-20260209200024-4cfbd4190f57 // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20260226221140-a57be14db171
+	google.golang.org/grpc v1.79.3 // indirect
 	gopkg.in/telebot.v3 v3.3.8 // indirect
 	k8s.io/client-go v0.35.0 // indirect
 	k8s.io/klog/v2 v2.130.1 // indirect

go.sum

@@ -64,8 +64,8 @@ cloud.google.com/go/storage v1.14.0/go.mod h1:GrKmX003DSIwi9o29oFT7YDnHYwZoctc3f
 dario.cat/mergo v1.0.2 h1:85+piFYR1tMbRrLcDwR18y4UKJ3aH1Tbzi24VRW1TK8=
 dario.cat/mergo v1.0.2/go.mod h1:E/hbnu0NxMFBjpMIE34DRGLWqDy0g5FuKDhCb31ngxA=
 dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU=
-filippo.io/edwards25519 v1.1.1 h1:YpjwWWlNmGIDyXOn8zLzqiD+9TyIlPhGFG96P39uBpw=
-filippo.io/edwards25519 v1.1.1/go.mod h1:BxyFTGdWcka3PhytdK4V28tE5sGfRvvvRV7EaN4VDT4=
+filippo.io/edwards25519 v1.2.0 h1:crnVqOiS4jqYleHd9vaKZ+HKtHfllngJIiOpNpoJsjo=
+filippo.io/edwards25519 v1.2.0/go.mod h1:xzAOLCNug/yB62zG1bQ8uziwrIqIuxhctzJT18Q77mc=
 github.com/AfterShip/clickhouse-sql-parser v0.4.16 h1:gpl+wXclYUKT0p4+gBq22XeRYWwEoZ9f35vogqMvkLQ=
 github.com/AfterShip/clickhouse-sql-parser v0.4.16/go.mod h1:W0Z82wJWkJxz2RVun/RMwxue3g7ut47Xxl+SFqdJGus=
 github.com/Azure/azure-sdk-for-go v68.0.0+incompatible h1:fcYLmCpyNYRnvJbPerq7U0hS+6+I79yEDJBqVNcqUzU=
@@ -87,10 +87,10 @@ github.com/AzureAD/microsoft-authentication-library-for-go v1.6.0 h1:XRzhVemXdgv
 github.com/AzureAD/microsoft-authentication-library-for-go v1.6.0/go.mod h1:HKpQxkWaGLJ+D/5H8QRpyQXA1eKjxkFlOMwck5+33Jk=
 github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
 github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo=
-github.com/ClickHouse/ch-go v0.67.0 h1:18MQF6vZHj+4/hTRaK7JbS/TIzn4I55wC+QzO24uiqc=
-github.com/ClickHouse/ch-go v0.67.0/go.mod h1:2MSAeyVmgt+9a2k2SQPPG1b4qbTPzdGDpf1+bcHh+18=
-github.com/ClickHouse/clickhouse-go/v2 v2.40.1 h1:PbwsHBgqXRydU7jKULD1C8CHmifczffvQqmFvltM2W4=
-github.com/ClickHouse/clickhouse-go/v2 v2.40.1/go.mod h1:GDzSBLVhladVm8V01aEB36IoBOVLLICfyeuiIp/8Ezc=
+github.com/ClickHouse/ch-go v0.71.0 h1:bUdZ/EZj/LcVHsMqaRUP2holqygrPWQKeMjc6nZoyRM=
+github.com/ClickHouse/ch-go v0.71.0/go.mod h1:NwbNc+7jaqfY58dmdDUbG4Jl22vThgx1cYjBw0vtgXw=
+github.com/ClickHouse/clickhouse-go/v2 v2.43.0 h1:fUR05TrF1GyvLDa/mAQjkx7KbgwdLRffs2n9O3WobtE=
+github.com/ClickHouse/clickhouse-go/v2 v2.43.0/go.mod h1:o6jf7JM/zveWC/PP277BLxjHy5KjnGX/jfljhM4s34g=
 github.com/Code-Hex/go-generics-cache v1.5.1 h1:6vhZGc5M7Y/YD8cIUcY8kcuQLB4cHR7U+0KMqAA0KcU=
 github.com/Code-Hex/go-generics-cache v1.5.1/go.mod h1:qxcC9kRVrct9rHeiYpFWSoW1vxyillCVzX13KZG8dl4=
 github.com/DATA-DOG/go-sqlmock v1.5.2 h1:OcvFkGmslmlZibjAjaHm3L//6LiuBgolP7OputlJIzU=
@@ -235,8 +235,8 @@ github.com/cncf/xds/go v0.0.0-20210805033703-aa0b78936158/go.mod h1:eXthEFrGJvWH
 github.com/cncf/xds/go v0.0.0-20210922020428-25de7278fc84/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
 github.com/cncf/xds/go v0.0.0-20211001041855-01bcc9b48dfe/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
 github.com/cncf/xds/go v0.0.0-20211011173535-cb28da3451f1/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
-github.com/cncf/xds/go v0.0.0-20251022180443-0feb69152e9f h1:Y8xYupdHxryycyPlc9Y+bSQAYZnetRJ70VMVKm5CKI0=
-github.com/cncf/xds/go v0.0.0-20251022180443-0feb69152e9f/go.mod h1:HlzOvOjVBOfTGSRXRyY0OiCS/3J1akRGQQpRO/7zyF4=
+github.com/cncf/xds/go v0.0.0-20251210132809-ee656c7534f5 h1:6xNmx7iTtyBRev0+D/Tv1FZd4SCg8axKApyNyRsAt/w=
+github.com/cncf/xds/go v0.0.0-20251210132809-ee656c7534f5/go.mod h1:KdCmV+x/BuvyMxRnYBlmVaq4OLiKW6iRQfvC62cvdkI=
 github.com/coder/quartz v0.3.0 h1:bUoSEJ77NBfKtUqv6CPSC0AS8dsjqAqqAv7bN02m1mg=
 github.com/coder/quartz v0.3.0/go.mod h1:BgE7DOj/8NfvRgvKw0jPLDQH/2Lya2kxcTaNJ8X0rZk=
 github.com/containerd/errdefs v1.0.0 h1:tg5yIfIlQIrxYtu9ajqY42W3lpS19XqdxRQeEwYG8PI=
@@ -299,7 +299,7 @@ github.com/envoyproxy/go-control-plane v0.9.9-0.20210217033140-668b12f5399d/go.m
 github.com/envoyproxy/go-control-plane v0.9.9-0.20210512163311-63b5d3c536b0/go.mod h1:hliV/p42l8fGbc6Y9bQ70uLwIvmJyVE5k4iMKlh8wCQ=
 github.com/envoyproxy/go-control-plane v0.9.10-0.20210907150352-cf90f659a021/go.mod h1:AFq3mo9L8Lqqiid3OhADV3RfLJnjiw63cSpi+fDTRC0=
 github.com/envoyproxy/go-control-plane v0.10.2-0.20220325020618-49ff273808a1/go.mod h1:KJwIaB5Mv44NWtYuAOFCVOjcI94vtpEz2JU/D2v6IjE=
-github.com/envoyproxy/go-control-plane v0.13.5-0.20251024222203-75eaa193e329 h1:K+fnvUM0VZ7ZFJf0n4L/BRlnsb9pL/GuDG6FqaH+PwM=
+github.com/envoyproxy/go-control-plane v0.14.0 h1:hbG2kr4RuFj222B6+7T83thSPqLjwBIfQawTkC++2HA=
 github.com/envoyproxy/go-control-plane/envoy v1.36.0 h1:yg/JjO5E7ubRyKX3m07GF3reDNEnfOboJ0QySbH736g=
 github.com/envoyproxy/go-control-plane/envoy v1.36.0/go.mod h1:ty89S1YCCVruQAm9OtKeEkQLTb+Lkz0k8v9W0Oxsv98=
 github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
@@ -489,8 +489,8 @@ github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Z
 github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
 github.com/google/btree v1.1.3 h1:CVpQJjYgC4VbzxeGVHfvZrv1ctoYCAI8vbl07Fcxlyg=
 github.com/google/btree v1.1.3/go.mod h1:qOPhT0dTNdNzV6Z/lhRX0YXUafgPLFUh+gZMl761Gm4=
-github.com/google/cel-go v0.26.1 h1:iPbVVEdkhTX++hpe3lzSk7D3G3QSYqLGoHOcEio+UXQ=
-github.com/google/cel-go v0.26.1/go.mod h1:A9O8OU9rdvrK5MQyrqfIxo1a0u4g3sF8KB6PUIaryMM=
+github.com/google/cel-go v0.27.0 h1:e7ih85+4qVrBuqQWTW4FKSqZYokVuc3HnhH5keboFTo=
+github.com/google/cel-go v0.27.0/go.mod h1:tTJ11FWqnhw5KKpnWpvW9CJC3Y9GK4EIS0WXnBbebzw=
 github.com/google/gnostic-models v0.7.0 h1:qwTtogB15McXDaNqTZdzPJRHvaVJlAl+HVQnLmJEJxo=
 github.com/google/gnostic-models v0.7.0/go.mod h1:whL5G0m6dmc5cPxKc5bdKdEN3UjI7OUGxBlw57miDrQ=
 github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
@@ -572,8 +572,8 @@ github.com/grpc-ecosystem/go-grpc-middleware/v2 v2.3.3 h1:B+8ClL/kCQkRiU82d9xajR
 github.com/grpc-ecosystem/go-grpc-middleware/v2 v2.3.3/go.mod h1:NbCUVmiS4foBGBHOYlCT25+YmGpJ32dZPi75pGEUpj4=
 github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0/go.mod h1:8NvIoxWQoOIhqOTXgfV/d3M/q6VIi02HzZEHgUlZvzk=
 github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw=
-github.com/grpc-ecosystem/grpc-gateway/v2 v2.27.7 h1:X+2YciYSxvMQK0UZ7sg45ZVabVZBeBuvMkmuI2V3Fak=
-github.com/grpc-ecosystem/grpc-gateway/v2 v2.27.7/go.mod h1:lW34nIZuQ8UDPdkon5fmfp2l3+ZkQ2me/+oecHYLOII=
+github.com/grpc-ecosystem/grpc-gateway/v2 v2.28.0 h1:HWRh5R2+9EifMyIHV7ZV+MIZqgz+PMpZ14Jynv3O2Zs=
+github.com/grpc-ecosystem/grpc-gateway/v2 v2.28.0/go.mod h1:JfhWUomR1baixubs02l85lZYYOm7LV6om4ceouMv45c=
 github.com/hashicorp/consul/api v1.12.0/go.mod h1:6pVBMo0ebnYdt2S3H87XhekM/HHrUoTD2XXb/VrZVy0=
 github.com/hashicorp/consul/api v1.13.0/go.mod h1:ZlVrynguJKcYr54zGaDbaL3fOvKC9m72FhPvA8T35KQ=
 github.com/hashicorp/consul/api v1.32.1 h1:0+osr/3t/aZNAdJX558crU3PEjVrG4x6715aZHRgceE=
@@ -672,8 +672,8 @@ github.com/jackc/pgpassfile v1.0.0 h1:/6Hmqy13Ss2zCq62VdNG8tM1wchn8zjSGOBJ6icpsI
 github.com/jackc/pgpassfile v1.0.0/go.mod h1:CEx0iS5ambNFdcRtxPj5JhEz+xB6uRky5eyVu/W2HEg=
 github.com/jackc/pgservicefile v0.0.0-20240606120523-5a60cdf6a761 h1:iCEnooe7UlwOQYpKFhBabPMi4aNAfoODPEFNiAnClxo=
 github.com/jackc/pgservicefile v0.0.0-20240606120523-5a60cdf6a761/go.mod h1:5TJZWKEWniPve33vlWYSoGYefn3gLQRzjfDlhSJ9ZKM=
-github.com/jackc/pgx/v5 v5.7.6 h1:rWQc5FwZSPX58r1OQmkuaNicxdmExaEz5A2DO2hUuTk=
-github.com/jackc/pgx/v5 v5.7.6/go.mod h1:aruU7o91Tc2q2cFp5h4uP3f6ztExVpyVv88Xl/8Vl8M=
+github.com/jackc/pgx/v5 v5.9.1 h1:uwrxJXBnx76nyISkhr33kQLlUqjv7et7b9FjCen/tdc=
+github.com/jackc/pgx/v5 v5.9.1/go.mod h1:mal1tBGAFfLHvZzaYh77YS/eC6IX9OWbRV1QIIM0Jn4=
 github.com/jackc/puddle/v2 v2.2.2 h1:PR8nw+E/1w0GLuRFSmiioY6UooMp6KJv0/61nB7icHo=
 github.com/jackc/puddle/v2 v2.2.2/go.mod h1:vriiEXHvEE654aYKXXjOvZM39qJ0q+azkZFrfEOc3H4=
 github.com/jessevdk/go-flags v1.6.1 h1:Cvu5U8UGrLay1rZfv/zP7iLpSHGUZ/Ou68T0iX1bBK4=
@@ -711,8 +711,8 @@ github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI
 github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
 github.com/kisielk/sqlstruct v0.0.0-20201105191214-5f3e10d3ab46/go.mod h1:yyMNCyc/Ib3bDTKd379tNMpB/7/H5TjM2Y9QJ5THLbE=
 github.com/klauspost/compress v1.13.6/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk=
-github.com/klauspost/compress v1.18.3 h1:9PJRvfbmTabkOX8moIpXPbMMbYN60bWImDDU7L+/6zw=
-github.com/klauspost/compress v1.18.3/go.mod h1:R0h/fSBs8DE4ENlcrlib3PsXS61voFxhIs2DeRhCvJ4=
+github.com/klauspost/compress v1.18.4 h1:RPhnKRAQ4Fh8zU2FY/6ZFDwTVTxgJ/EMydqSTzE9a2c=
+github.com/klauspost/compress v1.18.4/go.mod h1:R0h/fSBs8DE4ENlcrlib3PsXS61voFxhIs2DeRhCvJ4=
 github.com/klauspost/cpuid/v2 v2.3.0 h1:S4CRMLnYUhGeDFDqkGriYKdfoFlDnMtqTiI/sFzhA9Y=
 github.com/klauspost/cpuid/v2 v2.3.0/go.mod h1:hqwkgyIinND0mEev00jJYCxPNVRVXFQeu1XKlok6oO0=
 github.com/knadh/koanf v1.5.0 h1:q2TSd/3Pyc/5yP9ldIrSdIz26MCcyNQzW0pEAugLPNs=
@@ -825,8 +825,8 @@ github.com/mwitkow/go-conntrack v0.0.0-20190716064945-2f068394615f h1:KUppIJq7/+
 github.com/mwitkow/go-conntrack v0.0.0-20190716064945-2f068394615f/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U=
 github.com/natefinch/wrap v0.2.0 h1:IXzc/pw5KqxJv55gV0lSOcKHYuEZPGbQrOOXr/bamRk=
 github.com/natefinch/wrap v0.2.0/go.mod h1:6gMHlAl12DwYEfKP3TkuykYUfLSEAvHw67itm4/KAS8=
-github.com/ncruces/go-strftime v0.1.9 h1:bY0MQC28UADQmHmaF5dgpLmImcShSi2kHU9XLdhx/f4=
-github.com/ncruces/go-strftime v0.1.9/go.mod h1:Fwc5htZGVVkseilnfgOVb9mKy6w1naJmn9CehxcKcls=
+github.com/ncruces/go-strftime v1.0.0 h1:HMFp8mLCTPp341M/ZnA4qaf7ZlsbTc+miZjCLOFAw7w=
+github.com/ncruces/go-strftime v1.0.0/go.mod h1:Fwc5htZGVVkseilnfgOVb9mKy6w1naJmn9CehxcKcls=
 github.com/npillmayer/nestext v0.1.3/go.mod h1:h2lrijH8jpicr25dFY+oAJLyzlya6jhnuG+zWp9L0Uk=
 github.com/nxadm/tail v1.4.8 h1:nPr65rt6Y5JFSKQO7qToXr7pePgD6Gwiw05lkbyAQTE=
 github.com/nxadm/tail v1.4.8/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU=
@@ -867,12 +867,12 @@ github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8
 github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM=
 github.com/opencontainers/image-spec v1.1.1 h1:y0fUlFfIZhPF1W537XOLg0/fcx6zcHCJwooC2xJA040=
 github.com/opencontainers/image-spec v1.1.1/go.mod h1:qpqAh3Dmcf36wStyyWU+kCeDgrGnAve2nCC8+7h8Q0M=
-github.com/openfga/api/proto v0.0.0-20250909172242-b4b2a12f5c67 h1:58mhO5nqkdka2Mpg5mijuZOHScX7reowhzRciwjFCU8=
-github.com/openfga/api/proto v0.0.0-20250909172242-b4b2a12f5c67/go.mod h1:XDX4qYNBUM2Rsa2AbKPh+oocZc2zgme+EF2fFC6amVU=
-github.com/openfga/language/pkg/go v0.2.0-beta.2.0.20251027165255-0f8f255e5f6c h1:xPbHNFG8QbPr/fpL7u0MPI0x74/BCLm7Sx02btL1m5Q=
-github.com/openfga/language/pkg/go v0.2.0-beta.2.0.20251027165255-0f8f255e5f6c/go.mod h1:BG26d1Fk4GSg0wMj60TRJ6Pe4ka2WQ33akhO+mzt3t0=
-github.com/openfga/openfga v1.11.2 h1:6vFZSSE0pyyt9qz320BgQLh/sHxZY5nfPOcJ3d5g8Bg=
-github.com/openfga/openfga v1.11.2/go.mod h1:aCDb0gaWsU6dDAdC+zNOR2XC2W3lteGwKSkRWcSjGW8=
+github.com/openfga/api/proto v0.0.0-20260319214821-f153694bfc20 h1:xdVG0EDz9Z9Uhd7YZ5OMN1F8tkAz/Dpgdjxd0cuTBJo=
+github.com/openfga/api/proto v0.0.0-20260319214821-f153694bfc20/go.mod h1:XDX4qYNBUM2Rsa2AbKPh+oocZc2zgme+EF2fFC6amVU=
+github.com/openfga/language/pkg/go v0.2.0-beta.2.0.20251202173232-1e8bf16f1dce h1:9ufUx4ZNLTbk1/VYb7dPGvHyjoAicm4imeVF8OEv3YE=
+github.com/openfga/language/pkg/go v0.2.0-beta.2.0.20251202173232-1e8bf16f1dce/go.mod h1:EbSJVzbk2+UyLx4i1t7Fi1yZEg+2pk2ZdnVg3jas1JA=
+github.com/openfga/openfga v1.14.0 h1:P1nW5LJpaviM3rbgh6AwcF3sUB3h0pdCetQQS5Lxnx4=
+github.com/openfga/openfga v1.14.0/go.mod h1:yMiperTAsSrvUrzCZpLWUsOJGQZNomxM9zSQi63bcds=
 github.com/opentracing/opentracing-go v1.1.0/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o=
 github.com/opentracing/opentracing-go v1.2.0 h1:uEJPy/1a5RIPAJ0Ov+OIO8OxWu77jEv+1B0VhjKrZUs=
 github.com/opentracing/opentracing-go v1.2.0/go.mod h1:GxEUsuufX4nBwe+T+Wl9TAgYrxe9dPLANfrWvHYVTgc=
@@ -881,8 +881,8 @@ github.com/ovh/go-ovh v1.9.0/go.mod h1:cTVDnl94z4tl8pP1uZ/8jlVxntjSIf09bNcQ5TJSC
 github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc=
 github.com/pascaldekloe/goe v0.1.0 h1:cBOtyMzM9HTpWjXfbbunk26uA6nG3a8n06Wieeh0MwY=
 github.com/pascaldekloe/goe v0.1.0/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc=
-github.com/paulmach/orb v0.11.1 h1:3koVegMC4X/WeiXYz9iswopaTwMem53NzTJuTF20JzU=
-github.com/paulmach/orb v0.11.1/go.mod h1:5mULz1xQfs3bmQm63QEJA6lNGujuRafwA5S/EnuLaLU=
+github.com/paulmach/orb v0.12.0 h1:z+zOwjmG3MyEEqzv92UN49Lg1JFYx0L9GpGKNVDKk1s=
+github.com/paulmach/orb v0.12.0/go.mod h1:5mULz1xQfs3bmQm63QEJA6lNGujuRafwA5S/EnuLaLU=
 github.com/paulmach/protoscan v0.2.1/go.mod h1:SpcSwydNLrxUGSDvXvO0P7g7AuhJ7lcKfDlhJCDw2gY=
 github.com/pborman/getopt v0.0.0-20170112200414-7148bc3a4c30/go.mod h1:85jBQOZwpVEaDAr341tbn15RS4fCAsIst0qp7i8ex1o=
 github.com/pelletier/go-toml v1.7.0/go.mod h1:vwGMzjaWMwyfHwgIBhI2YUM4fB6nL6lVAvS1LBMMhTE=
@@ -892,8 +892,8 @@ github.com/pelletier/go-toml/v2 v2.0.5/go.mod h1:OMHamSCAODeSsVrwwvcJOaoN0LIUIaF
 github.com/pelletier/go-toml/v2 v2.2.4 h1:mye9XuhQ6gvn5h28+VilKrrPoQVanw5PMw/TB0t5Ec4=
 github.com/pelletier/go-toml/v2 v2.2.4/go.mod h1:2gIqNv+qfxSVS7cM2xJQKtLSTLUE9V8t9Stt+h56mCY=
 github.com/pierrec/lz4 v2.0.5+incompatible/go.mod h1:pdkljMzZIN41W+lC3N2tnIh5sFi+IEE17M5jbnwPHcY=
-github.com/pierrec/lz4/v4 v4.1.23 h1:oJE7T90aYBGtFNrI8+KbETnPymobAhzRrR8Mu8n1yfU=
-github.com/pierrec/lz4/v4 v4.1.23/go.mod h1:EoQMVJgeeEOMsCqCzqFm2O0cJvljX2nGZjcRIPL34O4=
+github.com/pierrec/lz4/v4 v4.1.25 h1:kocOqRffaIbU5djlIBr7Wh+cx82C0vtFb0fOurZHqD0=
+github.com/pierrec/lz4/v4 v4.1.25/go.mod h1:EoQMVJgeeEOMsCqCzqFm2O0cJvljX2nGZjcRIPL34O4=
 github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c h1:+mdjkGKdHQG3305AYmdv1U2eRNDiU2ErMBj1gwrq8eQ=
 github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c/go.mod h1:7rwL4CYBLnjLxUqIJNnCWiEdr3bn6IUYi15bNlnbCCU=
 github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA=
@@ -911,8 +911,8 @@ github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndr
 github.com/posener/complete v1.2.3/go.mod h1:WZIdtGGp+qx0sLrYKtIRAruyNpv6hFCicSgv7Sy7s/s=
 github.com/power-devops/perfstat v0.0.0-20240221224432-82ca36839d55 h1:o4JXh1EVt9k/+g42oCprj/FisM4qX9L3sZB3upGN2ZU=
 github.com/power-devops/perfstat v0.0.0-20240221224432-82ca36839d55/go.mod h1:OmDBASR4679mdNQnz2pUhc2G8CO2JrUAVFDRBDP/hJE=
-github.com/pressly/goose/v3 v3.26.0 h1:KJakav68jdH0WDvoAcj8+n61WqOIaPGgH0bJWS6jpmM=
-github.com/pressly/goose/v3 v3.26.0/go.mod h1:4hC1KrritdCxtuFsqgs1R4AU5bWtTAf+cnWvfhf2DNY=
+github.com/pressly/goose/v3 v3.27.0 h1:/D30gVTuQhu0WsNZYbJi4DMOsx1lNq+6SkLe+Wp59BM=
+github.com/pressly/goose/v3 v3.27.0/go.mod h1:3ZBeCXqzkgIRvrEMDkYh1guvtoJTU5oMMuDdkutoM78=
 github.com/prometheus/alertmanager v0.31.0 h1:DQW02uIUNNiAa9AD9VA5xaFw5D+xrV+bocJc4gN9bEU=
 github.com/prometheus/alertmanager v0.31.0/go.mod h1:zWPQwhbLt2ybee8rL921UONeQ59Oncash+m/hGP17tU=
 github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw=
@@ -997,8 +997,8 @@ github.com/sebdah/goldie/v2 v2.5.3 h1:9ES/mNN+HNUbNWpVAlrzuZ7jE+Nrczbj8uFRjM7624
 github.com/sebdah/goldie/v2 v2.5.3/go.mod h1:oZ9fp0+se1eapSRjfYbsV/0Hqhbuu3bJVvKI/NNtssI=
 github.com/segmentio/analytics-go/v3 v3.2.1 h1:G+f90zxtc1p9G+WigVyTR0xNfOghOGs/PYAlljLOyeg=
 github.com/segmentio/analytics-go/v3 v3.2.1/go.mod h1:p8owAF8X+5o27jmvUognuXxdtqvSGtD0ZrfY2kcS9bE=
-github.com/segmentio/asm v1.2.0 h1:9BQrFxC+YOHJlTlHGkTrFWf59nbL3XnCoFLTwDCI7ys=
-github.com/segmentio/asm v1.2.0/go.mod h1:BqMnlJP91P8d+4ibuonYZw9mfnzI9HfxselHZr5aAcs=
+github.com/segmentio/asm v1.2.1 h1:DTNbBqs57ioxAD4PrArqftgypG4/qNpXoJx8TVXxPR0=
+github.com/segmentio/asm v1.2.1/go.mod h1:BqMnlJP91P8d+4ibuonYZw9mfnzI9HfxselHZr5aAcs=
 github.com/segmentio/backo-go v1.0.1 h1:68RQccglxZeyURy93ASB/2kc9QudzgIDexJ927N++y4=
 github.com/segmentio/backo-go v1.0.1/go.mod h1:9/Rh6yILuLysoQnZ2oNooD2g7aBnvM7r/fNVxRNWfBc=
 github.com/sergi/go-diff v1.4.0 h1:n/SP9D5ad1fORl+llWyN+D6qoUETXNZARKjyY2/KVCw=
@@ -1049,8 +1049,6 @@ github.com/srikanthccv/ClickHouse-go-mock v0.13.0 h1:/b7DQphGkh29ocNtLh4DGmQxQYA
 github.com/srikanthccv/ClickHouse-go-mock v0.13.0/go.mod h1:LiiyBUdXNwB/1DE9rgK/8q9qjVYsTzg6WXQ/3mU3TeY=
 github.com/stackitcloud/stackit-sdk-go/core v0.21.1 h1:Y/PcAgM7DPYMNqum0MLv4n1mF9ieuevzcCIZYQfm3Ts=
 github.com/stackitcloud/stackit-sdk-go/core v0.21.1/go.mod h1:osMglDby4csGZ5sIfhNyYq1bS1TxIdPY88+skE/kkmI=
-github.com/stoewer/go-strcase v1.3.0 h1:g0eASXYtp+yvN9fK8sH94oCIk0fau9uV1/ZdJ0AVEzs=
-github.com/stoewer/go-strcase v1.3.0/go.mod h1:fAH5hQ5pehh+j3nZfvwdk2RgEgQjAoM8wodgtPmh1xo=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/objx v0.3.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE=
@@ -1295,16 +1293,16 @@ go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux v0.63
 go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux v0.63.0/go.mod h1:34csimR1lUhdT5HH4Rii9aKPrvBcnFRwxLwcevsU+Kk=
 go.opentelemetry.io/contrib/instrumentation/net/http/httptrace/otelhttptrace v0.65.0 h1:ab5U7DpTjjN8pNgwqlA/s0Csb+N2Raqo9eTSDhfg4Z8=
 go.opentelemetry.io/contrib/instrumentation/net/http/httptrace/otelhttptrace v0.65.0/go.mod h1:nwFJC46Dxhqz5R9k7IV8To/Z46JPvW+GNKhTxQQlUzg=
-go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.65.0 h1:7iP2uCb7sGddAr30RRS6xjKy7AZ2JtTOPA3oolgVSw8=
-go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.65.0/go.mod h1:c7hN3ddxs/z6q9xwvfLPk+UHlWRQyaeR1LdgfL/66l0=
+go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.67.0 h1:OyrsyzuttWTSur2qN/Lm0m2a8yqyIjUVBZcxFPuXq2o=
+go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.67.0/go.mod h1:C2NGBr+kAB4bk3xtMXfZ94gqFDtg/GkI7e9zqGh5Beg=
 go.opentelemetry.io/contrib/otelconf v0.18.0 h1:ciF2Gf00BWs0DnexKFZXcxg9kJ8r3SUW1LOzW3CsKA8=
 go.opentelemetry.io/contrib/otelconf v0.18.0/go.mod h1:FcP7k+JLwBLdOxS6qY6VQ/4b5VBntI6L6o80IMwhAeI=
 go.opentelemetry.io/contrib/propagators/b3 v1.39.0 h1:PI7pt9pkSnimWcp5sQhUA9OzLbc3Ba4sL+VEUTNsxrk=
 go.opentelemetry.io/contrib/propagators/b3 v1.39.0/go.mod h1:5gV/EzPnfYIwjzj+6y8tbGW2PKWhcsz5e/7twptRVQY=
 go.opentelemetry.io/contrib/zpages v0.63.0 h1:TppOKuZGbqXMgsfjqq3i09N5Vbo1JLtLImUqiTPGnX4=
 go.opentelemetry.io/contrib/zpages v0.63.0/go.mod h1:5F8uugz75ay/MMhRRhxAXY33FuaI8dl7jTxefrIy5qk=
-go.opentelemetry.io/otel v1.40.0 h1:oA5YeOcpRTXq6NN7frwmwFR0Cn3RhTVZvXsP4duvCms=
-go.opentelemetry.io/otel v1.40.0/go.mod h1:IMb+uXZUKkMXdPddhwAHm6UfOwJyh4ct1ybIlV14J0g=
+go.opentelemetry.io/otel v1.42.0 h1:lSQGzTgVR3+sgJDAU/7/ZMjN9Z+vUip7leaqBKy4sho=
+go.opentelemetry.io/otel v1.42.0/go.mod h1:lJNsdRMxCUIWuMlVJWzecSMuNjE7dOYyWlqOXWkdqCc=
 go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc v0.14.0 h1:OMqPldHt79PqWKOMYIAQs3CxAi7RLgPxwfFSwr4ZxtM=
 go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc v0.14.0/go.mod h1:1biG4qiqTxKiUCtoWDPpL3fB3KxVwCiGw81j3nKMuHE=
 go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp v0.14.0 h1:QQqYw3lkrzwVsoEX0w//EhH/TCnpRdEenKBOOEIMjWc=
@@ -1313,12 +1311,12 @@ go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc v1.39.0 h1:cEf
 go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc v1.39.0/go.mod h1:k1lzV5n5U3HkGvTCJHraTAGJ7MqsgL1wrGwTj1Isfiw=
 go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.39.0 h1:nKP4Z2ejtHn3yShBb+2KawiXgpn8In5cT7aO2wXuOTE=
 go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.39.0/go.mod h1:NwjeBbNigsO4Aj9WgM0C+cKIrxsZUaRmZUO7A8I7u8o=
-go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.40.0 h1:QKdN8ly8zEMrByybbQgv8cWBcdAarwmIPZ6FThrWXJs=
-go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.40.0/go.mod h1:bTdK1nhqF76qiPoCCdyFIV+N/sRHYXYCTQc+3VCi3MI=
-go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.40.0 h1:DvJDOPmSWQHWywQS6lKL+pb8s3gBLOZUtw4N+mavW1I=
-go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.40.0/go.mod h1:EtekO9DEJb4/jRyN4v4Qjc2yA7AtfCBuz2FynRUWTXs=
-go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.40.0 h1:wVZXIWjQSeSmMoxF74LzAnpVQOAFDo3pPji9Y4SOFKc=
-go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.40.0/go.mod h1:khvBS2IggMFNwZK/6lEeHg/W57h/IX6J4URh57fuI40=
+go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.42.0 h1:THuZiwpQZuHPul65w4WcwEnkX2QIuMT+UFoOrygtoJw=
+go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.42.0/go.mod h1:J2pvYM5NGHofZ2/Ru6zw/TNWnEQp5crgyDeSrYpXkAw=
+go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.42.0 h1:zWWrB1U6nqhS/k6zYB74CjRpuiitRtLLi68VcgmOEto=
+go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.42.0/go.mod h1:2qXPNBX1OVRC0IwOnfo1ljoid+RD0QK3443EaqVlsOU=
+go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.41.0 h1:inYW9ZhgqiDqh6BioM7DVHHzEGVq76Db5897WLGZ5Go=
+go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.41.0/go.mod h1:Izur+Wt8gClgMJqO/cZ8wdeeMryJ/xxiOVgFSSfpDTY=
 go.opentelemetry.io/otel/exporters/prometheus v0.60.0 h1:cGtQxGvZbnrWdC2GyjZi0PDKVSLWP/Jocix3QWfXtbo=
 go.opentelemetry.io/otel/exporters/prometheus v0.60.0/go.mod h1:hkd1EekxNo69PTV4OWFGZcKQiIqg0RfuWExcPKFvepk=
 go.opentelemetry.io/otel/exporters/stdout/stdoutlog v0.14.0 h1:B/g+qde6Mkzxbry5ZZag0l7QrQBCtVm7lVjaLgmpje8=
@@ -1331,21 +1329,21 @@ go.opentelemetry.io/otel/log v0.15.0 h1:0VqVnc3MgyYd7QqNVIldC3dsLFKgazR6P3P3+ypk
 go.opentelemetry.io/otel/log v0.15.0/go.mod h1:9c/G1zbyZfgu1HmQD7Qj84QMmwTp2QCQsZH1aeoWDE4=
 go.opentelemetry.io/otel/log/logtest v0.14.0 h1:BGTqNeluJDK2uIHAY8lRqxjVAYfqgcaTbVk1n3MWe5A=
 go.opentelemetry.io/otel/log/logtest v0.14.0/go.mod h1:IuguGt8XVP4XA4d2oEEDMVDBBCesMg8/tSGWDjuKfoA=
-go.opentelemetry.io/otel/metric v1.40.0 h1:rcZe317KPftE2rstWIBitCdVp89A2HqjkxR3c11+p9g=
-go.opentelemetry.io/otel/metric v1.40.0/go.mod h1:ib/crwQH7N3r5kfiBZQbwrTge743UDc7DTFVZrrXnqc=
-go.opentelemetry.io/otel/sdk v1.40.0 h1:KHW/jUzgo6wsPh9At46+h4upjtccTmuZCFAc9OJ71f8=
-go.opentelemetry.io/otel/sdk v1.40.0/go.mod h1:Ph7EFdYvxq72Y8Li9q8KebuYUr2KoeyHx0DRMKrYBUE=
+go.opentelemetry.io/otel/metric v1.42.0 h1:2jXG+3oZLNXEPfNmnpxKDeZsFI5o4J+nz6xUlaFdF/4=
+go.opentelemetry.io/otel/metric v1.42.0/go.mod h1:RlUN/7vTU7Ao/diDkEpQpnz3/92J9ko05BIwxYa2SSI=
+go.opentelemetry.io/otel/sdk v1.42.0 h1:LyC8+jqk6UJwdrI/8VydAq/hvkFKNHZVIWuslJXYsDo=
+go.opentelemetry.io/otel/sdk v1.42.0/go.mod h1:rGHCAxd9DAph0joO4W6OPwxjNTYWghRWmkHuGbayMts=
 go.opentelemetry.io/otel/sdk/log v0.14.0 h1:JU/U3O7N6fsAXj0+CXz21Czg532dW2V4gG1HE/e8Zrg=
 go.opentelemetry.io/otel/sdk/log v0.14.0/go.mod h1:imQvII+0ZylXfKU7/wtOND8Hn4OpT3YUoIgqJVksUkM=
 go.opentelemetry.io/otel/sdk/log/logtest v0.14.0 h1:Ijbtz+JKXl8T2MngiwqBlPaHqc4YCaP/i13Qrow6gAM=
 go.opentelemetry.io/otel/sdk/log/logtest v0.14.0/go.mod h1:dCU8aEL6q+L9cYTqcVOk8rM9Tp8WdnHOPLiBgp0SGOA=
-go.opentelemetry.io/otel/sdk/metric v1.40.0 h1:mtmdVqgQkeRxHgRv4qhyJduP3fYJRMX4AtAlbuWdCYw=
-go.opentelemetry.io/otel/sdk/metric v1.40.0/go.mod h1:4Z2bGMf0KSK3uRjlczMOeMhKU2rhUqdWNoKcYrtcBPg=
-go.opentelemetry.io/otel/trace v1.40.0 h1:WA4etStDttCSYuhwvEa8OP8I5EWu24lkOzp+ZYblVjw=
-go.opentelemetry.io/otel/trace v1.40.0/go.mod h1:zeAhriXecNGP/s2SEG3+Y8X9ujcJOTqQ5RgdEJcawiA=
+go.opentelemetry.io/otel/sdk/metric v1.42.0 h1:D/1QR46Clz6ajyZ3G8SgNlTJKBdGp84q9RKCAZ3YGuA=
+go.opentelemetry.io/otel/sdk/metric v1.42.0/go.mod h1:Ua6AAlDKdZ7tdvaQKfSmnFTdHx37+J4ba8MwVCYM5hc=
+go.opentelemetry.io/otel/trace v1.42.0 h1:OUCgIPt+mzOnaUTpOQcBiM/PLQ/Op7oq6g4LenLmOYY=
+go.opentelemetry.io/otel/trace v1.42.0/go.mod h1:f3K9S+IFqnumBkKhRJMeaZeNk9epyhnCmQh/EysQCdc=
 go.opentelemetry.io/proto/otlp v0.7.0/go.mod h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqeYNgFYFoEGnI=
-go.opentelemetry.io/proto/otlp v1.9.0 h1:l706jCMITVouPOqEnii2fIAuO3IVGBRPV5ICjceRb/A=
-go.opentelemetry.io/proto/otlp v1.9.0/go.mod h1:xE+Cx5E/eEHw+ISFkwPLwCZefwVjY+pqKg1qcK03+/4=
+go.opentelemetry.io/proto/otlp v1.10.0 h1:IQRWgT5srOCYfiWnpqUYz9CVmbO8bFmKcwYxpuCSL2g=
+go.opentelemetry.io/proto/otlp v1.10.0/go.mod h1:/CV4QoCR/S9yaPj8utp3lvQPoqMtxXdzn7ozvvozVqk=
 go.opentelemetry.io/proto/slim/otlp v1.9.0 h1:fPVMv8tP3TrsqlkH1HWYUpbCY9cAIemx184VGkS6vlE=
 go.opentelemetry.io/proto/slim/otlp v1.9.0/go.mod h1:xXdeJJ90Gqyll+orzUkY4bOd2HECo5JofeoLpymVqdI=
 go.opentelemetry.io/proto/slim/otlp/collector/profiles/v1development v0.2.0 h1:o13nadWDNkH/quoDomDUClnQBpdQQ2Qqv0lQBjIXjE8=
@@ -1385,8 +1383,8 @@ golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm
 golang.org/x/crypto v0.0.0-20211108221036-ceb1ce70b4fa/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/crypto v0.0.0-20220411220226-7b82a4e95df4/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
 golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
-golang.org/x/crypto v0.47.0 h1:V6e3FRj+n4dbpw86FJ8Fv7XVOql7TEwpHapKoMJ/GO8=
-golang.org/x/crypto v0.47.0/go.mod h1:ff3Y9VzzKbwSSEzWqJsJVBnWmRwRSHt/6Op5n9bQc4A=
+golang.org/x/crypto v0.48.0 h1:/VRzVqiRSggnhY7gNRxPauEQ5Drw9haKdM0jqfcCFts=
+golang.org/x/crypto v0.48.0/go.mod h1:r0kV5h3qnFPlQnBSrULhlsRfryS2pmewsg+XfMgkVos=
 golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
@@ -1397,8 +1395,8 @@ golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u0
 golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4=
 golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM=
 golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU=
-golang.org/x/exp v0.0.0-20260112195511-716be5621a96 h1:Z/6YuSHTLOHfNFdb8zVZomZr7cqNgTJvA8+Qz75D8gU=
-golang.org/x/exp v0.0.0-20260112195511-716be5621a96/go.mod h1:nzimsREAkjBCIEFtHiYkrJyT+2uy9YZJB7H1k68CXZU=
+golang.org/x/exp v0.0.0-20260218203240-3dfff04db8fa h1:Zt3DZoOFFYkKhDT3v7Lm9FDMEV06GpzjG2jrqW+QTE0=
+golang.org/x/exp v0.0.0-20260218203240-3dfff04db8fa/go.mod h1:K79w1Vqn7PoiZn+TkNpx3BUWUQksGO3JcVX6qIjytmA=
 golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js=
 golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
 golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
@@ -1424,8 +1422,8 @@ golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
-golang.org/x/mod v0.32.0 h1:9F4d3PHLljb6x//jOyokMv3eX+YDeepZSEo3mFJy93c=
-golang.org/x/mod v0.32.0/go.mod h1:SgipZ/3h2Ci89DlEtEXWUk/HteuRin+HHhN+WbNhguU=
+golang.org/x/mod v0.33.0 h1:tHFzIWbBifEmbwtGz65eaWyGiGZatSrT9prnU8DbVL8=
+golang.org/x/mod v0.33.0/go.mod h1:swjeQEj+6r7fODbD2cqrnje9PnziFuw4bmLbBZFrQ5w=
 golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
@@ -1474,8 +1472,8 @@ golang.org/x/net v0.0.0-20220325170049-de3da57026de/go.mod h1:CfG3xpIq0wQ8r1q4Su
 golang.org/x/net v0.0.0-20220412020605-290c469a71a5/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
 golang.org/x/net v0.0.0-20220425223048-2871e0cb64e4/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
 golang.org/x/net v0.0.0-20220520000938-2e3eb7b945c2/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
-golang.org/x/net v0.49.0 h1:eeHFmOGUTtaaPSGNmjBKpbng9MulQsJURQUAfUwY++o=
-golang.org/x/net v0.49.0/go.mod h1:/ysNB2EvaqvesRkuLAyjI1ycPZlQHM3q01F02UY/MV8=
+golang.org/x/net v0.51.0 h1:94R/GTO7mt3/4wIKpcR5gkGmRLOuE/2hNGeWq/GBIFo=
+golang.org/x/net v0.51.0/go.mod h1:aamm+2QF5ogm02fjy5Bb7CQ0WMt1/WVM7FtyaTLlA9Y=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
 golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
@@ -1496,8 +1494,8 @@ golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8/go.mod h1:KelEdhl1UZF7XfJ
 golang.org/x/oauth2 v0.0.0-20220223155221-ee480838109b/go.mod h1:DAh4E804XQdzx2j+YRIaUnCqCV2RuMz24cGBJ5QYIrc=
 golang.org/x/oauth2 v0.0.0-20220309155454-6242fa91716a/go.mod h1:DAh4E804XQdzx2j+YRIaUnCqCV2RuMz24cGBJ5QYIrc=
 golang.org/x/oauth2 v0.0.0-20220411215720-9780585627b5/go.mod h1:DAh4E804XQdzx2j+YRIaUnCqCV2RuMz24cGBJ5QYIrc=
-golang.org/x/oauth2 v0.34.0 h1:hqK/t4AKgbqWkdkcAeI8XLmbK+4m4G5YeQRrmiotGlw=
-golang.org/x/oauth2 v0.34.0/go.mod h1:lzm5WQJQwKZ3nwavOZ3IS5Aulzxi68dUSgRHujetwEA=
+golang.org/x/oauth2 v0.35.0 h1:Mv2mzuHuZuY2+bkyWXIHMfhNdJAdwW3FuWeCPYN5GVQ=
+golang.org/x/oauth2 v0.35.0/go.mod h1:lzm5WQJQwKZ3nwavOZ3IS5Aulzxi68dUSgRHujetwEA=
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
@@ -1510,8 +1508,8 @@ golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJ
 golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20220513210516-0976fa681c29/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.19.0 h1:vV+1eWNmZ5geRlYjzm2adRgW2/mcpevXNg50YZtPCE4=
-golang.org/x/sync v0.19.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI=
+golang.org/x/sync v0.20.0 h1:e0PTpb7pjO8GAtTs2dQ6jYa5BWYlMuX047Dco/pItO4=
+golang.org/x/sync v0.20.0/go.mod h1:9xrNwdLfx4jkKbNva9FpL6vEN7evnE43NNNJQ2LF3+0=
 golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
@@ -1598,12 +1596,12 @@ golang.org/x/sys v0.0.0-20220502124256-b6088ccd6cba/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.40.0 h1:DBZZqJ2Rkml6QMQsZywtnjnnGvHza6BTfYFWY9kjEWQ=
-golang.org/x/sys v0.40.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
+golang.org/x/sys v0.42.0 h1:omrd2nAlyT5ESRdCLYdm3+fMfNFE/+Rf4bDIQImRJeo=
+golang.org/x/sys v0.42.0/go.mod h1:4GL1E5IUh+htKOUEOaiffhrAeqysfVGipDYzABqnCmw=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
-golang.org/x/term v0.39.0 h1:RclSuaJf32jOqZz74CkPA9qFuVTX7vhLlpfj/IGWlqY=
-golang.org/x/term v0.39.0/go.mod h1:yxzUCTP/U+FzoxfdKmLaA0RV1WgE0VY7hXBwKtY/4ww=
+golang.org/x/term v0.40.0 h1:36e4zGLqU4yhjlmxEaagx2KuYbJq3EwY8K943ZsHcvg=
+golang.org/x/term v0.40.0/go.mod h1:w2P8uVp06p2iyKKuvXIm7N/y0UCRt3UfJTfZ7oOpglM=
 golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
@@ -1614,8 +1612,8 @@ golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
-golang.org/x/text v0.33.0 h1:B3njUFyqtHDUI5jMn1YIr5B0IE2U0qck04r6d4KPAxE=
-golang.org/x/text v0.33.0/go.mod h1:LuMebE6+rBincTi9+xWTY8TztLzKHc/9C1uBCG27+q8=
+golang.org/x/text v0.34.0 h1:oL/Qq0Kdaqxa1KbNeMKwQq0reLCCaFtqu2eNuSeNHbk=
+golang.org/x/text v0.34.0/go.mod h1:homfLqTYRFyVYemLBFl5GgL/DWEiH5wcsQ5gSh1yziA=
 golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
@@ -1678,8 +1676,8 @@ golang.org/x/tools v0.1.2/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
 golang.org/x/tools v0.1.3/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
 golang.org/x/tools v0.1.4/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
 golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
-golang.org/x/tools v0.41.0 h1:a9b8iMweWG+S0OBnlU36rzLp20z1Rp10w+IY2czHTQc=
-golang.org/x/tools v0.41.0/go.mod h1:XSY6eDqxVNiYgezAVqqCeihT4j1U2CCsqvH3WhQpnlg=
+golang.org/x/tools v0.42.0 h1:uNgphsn75Tdz5Ji2q36v/nsFSfR/9BRFvqhGBaJGd5k=
+golang.org/x/tools v0.42.0/go.mod h1:Ma6lCIwGZvHK6XtgbswSoWroEkhugApmsXyrUmBhfr0=
 golang.org/x/tools/godoc v0.1.0-deprecated h1:o+aZ1BOj6Hsx/GBdJO/s815sqftjSnrZZwyYTHODvtk=
 golang.org/x/tools/godoc v0.1.0-deprecated/go.mod h1:qM63CriJ961IHWmnWa9CjZnBndniPt4a3CK0PVB9bIg=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
@@ -1820,10 +1818,10 @@ google.golang.org/genproto v0.0.0-20220505152158-f39f71e6c8f3/go.mod h1:RAyBrSAP
 google.golang.org/genproto v0.0.0-20220519153652-3a47de7e79bd/go.mod h1:RAyBrSAP7Fh3Nc84ghnVLDPuV51xc9agzmm4Ph6i0Q4=
 google.golang.org/genproto v0.0.0-20251202230838-ff82c1b0f217 h1:GvESR9BIyHUahIb0NcTum6itIWtdoglGX+rnGxm2934=
 google.golang.org/genproto v0.0.0-20251202230838-ff82c1b0f217/go.mod h1:yJ2HH4EHEDTd3JiLmhds6NkJ17ITVYOdV3m3VKOnws0=
-google.golang.org/genproto/googleapis/api v0.0.0-20260203192932-546029d2fa20 h1:7ei4lp52gK1uSejlA8AZl5AJjeLUOHBQscRQZUgAcu0=
-google.golang.org/genproto/googleapis/api v0.0.0-20260203192932-546029d2fa20/go.mod h1:ZdbssH/1SOVnjnDlXzxDHK2MCidiqXtbYccJNzNYPEE=
-google.golang.org/genproto/googleapis/rpc v0.0.0-20260128011058-8636f8732409 h1:H86B94AW+VfJWDqFeEbBPhEtHzJwJfTbgE2lZa54ZAQ=
-google.golang.org/genproto/googleapis/rpc v0.0.0-20260128011058-8636f8732409/go.mod h1:j9x/tPzZkyxcgEFkiKEEGxfvyumM01BEtsW8xzOahRQ=
+google.golang.org/genproto/googleapis/api v0.0.0-20260209200024-4cfbd4190f57 h1:JLQynH/LBHfCTSbDWl+py8C+Rg/k1OVH3xfcaiANuF0=
+google.golang.org/genproto/googleapis/api v0.0.0-20260209200024-4cfbd4190f57/go.mod h1:kSJwQxqmFXeo79zOmbrALdflXQeAYcUbgS7PbpMknCY=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20260226221140-a57be14db171 h1:ggcbiqK8WWh6l1dnltU4BgWGIGo+EVYxCaAPih/zQXQ=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20260226221140-a57be14db171/go.mod h1:4Hqkh8ycfw05ld/3BWL7rJOSfebL2Q+DVDeRgYgxUU8=
 google.golang.org/grpc v1.14.0/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw=
 google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
 google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38=
@@ -1856,8 +1854,8 @@ google.golang.org/grpc v1.44.0/go.mod h1:k+4IHHFw41K8+bbowsex27ge2rCb65oeWqe4jJ5
 google.golang.org/grpc v1.45.0/go.mod h1:lN7owxKUQEqMfSyQikvvk5tf/6zMPsrK+ONuO11+0rQ=
 google.golang.org/grpc v1.46.0/go.mod h1:vN9eftEi1UMyUsIF80+uQXhHjbXYbm0uXoFCACuMGWk=
 google.golang.org/grpc v1.46.2/go.mod h1:vN9eftEi1UMyUsIF80+uQXhHjbXYbm0uXoFCACuMGWk=
-google.golang.org/grpc v1.78.0 h1:K1XZG/yGDJnzMdd/uZHAkVqJE+xIDOcmdSFZkBUicNc=
-google.golang.org/grpc v1.78.0/go.mod h1:I47qjTo4OKbMkjA/aOOwxDIiPSBofUtQUI5EfpWvW7U=
+google.golang.org/grpc v1.79.3 h1:sybAEdRIEtvcD68Gx7dmnwjZKlyfuc61Dyo9pGXXkKE=
+google.golang.org/grpc v1.79.3/go.mod h1:KmT0Kjez+0dde/v2j9vzwoAScgEPx/Bw1CYChhHLrHQ=
 google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.1.0/go.mod h1:6Kw0yEErY5E/yWrBtf03jp27GLLJujG4z/JK95pnjjw=
 google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
 google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
@@ -1927,18 +1925,20 @@ k8s.io/kube-openapi v0.0.0-20250910181357-589584f1c912 h1:Y3gxNAuB0OBLImH611+UDZ
 k8s.io/kube-openapi v0.0.0-20250910181357-589584f1c912/go.mod h1:kdmbQkyfwUagLfXIad1y2TdrjPFWp2Q89B3qkRwf/pQ=
 k8s.io/utils v0.0.0-20251002143259-bc988d571ff4 h1:SjGebBtkBqHFOli+05xYbK8YF1Dzkbzn+gDM4X9T4Ck=
 k8s.io/utils v0.0.0-20251002143259-bc988d571ff4/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0=
-modernc.org/cc/v4 v4.26.5 h1:xM3bX7Mve6G8K8b+T11ReenJOT+BmVqQj0FY5T4+5Y4=
-modernc.org/cc/v4 v4.26.5/go.mod h1:uVtb5OGqUKpoLWhqwNQo/8LwvoiEBLvZXIQ/SmO6mL0=
-modernc.org/ccgo/v4 v4.28.1 h1:wPKYn5EC/mYTqBO373jKjvX2n+3+aK7+sICCv4Fjy1A=
-modernc.org/ccgo/v4 v4.28.1/go.mod h1:uD+4RnfrVgE6ec9NGguUNdhqzNIeeomeXf6CL0GTE5Q=
-modernc.org/fileutil v1.3.40 h1:ZGMswMNc9JOCrcrakF1HrvmergNLAmxOPjizirpfqBA=
-modernc.org/fileutil v1.3.40/go.mod h1:HxmghZSZVAz/LXcMNwZPA/DRrQZEVP9VX0V4LQGQFOc=
+modernc.org/cc/v4 v4.27.1 h1:9W30zRlYrefrDV2JE2O8VDtJ1yPGownxciz5rrbQZis=
+modernc.org/cc/v4 v4.27.1/go.mod h1:uVtb5OGqUKpoLWhqwNQo/8LwvoiEBLvZXIQ/SmO6mL0=
+modernc.org/ccgo/v4 v4.32.0 h1:hjG66bI/kqIPX1b2yT6fr/jt+QedtP2fqojG2VrFuVw=
+modernc.org/ccgo/v4 v4.32.0/go.mod h1:6F08EBCx5uQc38kMGl+0Nm0oWczoo1c7cgpzEry7Uc0=
+modernc.org/fileutil v1.4.0 h1:j6ZzNTftVS054gi281TyLjHPp6CPHr2KCxEXjEbD6SM=
+modernc.org/fileutil v1.4.0/go.mod h1:EqdKFDxiByqxLk8ozOxObDSfcVOv/54xDs/DUHdvCUU=
 modernc.org/gc/v2 v2.6.5 h1:nyqdV8q46KvTpZlsw66kWqwXRHdjIlJOhG6kxiV/9xI=
 modernc.org/gc/v2 v2.6.5/go.mod h1:YgIahr1ypgfe7chRuJi2gD7DBQiKSLMPgBQe9oIiito=
+modernc.org/gc/v3 v3.1.2 h1:ZtDCnhonXSZexk/AYsegNRV1lJGgaNZJuKjJSWKyEqo=
+modernc.org/gc/v3 v3.1.2/go.mod h1:HFK/6AGESC7Ex+EZJhJ2Gni6cTaYpSMmU/cT9RmlfYY=
 modernc.org/goabi0 v0.2.0 h1:HvEowk7LxcPd0eq6mVOAEMai46V+i7Jrj13t4AzuNks=
 modernc.org/goabi0 v0.2.0/go.mod h1:CEFRnnJhKvWT1c1JTI3Avm+tgOWbkOu5oPA8eH8LnMI=
-modernc.org/libc v1.66.10 h1:yZkb3YeLx4oynyR+iUsXsybsX4Ubx7MQlSYEw4yj59A=
-modernc.org/libc v1.66.10/go.mod h1:8vGSEwvoUoltr4dlywvHqjtAqHBaw0j1jI7iFBTAr2I=
+modernc.org/libc v1.70.0 h1:U58NawXqXbgpZ/dcdS9kMshu08aiA6b7gusEusqzNkw=
+modernc.org/libc v1.70.0/go.mod h1:OVmxFGP1CI/Z4L3E0Q3Mf1PDE0BucwMkcXjjLntvHJo=
 modernc.org/mathutil v1.7.1 h1:GCZVGXdaN8gTqB1Mf/usp1Y/hSqgI2vAGGP4jZMCxOU=
 modernc.org/mathutil v1.7.1/go.mod h1:4p5IwJITfppl0G4sUEDtCr4DthTaT47/N3aT6MhfgJg=
 modernc.org/memory v1.11.0 h1:o4QC8aMQzmcwCK3t3Ux/ZHmwFPzE6hf2Y5LbkRs+hbI=
@@ -1947,8 +1947,8 @@ modernc.org/opt v0.1.4 h1:2kNGMRiUjrp4LcaPuLY2PzUfqM/w9N23quVwhKt5Qm8=
 modernc.org/opt v0.1.4/go.mod h1:03fq9lsNfvkYSfxrfUhZCWPk1lm4cq4N+Bh//bEtgns=
 modernc.org/sortutil v1.2.1 h1:+xyoGf15mM3NMlPDnFqrteY07klSFxLElE2PVuWIJ7w=
 modernc.org/sortutil v1.2.1/go.mod h1:7ZI3a3REbai7gzCLcotuw9AC4VZVpYMjDzETGsSMqJE=
-modernc.org/sqlite v1.40.1 h1:VfuXcxcUWWKRBuP8+BR9L7VnmusMgBNNnBYGEe9w/iY=
-modernc.org/sqlite v1.40.1/go.mod h1:9fjQZ0mB1LLP0GYrp39oOJXx/I2sxEnZtzCmEQIKvGE=
+modernc.org/sqlite v1.47.0 h1:R1XyaNpoW4Et9yly+I2EeX7pBza/w+pmYee/0HJDyKk=
+modernc.org/sqlite v1.47.0/go.mod h1:hWjRO6Tj/5Ik8ieqxQybiEOUXy0NJFNp2tpvVpKlvig=
 modernc.org/strutil v1.2.1 h1:UneZBkQA+DX2Rp35KcM69cSsNES9ly8mQWD71HKlOA0=
 modernc.org/strutil v1.2.1/go.mod h1:EHkiggD70koQxjVdSBM3JKM7k6L0FbGE5eymy9i3B9A=
 modernc.org/token v1.1.0 h1:Xl7Ap9dKaEs5kLoOQeQmPWevfnk/DM5qcLcYlA8ys6Y=
@@ -1960,8 +1960,8 @@ sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730 h1:IpInykpT6ceI+QxKBbEflcR5E
 sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730/go.mod h1:mdzfpAEoE6DHQEN0uh9ZbOCuHbLK5wOm7dK4ctXE9Tg=
 sigs.k8s.io/randfill v1.0.0 h1:JfjMILfT8A6RbawdsK2JXGBR5AQVfd+9TbzrlneTyrU=
 sigs.k8s.io/randfill v1.0.0/go.mod h1:XeLlZ/jmk4i1HRopwe7/aU3H5n1zNUcX6TM94b3QxOY=
-sigs.k8s.io/structured-merge-diff/v6 v6.3.0 h1:jTijUJbW353oVOd9oTlifJqOGEkUw2jB/fXCbTiQEco=
-sigs.k8s.io/structured-merge-diff/v6 v6.3.0/go.mod h1:M3W8sfWvn2HhQDIbGWj3S099YozAsymCo/wrT5ohRUE=
+sigs.k8s.io/structured-merge-diff/v6 v6.3.2-0.20260122202528-d9cc6641c482 h1:2WOzJpHUBVrrkDjU4KBT8n5LDcj824eX0I5UKcgeRUs=
+sigs.k8s.io/structured-merge-diff/v6 v6.3.2-0.20260122202528-d9cc6641c482/go.mod h1:M3W8sfWvn2HhQDIbGWj3S099YozAsymCo/wrT5ohRUE=
 sigs.k8s.io/yaml v1.2.0/go.mod h1:yfXDCHCao9+ENCvLSE62v9VSji2MKu5jeNfTrofGhJc=
 sigs.k8s.io/yaml v1.6.0 h1:G8fkbMSAFqgEFgh4b1wmtzDnioxFCUgTZhlbj5P9QYs=
 sigs.k8s.io/yaml v1.6.0/go.mod h1:796bPqUfzR/0jLAl6XjHl3Ck7MiyVv8dbTdyT3/pMf4=

pkg/alertmanager/alertmanagerserver/dispatcher.go

@@ -278,8 +278,7 @@ func (d *Dispatcher) processAlert(alert *types.Alert, route *dispatch.Route) {
 	ruleId := getRuleIDFromAlert(alert)
 	config, err := d.notificationManager.GetNotificationConfig(d.orgID, ruleId)
 	if err != nil {
-		//nolint:sloglint
-		d.logger.ErrorContext(d.ctx, "error getting alert notification config", slog.String("rule.id", ruleId), errors.Attr(err))
+		d.logger.ErrorContext(d.ctx, "error getting alert notification config", slog.String("rule_id", ruleId), errors.Attr(err))
 		return
 	}
 	renotifyInterval := config.Renotify.RenotifyInterval
@@ -329,12 +328,7 @@ func (d *Dispatcher) processAlert(alert *types.Alert, route *dispatch.Route) {
 	go ag.run(func(ctx context.Context, alerts ...*types.Alert) bool {
 		_, _, err := d.stage.Exec(ctx, d.logger, alerts...)
 		if err != nil {
-			receiverName, _ := notify.ReceiverName(ctx)
-			logger := d.logger.With(
-				slog.String("receiver", receiverName),
-				slog.Int("num_alerts", len(alerts)),
-				errors.Attr(err),
-			)
+			logger := d.logger.With(slog.Int("num_alerts", len(alerts)), errors.Attr(err))
 			if errors.Is(ctx.Err(), context.Canceled) {
 				// It is expected for the context to be canceled on
 				// configuration reload or shutdown. In this case, the

pkg/apiserver/signozapiserver/cloudintegration.go

@@ -10,26 +10,6 @@ import (
 )
 
 func (provider *provider) addCloudIntegrationRoutes(router *mux.Router) error {
-	if err := router.Handle("/api/v1/cloud_integrations/{cloud_provider}/credentials", handler.New(
-		provider.authZ.AdminAccess(provider.cloudIntegrationHandler.GetConnectionCredentials),
-		handler.OpenAPIDef{
-			ID:                  "GetConnectionCredentials",
-			Tags:                []string{"cloudintegration"},
-			Summary:             "Get connection credentials",
-			Description:         "This endpoint retrieves the connection credentials required for integration",
-			Request:             nil,
-			RequestContentType:  "application/json",
-			Response:            new(citypes.Credentials),
-			ResponseContentType: "application/json",
-			SuccessStatusCode:   http.StatusOK,
-			ErrorStatusCodes:    []int{},
-			Deprecated:          false,
-			SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
-		},
-	)).Methods(http.MethodGet).GetError(); err != nil {
-		return err
-	}
-
 	if err := router.Handle("/api/v1/cloud_integrations/{cloud_provider}/accounts", handler.New(
 		provider.authZ.AdminAccess(provider.cloudIntegrationHandler.CreateAccount),
 		handler.OpenAPIDef{
@@ -37,9 +17,9 @@ func (provider *provider) addCloudIntegrationRoutes(router *mux.Router) error {
 			Tags:                []string{"cloudintegration"},
 			Summary:             "Create account",
 			Description:         "This endpoint creates a new cloud integration account for the specified cloud provider",
-			Request:             new(citypes.PostableAccount),
+			Request:             new(citypes.PostableConnectionArtifact),
 			RequestContentType:  "application/json",
-			Response:            new(citypes.GettableAccountWithConnectionArtifact),
+			Response:            new(citypes.GettableAccountWithArtifact),
 			ResponseContentType: "application/json",
 			SuccessStatusCode:   http.StatusOK,
 			ErrorStatusCodes:    []int{},
@@ -79,7 +59,7 @@ func (provider *provider) addCloudIntegrationRoutes(router *mux.Router) error {
 			Description:         "This endpoint gets an account for the specified cloud provider",
 			Request:             nil,
 			RequestContentType:  "",
-			Response:            new(citypes.Account),
+			Response:            new(citypes.GettableAccount),
 			ResponseContentType: "application/json",
 			SuccessStatusCode:   http.StatusOK,
 			ErrorStatusCodes:    []int{http.StatusBadRequest, http.StatusNotFound},
@@ -159,7 +139,7 @@ func (provider *provider) addCloudIntegrationRoutes(router *mux.Router) error {
 			Description:         "This endpoint gets a service for the specified cloud provider",
 			Request:             nil,
 			RequestContentType:  "",
-			Response:            new(citypes.Service),
+			Response:            new(citypes.GettableService),
 			ResponseContentType: "application/json",
 			SuccessStatusCode:   http.StatusOK,
 			ErrorStatusCodes:    []int{},
@@ -170,7 +150,7 @@ func (provider *provider) addCloudIntegrationRoutes(router *mux.Router) error {
 		return err
 	}
 
-	if err := router.Handle("/api/v1/cloud_integrations/{cloud_provider}/accounts/{id}/services/{service_id}", handler.New(
+	if err := router.Handle("/api/v1/cloud_integrations/{cloud_provider}/services/{service_id}", handler.New(
 		provider.authZ.AdminAccess(provider.cloudIntegrationHandler.UpdateService),
 		handler.OpenAPIDef{
 			ID:                  "UpdateService",
@@ -199,9 +179,9 @@ func (provider *provider) addCloudIntegrationRoutes(router *mux.Router) error {
 			Tags:                []string{"cloudintegration"},
 			Summary:             "Agent check-in",
 			Description:         "[Deprecated] This endpoint is called by the deployed agent to check in",
-			Request:             new(citypes.PostableAgentCheckIn),
+			Request:             new(citypes.PostableAgentCheckInRequest),
 			RequestContentType:  "application/json",
-			Response:            new(citypes.GettableAgentCheckIn),
+			Response:            new(citypes.GettableAgentCheckInResponse),
 			ResponseContentType: "application/json",
 			SuccessStatusCode:   http.StatusOK,
 			ErrorStatusCodes:    []int{},
@@ -219,9 +199,9 @@ func (provider *provider) addCloudIntegrationRoutes(router *mux.Router) error {
 			Tags:                []string{"cloudintegration"},
 			Summary:             "Agent check-in",
 			Description:         "This endpoint is called by the deployed agent to check in",
-			Request:             new(citypes.PostableAgentCheckIn),
+			Request:             new(citypes.PostableAgentCheckInRequest),
 			RequestContentType:  "application/json",
-			Response:            new(citypes.GettableAgentCheckIn),
+			Response:            new(citypes.GettableAgentCheckInResponse),
 			ResponseContentType: "application/json",
 			SuccessStatusCode:   http.StatusOK,
 			ErrorStatusCodes:    []int{},

pkg/modules/cloudintegration/cloudintegration.go

@@ -10,42 +10,37 @@ import (
 )
 
 type Module interface {
-	GetConnectionCredentials(ctx context.Context, orgID valuer.UUID, provider citypes.CloudProviderType) (*citypes.Credentials, error)
-
 	CreateAccount(ctx context.Context, account *citypes.Account) error
 
 	// GetAccount returns cloud integration account
-	GetAccount(ctx context.Context, orgID, accountID valuer.UUID, provider citypes.CloudProviderType) (*citypes.Account, error)
+	GetAccount(ctx context.Context, orgID, accountID valuer.UUID) (*citypes.Account, error)
 
 	// ListAccounts lists accounts where agent is connected
-	ListAccounts(ctx context.Context, orgID valuer.UUID, provider citypes.CloudProviderType) ([]*citypes.Account, error)
+	ListAccounts(ctx context.Context, orgID valuer.UUID) ([]*citypes.Account, error)
 
 	// UpdateAccount updates the cloud integration account for a specific organization.
 	UpdateAccount(ctx context.Context, account *citypes.Account) error
 
 	// DisconnectAccount soft deletes/removes a cloud integration account.
-	DisconnectAccount(ctx context.Context, orgID, accountID valuer.UUID, provider citypes.CloudProviderType) error
+	DisconnectAccount(ctx context.Context, orgID, accountID valuer.UUID) error
 
 	// GetConnectionArtifact returns cloud provider specific connection information,
 	// client side handles how this information is shown
-	GetConnectionArtifact(ctx context.Context, account *citypes.Account, req *citypes.GetConnectionArtifactRequest) (*citypes.ConnectionArtifact, error)
+	GetConnectionArtifact(ctx context.Context, account *citypes.Account, req *citypes.ConnectionArtifactRequest) (*citypes.ConnectionArtifact, error)
 
-	// ListServicesMetadata returns the list of supported services' metadata for a cloud provider with optional filtering for a specific integration
-	// This just returns a summary of the service and not the whole service definition.
-	ListServicesMetadata(ctx context.Context, orgID valuer.UUID, provider citypes.CloudProviderType, integrationID *valuer.UUID) ([]*citypes.ServiceMetadata, error)
+	// ListServicesMetadata returns the list of services metadata for a cloud provider attached with the integrationID.
+	// This just returns a summary of the service and not the whole service definition
+	ListServicesMetadata(ctx context.Context, orgID valuer.UUID, integrationID *valuer.UUID) ([]*citypes.ServiceMetadata, error)
 
-	// GetService returns service definition details for a serviceID. This optionally returns the service config
-	// for integrationID if provided.
-	GetService(ctx context.Context, orgID valuer.UUID, integrationID *valuer.UUID, serviceID citypes.ServiceID, provider citypes.CloudProviderType) (*citypes.Service, error)
-
-	// CreateService creates a new service for a cloud integration account.
-	CreateService(ctx context.Context, orgID valuer.UUID, service *citypes.CloudIntegrationService, provider citypes.CloudProviderType) error
+	// GetService returns service definition details for a serviceID. This returns config and
+	// other details required to show in service details page on web client.
+	GetService(ctx context.Context, orgID valuer.UUID, integrationID *valuer.UUID, serviceID string) (*citypes.Service, error)
 
 	// UpdateService updates cloud integration service
-	UpdateService(ctx context.Context, orgID valuer.UUID, service *citypes.CloudIntegrationService, provider citypes.CloudProviderType) error
+	UpdateService(ctx context.Context, orgID valuer.UUID, service *citypes.CloudIntegrationService) error
 
-	// AgentCheckIn is called by agent to send heartbeat and get latest config in response.
-	AgentCheckIn(ctx context.Context, orgID valuer.UUID, provider citypes.CloudProviderType, req *citypes.AgentCheckInRequest) (*citypes.AgentCheckInResponse, error)
+	// AgentCheckIn is called by agent to heartbeat and get latest config in response.
+	AgentCheckIn(ctx context.Context, orgID valuer.UUID, req *citypes.AgentCheckInRequest) (*citypes.AgentCheckInResponse, error)
 
 	// GetDashboardByID returns dashboard JSON for a given dashboard id.
 	// this only returns the dashboard when the service (embedded in dashboard id) is enabled
@@ -57,22 +52,7 @@ type Module interface {
 	ListDashboards(ctx context.Context, orgID valuer.UUID) ([]*dashboardtypes.Dashboard, error)
 }
 
-type CloudProviderModule interface {
-	GetConnectionArtifact(ctx context.Context, account *citypes.Account, req *citypes.GetConnectionArtifactRequest) (*citypes.ConnectionArtifact, error)
-
-	// ListServiceDefinitions returns all service definitions for this cloud provider.
-	ListServiceDefinitions(ctx context.Context) ([]*citypes.ServiceDefinition, error)
-
-	// GetServiceDefinition returns the service definition for the given service ID.
-	GetServiceDefinition(ctx context.Context, serviceID citypes.ServiceID) (*citypes.ServiceDefinition, error)
-
-	// BuildIntegrationConfig compiles the provider-specific integration config from the account
-	// and list of configured services. This is the config returned to the agent on check-in.
-	BuildIntegrationConfig(ctx context.Context, account *citypes.Account, services []*citypes.StorableCloudIntegrationService) (*citypes.ProviderIntegrationConfig, error)
-}
-
 type Handler interface {
-	GetConnectionCredentials(http.ResponseWriter, *http.Request)
 	CreateAccount(http.ResponseWriter, *http.Request)
 	ListAccounts(http.ResponseWriter, *http.Request)
 	GetAccount(http.ResponseWriter, *http.Request)

pkg/modules/cloudintegration/implcloudintegration/fs/definitions/aws/alb/integration.json

@@ -447,9 +447,9 @@
   "telemetryCollectionStrategy": {
     "aws": {
       "metrics": {
-        "streamFilters": [
+        "cloudwatchMetricStreamFilters": [
           {
-            "namespace": "AWS/ApplicationELB"
+            "Namespace": "AWS/ApplicationELB"
           }
         ]
       }

pkg/modules/cloudintegration/implcloudintegration/fs/definitions/aws/api-gateway/integration.json

@@ -171,14 +171,14 @@
   "telemetryCollectionStrategy": {
     "aws": {
       "metrics": {
-        "streamFilters": [
+        "cloudwatchMetricStreamFilters": [
           {
-            "namespace": "AWS/ApiGateway"
+            "Namespace": "AWS/ApiGateway"
           }
         ]
       },
       "logs": {
-        "subscriptions": [
+        "cloudwatchLogsSubscriptions": [
           {
             "logGroupNamePrefix": "API-Gateway",
             "filterPattern": ""

pkg/modules/cloudintegration/implcloudintegration/fs/definitions/aws/dynamodb/integration.json

@@ -374,9 +374,9 @@
   "telemetryCollectionStrategy": {
     "aws": {
       "metrics": {
-        "streamFilters": [
+        "cloudwatchMetricStreamFilters": [
           {
-            "namespace": "AWS/DynamoDB"
+            "Namespace": "AWS/DynamoDB"
           }
         ]
       }

pkg/modules/cloudintegration/implcloudintegration/fs/definitions/aws/ec2/integration.json

@@ -495,12 +495,12 @@
   "telemetryCollectionStrategy": {
     "aws": {
       "metrics": {
-        "streamFilters": [
+        "cloudwatchMetricStreamFilters": [
           {
-            "namespace": "AWS/EC2"
+            "Namespace": "AWS/EC2"
           },
           {
-            "namespace": "CWAgent"
+            "Namespace": "CWAgent"
           }
         ]
       }

pkg/modules/cloudintegration/implcloudintegration/fs/definitions/aws/ecs/integration.json

@@ -823,17 +823,17 @@
   "telemetryCollectionStrategy": {
     "aws": {
       "metrics": {
-        "streamFilters": [
+        "cloudwatchMetricStreamFilters": [
           {
-            "namespace": "AWS/ECS"
+            "Namespace": "AWS/ECS"
           },
           {
-            "namespace": "ECS/ContainerInsights"
+            "Namespace": "ECS/ContainerInsights"
           }
         ]
       },
       "logs": {
-        "subscriptions": [
+        "cloudwatchLogsSubscriptions": [
           {
             "logGroupNamePrefix": "/ecs",
             "filterPattern": ""

pkg/modules/cloudintegration/implcloudintegration/fs/definitions/aws/eks/integration.json

@@ -2702,17 +2702,17 @@
   "telemetryCollectionStrategy": {
     "aws": {
       "metrics": {
-        "streamFilters": [
+        "cloudwatchMetricStreamFilters": [
           {
-            "namespace": "AWS/EKS"
+            "Namespace": "AWS/EKS"
           },
           {
-            "namespace": "ContainerInsights"
+            "Namespace": "ContainerInsights"
           }
         ]
       },
       "logs": {
-        "subscriptions": [
+        "cloudwatchLogsSubscriptions": [
           {
             "logGroupNamePrefix": "/aws/containerinsights",
             "filterPattern": ""

pkg/modules/cloudintegration/implcloudintegration/fs/definitions/aws/elasticache/integration.json

@@ -1934,9 +1934,9 @@
   "telemetryCollectionStrategy": {
     "aws": {
       "metrics": {
-        "streamFilters": [
+        "cloudwatchMetricStreamFilters": [
           {
-            "namespace": "AWS/ElastiCache"
+            "Namespace": "AWS/ElastiCache"
           }
         ]
       }

pkg/modules/cloudintegration/implcloudintegration/fs/definitions/aws/lambda/integration.json

@@ -271,14 +271,14 @@
   "telemetryCollectionStrategy": {
     "aws": {
       "metrics": {
-        "streamFilters": [
+        "cloudwatchMetricStreamFilters": [
           {
-            "namespace": "AWS/Lambda"
+            "Namespace": "AWS/Lambda"
           }
         ]
       },
       "logs": {
-        "subscriptions": [
+        "cloudwatchLogsSubscriptions": [
           {
             "logGroupNamePrefix": "/aws/lambda",
             "filterPattern": ""

pkg/modules/cloudintegration/implcloudintegration/fs/definitions/aws/msk/integration.json

@@ -1070,9 +1070,9 @@
   "telemetryCollectionStrategy": {
     "aws": {
       "metrics": {
-        "streamFilters": [
+        "cloudwatchMetricStreamFilters": [
           {
-            "namespace": "AWS/Kafka"
+            "Namespace": "AWS/Kafka"
           }
         ]
       }

pkg/modules/cloudintegration/implcloudintegration/fs/definitions/aws/rds/integration.json

@@ -775,14 +775,14 @@
   "telemetryCollectionStrategy": {
     "aws": {
       "metrics": {
-        "streamFilters": [
+        "cloudwatchMetricStreamFilters": [
           {
-            "namespace": "AWS/RDS"
+            "Namespace": "AWS/RDS"
           }
         ]
       },
       "logs": {
-        "subscriptions": [
+        "cloudwatchLogsSubscriptions": [
           {
             "logGroupNamePrefix": "/aws/rds",
             "filterPattern": ""

pkg/modules/cloudintegration/implcloudintegration/fs/definitions/aws/s3sync/integration.json

@@ -39,7 +39,7 @@
   "telemetryCollectionStrategy": {
     "aws": {
       "logs": {
-        "subscriptions": [
+        "cloudwatchLogsSubscriptions": [
           {
             "logGroupNamePrefix": "x/signoz/forwarder",
             "filterPattern": ""

pkg/modules/cloudintegration/implcloudintegration/fs/definitions/aws/sns/integration.json

@@ -110,9 +110,9 @@
   "telemetryCollectionStrategy": {
     "aws": {
       "metrics": {
-        "streamFilters": [
+        "cloudwatchMetricStreamFilters": [
           {
-            "namespace": "AWS/SNS"
+            "Namespace": "AWS/SNS"
           }
         ]
       }

pkg/modules/cloudintegration/implcloudintegration/fs/definitions/aws/sqs/integration.json

@@ -230,9 +230,9 @@
   "telemetryCollectionStrategy": {
     "aws": {
       "metrics": {
-        "streamFilters": [
+        "cloudwatchMetricStreamFilters": [
           {
-            "namespace": "AWS/SQS"
+            "Namespace": "AWS/SQS"
           }
         ]
       }

pkg/modules/cloudintegration/implcloudintegration/handler.go

@@ -12,10 +12,6 @@ func NewHandler() cloudintegration.Handler {
 	return &handler{}
 }
 
-func (handler *handler) GetConnectionCredentials(http.ResponseWriter, *http.Request) {
-	panic("unimplemented")
-}
-
 func (handler *handler) CreateAccount(writer http.ResponseWriter, request *http.Request) {
 	// TODO implement me
 	panic("implement me")

pkg/modules/cloudintegration/implcloudintegration/store.go

@@ -34,25 +34,6 @@ func (store *store) GetAccountByID(ctx context.Context, orgID, id valuer.UUID, p
 	return account, nil
 }
 
-func (store *store) GetConnectedAccount(ctx context.Context, orgID valuer.UUID, provider cloudintegrationtypes.CloudProviderType, providerAccountID string) (*cloudintegrationtypes.StorableCloudIntegration, error) {
-	account := new(cloudintegrationtypes.StorableCloudIntegration)
-	err := store.
-		store.
-		BunDBCtx(ctx).
-		NewSelect().
-		Model(account).
-		Where("org_id = ?", orgID).
-		Where("provider = ?", provider).
-		Where("account_id = ?", providerAccountID).
-		Where("last_agent_report IS NOT NULL").
-		Where("removed_at IS NULL").
-		Scan(ctx)
-	if err != nil {
-		return nil, store.store.WrapNotFoundErrf(err, cloudintegrationtypes.ErrCodeCloudIntegrationNotFound, "connected account with provider account id %s not found", providerAccountID)
-	}
-	return account, nil
-}
-
 func (store *store) ListConnectedAccounts(ctx context.Context, orgID valuer.UUID, provider cloudintegrationtypes.CloudProviderType) ([]*cloudintegrationtypes.StorableCloudIntegration, error) {
 	var accounts []*cloudintegrationtypes.StorableCloudIntegration
 	err := store.
@@ -115,6 +96,25 @@ func (store *store) RemoveAccount(ctx context.Context, orgID, id valuer.UUID, pr
 	return err
 }
 
+func (store *store) GetConnectedAccount(ctx context.Context, orgID valuer.UUID, provider cloudintegrationtypes.CloudProviderType, providerAccountID string) (*cloudintegrationtypes.StorableCloudIntegration, error) {
+	account := new(cloudintegrationtypes.StorableCloudIntegration)
+	err := store.
+		store.
+		BunDBCtx(ctx).
+		NewSelect().
+		Model(account).
+		Where("org_id = ?", orgID).
+		Where("provider = ?", provider).
+		Where("account_id = ?", providerAccountID).
+		Where("last_agent_report IS NOT NULL").
+		Where("removed_at IS NULL").
+		Scan(ctx)
+	if err != nil {
+		return nil, store.store.WrapNotFoundErrf(err, cloudintegrationtypes.ErrCodeCloudIntegrationNotFound, "connected account with provider account id %s not found", providerAccountID)
+	}
+	return account, nil
+}
+
 func (store *store) GetServiceByServiceID(ctx context.Context, cloudIntegrationID valuer.UUID, serviceID cloudintegrationtypes.ServiceID) (*cloudintegrationtypes.StorableCloudIntegrationService, error) {
 	service := new(cloudintegrationtypes.StorableCloudIntegrationService)
 	err := store.
@@ -172,9 +172,3 @@ func (store *store) UpdateService(ctx context.Context, service *cloudintegration
 		Exec(ctx)
 	return err
 }
-
-func (store *store) RunInTx(ctx context.Context, cb func(ctx context.Context) error) error {
-	return store.store.RunInTxCtx(ctx, nil, func(ctx context.Context) error {
-		return cb(ctx)
-	})
-}

pkg/modules/tracedetail/tracedetail.go

@@ -1,19 +0,0 @@
-package tracedetail
-
-import (
-	"context"
-	"net/http"
-
-	"github.com/SigNoz/signoz/pkg/types/tracedetailtypes"
-	"github.com/SigNoz/signoz/pkg/valuer"
-)
-
-// Handler exposes HTTP handlers for trace detail APIs.
-type Handler interface {
-	GetWaterfall(http.ResponseWriter, *http.Request)
-}
-
-// Module defines the business logic for trace detail operations.
-type Module interface {
-	GetWaterfall(ctx context.Context, orgID valuer.UUID, traceID string, req *tracedetailtypes.WaterfallRequest) (*tracedetailtypes.WaterfallResponse, error)
-}

pkg/querier/querier.go

@@ -40,7 +40,6 @@ type querier struct {
 	promEngine               prometheus.Prometheus
 	traceStmtBuilder         qbtypes.StatementBuilder[qbtypes.TraceAggregation]
 	logStmtBuilder           qbtypes.StatementBuilder[qbtypes.LogAggregation]
-	auditStmtBuilder         qbtypes.StatementBuilder[qbtypes.LogAggregation]
 	metricStmtBuilder        qbtypes.StatementBuilder[qbtypes.MetricAggregation]
 	meterStmtBuilder         qbtypes.StatementBuilder[qbtypes.MetricAggregation]
 	traceOperatorStmtBuilder qbtypes.TraceOperatorStatementBuilder
@@ -57,7 +56,6 @@ func New(
 	promEngine prometheus.Prometheus,
 	traceStmtBuilder qbtypes.StatementBuilder[qbtypes.TraceAggregation],
 	logStmtBuilder qbtypes.StatementBuilder[qbtypes.LogAggregation],
-	auditStmtBuilder qbtypes.StatementBuilder[qbtypes.LogAggregation],
 	metricStmtBuilder qbtypes.StatementBuilder[qbtypes.MetricAggregation],
 	meterStmtBuilder qbtypes.StatementBuilder[qbtypes.MetricAggregation],
 	traceOperatorStmtBuilder qbtypes.TraceOperatorStatementBuilder,
@@ -71,7 +69,6 @@ func New(
 		promEngine:               promEngine,
 		traceStmtBuilder:         traceStmtBuilder,
 		logStmtBuilder:           logStmtBuilder,
-		auditStmtBuilder:         auditStmtBuilder,
 		metricStmtBuilder:        metricStmtBuilder,
 		meterStmtBuilder:         meterStmtBuilder,
 		traceOperatorStmtBuilder: traceOperatorStmtBuilder,
@@ -364,11 +361,7 @@ func (q *querier) QueryRange(ctx context.Context, orgID valuer.UUID, req *qbtype
 			case qbtypes.QueryBuilderQuery[qbtypes.LogAggregation]:
 				spec.ShiftBy = extractShiftFromBuilderQuery(spec)
 				timeRange := adjustTimeRangeForShift(spec, qbtypes.TimeRange{From: req.Start, To: req.End}, req.RequestType)
-				stmtBuilder := q.logStmtBuilder
-				if spec.Source == telemetrytypes.SourceAudit {
-					stmtBuilder = q.auditStmtBuilder
-				}
-				bq := newBuilderQuery(q.logger, q.telemetryStore, stmtBuilder, spec, timeRange, req.RequestType, tmplVars)
+				bq := newBuilderQuery(q.logger, q.telemetryStore, q.logStmtBuilder, spec, timeRange, req.RequestType, tmplVars)
 				queries[spec.Name] = bq
 				steps[spec.Name] = spec.StepInterval
 			case qbtypes.QueryBuilderQuery[qbtypes.MetricAggregation]:
@@ -390,15 +383,15 @@ func (q *querier) QueryRange(ctx context.Context, orgID valuer.UUID, req *qbtype
 							spec.Aggregations[i].Temporality = temp
 						}
 					}
+					if spec.Aggregations[i].Temporality == metrictypes.Unknown {
+						missingMetrics = append(missingMetrics, spec.Aggregations[i].MetricName)
+						continue
+					}
 					if spec.Aggregations[i].MetricName != "" && spec.Aggregations[i].Type == metrictypes.UnspecifiedType {
 						if foundMetricType, ok := metricTypes[spec.Aggregations[i].MetricName]; ok && foundMetricType != metrictypes.UnspecifiedType {
 							spec.Aggregations[i].Type = foundMetricType
 						}
 					}
-					if spec.Aggregations[i].Type == metrictypes.UnspecifiedType {
-						missingMetrics = append(missingMetrics, spec.Aggregations[i].MetricName)
-						continue
-					}
 					presentAggregations = append(presentAggregations, spec.Aggregations[i])
 				}
 				if len(presentAggregations) == 0 {
@@ -557,11 +550,7 @@ func (q *querier) QueryRawStream(ctx context.Context, orgID valuer.UUID, req *qb
 		case <-tick:
 			// timestamp end is not specified here
 			timeRange := adjustTimeRangeForShift(spec, qbtypes.TimeRange{From: tsStart}, req.RequestType)
-			liveTailStmtBuilder := q.logStmtBuilder
-			if spec.Source == telemetrytypes.SourceAudit {
-				liveTailStmtBuilder = q.auditStmtBuilder
-			}
-			bq := newBuilderQuery(q.logger, q.telemetryStore, liveTailStmtBuilder, spec, timeRange, req.RequestType, map[string]qbtypes.VariableItem{
+			bq := newBuilderQuery(q.logger, q.telemetryStore, q.logStmtBuilder, spec, timeRange, req.RequestType, map[string]qbtypes.VariableItem{
 				"id": {
 					Value: updatedLogID,
 				},
@@ -861,11 +850,7 @@ func (q *querier) createRangedQuery(originalQuery qbtypes.Query, timeRange qbtyp
 		specCopy := qt.spec.Copy()
 		specCopy.ShiftBy = extractShiftFromBuilderQuery(specCopy)
 		adjustedTimeRange := adjustTimeRangeForShift(specCopy, timeRange, qt.kind)
-		shiftStmtBuilder := q.logStmtBuilder
-		if qt.spec.Source == telemetrytypes.SourceAudit {
-			shiftStmtBuilder = q.auditStmtBuilder
-		}
-		return newBuilderQuery(q.logger, q.telemetryStore, shiftStmtBuilder, specCopy, adjustedTimeRange, qt.kind, qt.variables)
+		return newBuilderQuery(q.logger, q.telemetryStore, q.logStmtBuilder, specCopy, adjustedTimeRange, qt.kind, qt.variables)
 
 	case *builderQuery[qbtypes.MetricAggregation]:
 		specCopy := qt.spec.Copy()

pkg/querier/querier_test.go

@@ -1,147 +0,0 @@
-package querier
-
-import (
-	"context"
-	"testing"
-	"time"
-
-	cmock "github.com/srikanthccv/ClickHouse-go-mock"
-
-	"github.com/SigNoz/signoz/pkg/instrumentation/instrumentationtest"
-	"github.com/SigNoz/signoz/pkg/telemetrystore"
-	"github.com/SigNoz/signoz/pkg/telemetrystore/telemetrystoretest"
-	"github.com/SigNoz/signoz/pkg/types/metrictypes"
-	qbtypes "github.com/SigNoz/signoz/pkg/types/querybuildertypes/querybuildertypesv5"
-	"github.com/SigNoz/signoz/pkg/types/telemetrytypes"
-	"github.com/SigNoz/signoz/pkg/types/telemetrytypes/telemetrytypestest"
-	"github.com/SigNoz/signoz/pkg/valuer"
-	"github.com/stretchr/testify/assert"
-	"github.com/stretchr/testify/require"
-)
-
-type queryMatcherAny struct{}
-
-func (m *queryMatcherAny) Match(string, string) error { return nil }
-
-// mockMetricStmtBuilder implements qbtypes.StatementBuilder[qbtypes.MetricAggregation]
-// and returns a fixed query string so the mock ClickHouse can match it.
-type mockMetricStmtBuilder struct{}
-
-func (m *mockMetricStmtBuilder) Build(_ context.Context, _, _ uint64, _ qbtypes.RequestType, _ qbtypes.QueryBuilderQuery[qbtypes.MetricAggregation], _ map[string]qbtypes.VariableItem) (*qbtypes.Statement, error) {
-	return &qbtypes.Statement{
-		Query: "SELECT ts, value FROM signoz_metrics",
-		Args:  nil,
-	}, nil
-}
-
-func TestQueryRange_MetricTypeMissing(t *testing.T) {
-	// When a metric has UnspecifiedType and is not found in the metadata store,
-	// the querier should return a not-found error, even if the request provides a temporality
-	providerSettings := instrumentationtest.New().ToProviderSettings()
-	metadataStore := telemetrytypestest.NewMockMetadataStore()
-
-	q := New(
-		providerSettings,
-		nil, // telemetryStore
-		metadataStore,
-		nil, // prometheus
-		nil, // traceStmtBuilder
-		nil, // logStmtBuilder
-		nil, // auditStmtBuilder
-		nil, // metricStmtBuilder
-		nil, // meterStmtBuilder
-		nil, // traceOperatorStmtBuilder
-		nil, // bucketCache
-	)
-
-	req := &qbtypes.QueryRangeRequest{
-		Start:       uint64(time.Now().Add(-5 * time.Minute).UnixMilli()),
-		End:         uint64(time.Now().UnixMilli()),
-		RequestType: qbtypes.RequestTypeTimeSeries,
-		CompositeQuery: qbtypes.CompositeQuery{
-			Queries: []qbtypes.QueryEnvelope{{
-				Type: qbtypes.QueryTypeBuilder,
-				Spec: qbtypes.QueryBuilderQuery[qbtypes.MetricAggregation]{
-					Name:         "A",
-					StepInterval: qbtypes.Step{Duration: time.Minute},
-					Aggregations: []qbtypes.MetricAggregation{
-						{
-							MetricName:       "unknown_metric",
-							Temporality:      metrictypes.Cumulative,
-							TimeAggregation:  metrictypes.TimeAggregationRate,
-							SpaceAggregation: metrictypes.SpaceAggregationSum,
-						},
-					},
-					Signal: telemetrytypes.SignalMetrics,
-				},
-			}},
-		},
-	}
-
-	_, err := q.QueryRange(context.Background(), valuer.GenerateUUID(), req)
-	require.Error(t, err)
-	assert.Contains(t, err.Error(), "could not find the metric unknown_metric")
-}
-
-func TestQueryRange_MetricTypeFromStore(t *testing.T) {
-	// When a metric has UnspecifiedType but the metadata store returns a valid type,
-	// the metric should not be treated as missing.
-	providerSettings := instrumentationtest.New().ToProviderSettings()
-	metadataStore := telemetrytypestest.NewMockMetadataStore()
-	metadataStore.TypeMap["my_metric"] = metrictypes.SumType
-	metadataStore.TemporalityMap["my_metric"] = metrictypes.Cumulative
-
-	telemetryStore := telemetrystoretest.New(telemetrystore.Config{}, &queryMatcherAny{})
-
-	cols := []cmock.ColumnType{
-		{Name: "ts", Type: "DateTime"},
-		{Name: "value", Type: "Float64"},
-	}
-	rows := cmock.NewRows(cols, [][]any{
-		{time.Now(), float64(42)},
-	})
-	telemetryStore.Mock().
-		ExpectQuery("SELECT any").
-		WillReturnRows(rows)
-
-	q := New(
-		providerSettings,
-		telemetryStore,
-		metadataStore,
-		nil,                      // prometheus
-		nil,                      // traceStmtBuilder
-		nil,                      // logStmtBuilder
-		nil,                      // auditStmtBuilder
-		&mockMetricStmtBuilder{}, // metricStmtBuilder
-		nil,                      // meterStmtBuilder
-		nil,                      // traceOperatorStmtBuilder
-		nil,                      // bucketCache
-	)
-
-	req := &qbtypes.QueryRangeRequest{
-		Start:       uint64(time.Now().Add(-5 * time.Minute).UnixMilli()),
-		End:         uint64(time.Now().UnixMilli()),
-		RequestType: qbtypes.RequestTypeTimeSeries,
-		CompositeQuery: qbtypes.CompositeQuery{
-			Queries: []qbtypes.QueryEnvelope{{
-				Type: qbtypes.QueryTypeBuilder,
-				Spec: qbtypes.QueryBuilderQuery[qbtypes.MetricAggregation]{
-					Name:         "A",
-					StepInterval: qbtypes.Step{Duration: time.Minute},
-					Aggregations: []qbtypes.MetricAggregation{
-						{
-							MetricName:       "my_metric",
-							TimeAggregation:  metrictypes.TimeAggregationRate,
-							SpaceAggregation: metrictypes.SpaceAggregationSum,
-						},
-					},
-					Signal: telemetrytypes.SignalMetrics,
-				},
-			}},
-		},
-	}
-
-	resp, err := q.QueryRange(context.Background(), valuer.GenerateUUID(), req)
-	require.NoError(t, err)
-	require.NotNil(t, resp)
-}

pkg/querier/signozquerier/provider.go

@@ -9,7 +9,6 @@ import (
 	"github.com/SigNoz/signoz/pkg/prometheus"
 	"github.com/SigNoz/signoz/pkg/querier"
 	"github.com/SigNoz/signoz/pkg/querybuilder"
-	"github.com/SigNoz/signoz/pkg/telemetryaudit"
 	"github.com/SigNoz/signoz/pkg/telemetrylogs"
 	"github.com/SigNoz/signoz/pkg/telemetrymetadata"
 	"github.com/SigNoz/signoz/pkg/telemetrymeter"
@@ -64,11 +63,6 @@ func newProvider(
 		telemetrylogs.TagAttributesV2TableName,
 		telemetrylogs.LogAttributeKeysTblName,
 		telemetrylogs.LogResourceKeysTblName,
-		telemetryaudit.DBName,
-		telemetryaudit.AuditLogsTableName,
-		telemetryaudit.TagAttributesTableName,
-		telemetryaudit.LogAttributeKeysTblName,
-		telemetryaudit.LogResourceKeysTblName,
 		telemetrymetadata.DBName,
 		telemetrymetadata.AttributesMetadataLocalTableName,
 		telemetrymetadata.ColumnEvolutionMetadataTableName,
@@ -88,13 +82,13 @@ func newProvider(
 		telemetryStore,
 	)
 
-	// Create trace operator statement builder
+	// ADD: Create trace operator statement builder
 	traceOperatorStmtBuilder := telemetrytraces.NewTraceOperatorStatementBuilder(
 		settings,
 		telemetryMetadataStore,
 		traceFieldMapper,
 		traceConditionBuilder,
-		traceStmtBuilder,
+		traceStmtBuilder, // Pass the regular trace statement builder
 		traceAggExprRewriter,
 	)
 
@@ -118,26 +112,6 @@ func newProvider(
 		telemetrylogs.GetBodyJSONKey,
 	)
 
-	// Create audit statement builder
-	auditFieldMapper := telemetryaudit.NewFieldMapper()
-	auditConditionBuilder := telemetryaudit.NewConditionBuilder(auditFieldMapper)
-	auditAggExprRewriter := querybuilder.NewAggExprRewriter(
-		settings,
-		telemetryaudit.DefaultFullTextColumn,
-		auditFieldMapper,
-		auditConditionBuilder,
-		nil,
-	)
-	auditStmtBuilder := telemetryaudit.NewAuditQueryStatementBuilder(
-		settings,
-		telemetryMetadataStore,
-		auditFieldMapper,
-		auditConditionBuilder,
-		auditAggExprRewriter,
-		telemetryaudit.DefaultFullTextColumn,
-		nil,
-	)
-
 	// Create metric statement builder
 	metricFieldMapper := telemetrymetrics.NewFieldMapper()
 	metricConditionBuilder := telemetrymetrics.NewConditionBuilder(metricFieldMapper)
@@ -174,7 +148,6 @@ func newProvider(
 		prometheus,
 		traceStmtBuilder,
 		logStmtBuilder,
-		auditStmtBuilder,
 		metricStmtBuilder,
 		meterStmtBuilder,
 		traceOperatorStmtBuilder,

pkg/query-service/rules/base_rule.go

@@ -110,7 +110,7 @@ func WithEvalDelay(dur valuer.TextDuration) RuleOption {
 
 func WithLogger(logger *slog.Logger) RuleOption {
 	return func(r *BaseRule) {
-		r.logger = logger.With(slog.String("rule.id", r.id))
+		r.logger = logger
 	}
 }
 
@@ -248,7 +248,7 @@ func (r *BaseRule) SelectedQuery(ctx context.Context) string {
 	if r.ruleCondition.SelectedQuery != "" {
 		return r.ruleCondition.SelectedQuery
 	}
-	r.logger.WarnContext(ctx, "missing selected query")
+	r.logger.WarnContext(ctx, "missing selected query", slog.String("rule.id", r.ID()))
 	return r.ruleCondition.SelectedQueryName()
 }
 
@@ -368,7 +368,7 @@ func (r *BaseRule) SendAlerts(ctx context.Context, ts time.Time, resendDelay tim
 			alerts = append(alerts, &anew)
 		}
 	})
-	notifyFunc(ctx, orgID, alerts...)
+	notifyFunc(ctx, orgID, "", alerts...)
 }
 
 func (r *BaseRule) ForEachActiveAlert(f func(*ruletypes.Alert)) {
@@ -380,13 +380,13 @@ func (r *BaseRule) ForEachActiveAlert(f func(*ruletypes.Alert)) {
 	}
 }
 
-func (r *BaseRule) RecordRuleStateHistory(ctx context.Context, itemsToAdd []rulestatehistorytypes.RuleStateHistory) error {
+func (r *BaseRule) RecordRuleStateHistory(ctx context.Context, prevState, currentState ruletypes.AlertState, itemsToAdd []rulestatehistorytypes.RuleStateHistory) error {
 	if r.ruleStateHistoryModule == nil {
 		return nil
 	}
 
 	if err := r.ruleStateHistoryModule.RecordRuleStateHistory(ctx, r.ID(), r.handledRestart, itemsToAdd); err != nil {
-		r.logger.ErrorContext(ctx, "error while recording rule state history", errors.Attr(err), slog.Any("items_to_add", itemsToAdd))
+		r.logger.ErrorContext(ctx, "error while recording rule state history", slog.String("rule.id", r.ID()), errors.Attr(err), slog.Any("items_to_add", itemsToAdd))
 		return err
 	}
 	r.handledRestart = true
@@ -580,12 +580,7 @@ func (r *BaseRule) FilterNewSeries(ctx context.Context, ts time.Time, series []*
 		// Check if first_seen + delay has passed
 		if maxFirstSeen+newGroupEvalDelayMs > evalTimeMs {
 			// Still within grace period, skip this series
-			r.logger.InfoContext(
-				ctx, "skipping new series",
-				slog.Int("series.index", i), slog.Int64("series.max_first_seen", maxFirstSeen),
-				slog.Int64("eval.time_ms", evalTimeMs), slog.Int64("eval.delay_ms", newGroupEvalDelayMs),
-				slog.Any("series.labels", series[i].Labels),
-			)
+			r.logger.InfoContext(ctx, "skipping new series", slog.String("rule.id", r.ID()), slog.Int("series.index", i), slog.Int64("series.max_first_seen", maxFirstSeen), slog.Int64("eval.time_ms", evalTimeMs), slog.Int64("eval.delay_ms", newGroupEvalDelayMs), slog.Any("series.labels", series[i].Labels))
 			continue
 		}
 
@@ -595,11 +590,7 @@ func (r *BaseRule) FilterNewSeries(ctx context.Context, ts time.Time, series []*
 
 	skippedCount := len(series) - len(filteredSeries)
 	if skippedCount > 0 {
-		r.logger.InfoContext(
-			ctx, "filtered new series",
-			slog.Int("series.skipped_count", skippedCount), slog.Int("series.total_count", len(series)),
-			slog.Int64("eval.delay_ms", newGroupEvalDelayMs),
-		)
+		r.logger.InfoContext(ctx, "filtered new series", slog.String("rule.id", r.ID()), slog.Int("series.skipped_count", skippedCount), slog.Int("series.total_count", len(series)), slog.Int64("eval.delay_ms", newGroupEvalDelayMs))
 	}
 
 	return filteredSeries, nil
@@ -620,7 +611,7 @@ func (r *BaseRule) HandleMissingDataAlert(ctx context.Context, ts time.Time, has
 		return nil
 	}
 
-	r.logger.InfoContext(ctx, "no data found for rule condition")
+	r.logger.InfoContext(ctx, "no data found for rule condition", slog.String("rule.id", r.ID()))
 	lbls := ruletypes.NewBuilder()
 	if !r.lastTimestampWithDatapoints.IsZero() {
 		lbls.Set(ruletypes.LabelLastSeen, r.lastTimestampWithDatapoints.Format(ruletypes.AlertTimeFormat))

pkg/query-service/rules/manager.go

@@ -438,7 +438,7 @@ func (m *Manager) editTask(_ context.Context, orgID valuer.UUID, rule *ruletypes
 		Logger:           m.opts.Logger,
 		Cache:            m.cache,
 		ManagerOpts:      m.opts,
-		NotifyFunc:       m.notifyFunc,
+		NotifyFunc:       m.prepareNotifyFunc(),
 		SQLStore:         m.sqlstore,
 		OrgID:            orgID,
 	})
@@ -651,7 +651,7 @@ func (m *Manager) addTask(_ context.Context, orgID valuer.UUID, rule *ruletypes.
 		Logger:           m.opts.Logger,
 		Cache:            m.cache,
 		ManagerOpts:      m.opts,
-		NotifyFunc:       m.notifyFunc,
+		NotifyFunc:       m.prepareNotifyFunc(),
 		SQLStore:         m.sqlstore,
 		OrgID:            orgID,
 	})
@@ -752,65 +752,70 @@ func (m *Manager) TriggeredAlerts() []*ruletypes.NamedAlert {
 }
 
 // NotifyFunc sends notifications about a set of alerts generated by the given expression.
-type NotifyFunc func(ctx context.Context, orgID string, alerts ...*ruletypes.Alert)
+type NotifyFunc func(ctx context.Context, orgID string, expr string, alerts ...*ruletypes.Alert)
 
-// notifyFunc implements the NotifyFunc for a Notifier.
-func (m *Manager) notifyFunc(ctx context.Context, orgID string, alerts ...*ruletypes.Alert) {
-	var res []*alertmanagertypes.PostableAlert
+// prepareNotifyFunc implements the NotifyFunc for a Notifier.
+func (m *Manager) prepareNotifyFunc() NotifyFunc {
+	return func(ctx context.Context, orgID string, expr string, alerts ...*ruletypes.Alert) {
+		var res []*alertmanagertypes.PostableAlert
 
-	for _, alert := range alerts {
-		generatorURL := alert.GeneratorURL
+		for _, alert := range alerts {
+			generatorURL := alert.GeneratorURL
 
-		a := &alertmanagertypes.PostableAlert{
-			Annotations: alert.Annotations.Map(),
-			StartsAt:    strfmt.DateTime(alert.FiredAt),
-			Alert: alertmanagertypes.AlertModel{
-				Labels:       alert.Labels.Map(),
-				GeneratorURL: strfmt.URI(generatorURL),
-			},
-		}
-		if !alert.ResolvedAt.IsZero() {
-			a.EndsAt = strfmt.DateTime(alert.ResolvedAt)
-		} else {
-			a.EndsAt = strfmt.DateTime(alert.ValidUntil)
+			a := &alertmanagertypes.PostableAlert{
+				Annotations: alert.Annotations.Map(),
+				StartsAt:    strfmt.DateTime(alert.FiredAt),
+				Alert: alertmanagertypes.AlertModel{
+					Labels:       alert.Labels.Map(),
+					GeneratorURL: strfmt.URI(generatorURL),
+				},
+			}
+			if !alert.ResolvedAt.IsZero() {
+				a.EndsAt = strfmt.DateTime(alert.ResolvedAt)
+			} else {
+				a.EndsAt = strfmt.DateTime(alert.ValidUntil)
+			}
+
+			res = append(res, a)
 		}
 
-		res = append(res, a)
-	}
-
-	if len(alerts) > 0 {
-		m.alertmanager.PutAlerts(ctx, orgID, res)
+		if len(alerts) > 0 {
+			m.alertmanager.PutAlerts(ctx, orgID, res)
+		}
 	}
 }
 
-func (m *Manager) testNotifyFunc(ctx context.Context, orgID string, alerts ...*ruletypes.Alert) {
-	if len(alerts) == 0 {
-		return
-	}
-	ruleID := alerts[0].Labels.Map()[ruletypes.AlertRuleIDLabel]
-	receiverMap := make(map[*alertmanagertypes.PostableAlert][]string)
-	for _, alert := range alerts {
-		generatorURL := alert.GeneratorURL
+func (m *Manager) prepareTestNotifyFunc() NotifyFunc {
+	return func(ctx context.Context, orgID string, expr string, alerts ...*ruletypes.Alert) {
+		if len(alerts) == 0 {
+			return
+		}
+		ruleID := alerts[0].Labels.Map()[ruletypes.AlertRuleIDLabel]
+		receiverMap := make(map[*alertmanagertypes.PostableAlert][]string)
+		for _, alert := range alerts {
+			generatorURL := alert.GeneratorURL
 
-		a := &alertmanagertypes.PostableAlert{}
-		a.Annotations = alert.Annotations.Map()
-		a.StartsAt = strfmt.DateTime(alert.FiredAt)
-		labelsMap := alert.Labels.Map()
-		labelsMap[ruletypes.TestAlertLabel] = "true"
-		a.Alert = alertmanagertypes.AlertModel{
-			Labels:       labelsMap,
-			GeneratorURL: strfmt.URI(generatorURL),
+			a := &alertmanagertypes.PostableAlert{}
+			a.Annotations = alert.Annotations.Map()
+			a.StartsAt = strfmt.DateTime(alert.FiredAt)
+			labelsMap := alert.Labels.Map()
+			labelsMap[ruletypes.TestAlertLabel] = "true"
+			a.Alert = alertmanagertypes.AlertModel{
+				Labels:       labelsMap,
+				GeneratorURL: strfmt.URI(generatorURL),
+			}
+			if !alert.ResolvedAt.IsZero() {
+				a.EndsAt = strfmt.DateTime(alert.ResolvedAt)
+			} else {
+				a.EndsAt = strfmt.DateTime(alert.ValidUntil)
+			}
+			receiverMap[a] = alert.Receivers
 		}
-		if !alert.ResolvedAt.IsZero() {
-			a.EndsAt = strfmt.DateTime(alert.ResolvedAt)
-		} else {
-			a.EndsAt = strfmt.DateTime(alert.ValidUntil)
+		err := m.alertmanager.TestAlert(ctx, orgID, ruleID, receiverMap)
+		if err != nil {
+			m.logger.ErrorContext(ctx, "failed to send test notification", errors.Attr(err))
+			return
 		}
-		receiverMap[a] = alert.Receivers
-	}
-	err := m.alertmanager.TestAlert(ctx, orgID, ruleID, receiverMap)
-	if err != nil {
-		m.logger.ErrorContext(ctx, "failed to send test notification", errors.Attr(err))
 	}
 }
 
@@ -1036,7 +1041,7 @@ func (m *Manager) TestNotification(ctx context.Context, orgID valuer.UUID, ruleS
 		Logger:           m.opts.Logger,
 		Cache:            m.cache,
 		ManagerOpts:      m.opts,
-		NotifyFunc:       m.testNotifyFunc,
+		NotifyFunc:       m.prepareTestNotifyFunc(),
 		SQLStore:         m.sqlstore,
 		OrgID:            orgID,
 	})

pkg/query-service/rules/prom_rule.go

@@ -48,13 +48,14 @@ func NewPromRule(
 		version:    postableRule.Version,
 		prometheus: prometheus,
 	}
+	p.logger = logger
 
 	query, err := p.getPqlQuery(context.Background())
 	if err != nil {
 		// can not generate a valid prom QL query
 		return nil, err
 	}
-	p.logger.Info("creating new prom rule", slog.String("rule.query", query))
+	logger.Info("creating new prom rule", slog.String("rule.id", id), slog.String("rule.query", query))
 	return &p, nil
 }
 
@@ -96,7 +97,7 @@ func (r *PromRule) buildAndRunQuery(ctx context.Context, ts time.Time) (ruletype
 	if err != nil {
 		return nil, err
 	}
-	r.logger.InfoContext(ctx, "evaluating promql query", slog.String("rule.query", q))
+	r.logger.InfoContext(ctx, "evaluating promql query", slog.String("rule.id", r.ID()), slog.String("rule.query", q))
 	res, err := r.RunAlertQuery(ctx, q, start, end, interval)
 	if err != nil {
 		r.SetHealth(ruletypes.HealthBad)
@@ -116,7 +117,7 @@ func (r *PromRule) buildAndRunQuery(ctx context.Context, ts time.Time) (ruletype
 		filteredSeries, filterErr := r.BaseRule.FilterNewSeries(ctx, ts, matrixToProcess)
 		// In case of error we log the error and continue with the original series
 		if filterErr != nil {
-			r.logger.ErrorContext(ctx, "error filtering new series", errors.Attr(filterErr))
+			r.logger.ErrorContext(ctx, "error filtering new series", slog.String("rule.id", r.ID()), errors.Attr(filterErr))
 		} else {
 			matrixToProcess = filteredSeries
 		}
@@ -128,8 +129,7 @@ func (r *PromRule) buildAndRunQuery(ctx context.Context, ts time.Time) (ruletype
 		if !r.Condition().ShouldEval(series) {
 			r.logger.InfoContext(
 				ctx, "not enough data points to evaluate series, skipping",
-				slog.Int("series.num_points", len(series.Values)),
-				slog.Int("series.required_points", r.Condition().RequiredNumPoints),
+				"rule.id", r.ID(), "num_points", len(series.Values), "required_points", r.Condition().RequiredNumPoints,
 			)
 			continue
 		}
@@ -173,7 +173,7 @@ func (r *PromRule) Eval(ctx context.Context, ts time.Time) (int, error) {
 		for _, lbl := range result.Metric {
 			l[lbl.Name] = lbl.Value
 		}
-		r.logger.DebugContext(ctx, "alerting for series", slog.Any("series", result))
+		r.logger.DebugContext(ctx, "alerting for series", slog.String("rule.id", r.ID()), slog.Any("series", result))
 
 		threshold := valueFormatter.Format(result.Target, result.TargetUnit)
 
@@ -193,7 +193,7 @@ func (r *PromRule) Eval(ctx context.Context, ts time.Time) (int, error) {
 			result, err := tmpl.Expand()
 			if err != nil {
 				result = fmt.Sprintf("<error expanding template: %s>", err)
-				r.logger.WarnContext(ctx, "expanding alert template failed", errors.Attr(err), slog.Any("alert.template_data", tmplData))
+				r.logger.WarnContext(ctx, "expanding alert template failed", slog.String("rule.id", r.ID()), errors.Attr(err), slog.Any("alert.template_data", tmplData))
 			}
 			return result
 		}
@@ -244,7 +244,7 @@ func (r *PromRule) Eval(ctx context.Context, ts time.Time) (int, error) {
 		}
 	}
 
-	r.logger.InfoContext(ctx, "number of alerts found", slog.Int("alert.count", len(alerts)))
+	r.logger.InfoContext(ctx, "number of alerts found", slog.String("rule.id", r.ID()), slog.Int("alert.count", len(alerts)))
 	// alerts[h] is ready, add or update active list now
 	for h, a := range alerts {
 		// Check whether we already have alerting state for the identifying label set.
@@ -271,7 +271,7 @@ func (r *PromRule) Eval(ctx context.Context, ts time.Time) (int, error) {
 	for fp, a := range r.Active {
 		labelsJSON, err := json.Marshal(a.QueryResultLabels)
 		if err != nil {
-			r.logger.ErrorContext(ctx, "error marshaling labels", errors.Attr(err))
+			r.logger.ErrorContext(ctx, "error marshaling labels", slog.String("rule.id", r.ID()), errors.Attr(err))
 		}
 		if _, ok := resultFPs[fp]; !ok {
 			// If the alert was previously firing, keep it around for a given
@@ -325,7 +325,7 @@ func (r *PromRule) Eval(ctx context.Context, ts time.Time) (int, error) {
 				state = ruletypes.StateFiring
 			}
 			a.State = state
-			r.logger.DebugContext(ctx, "converting alert state", slog.Any("alert.state", state))
+			r.logger.DebugContext(ctx, "converting alert state", slog.String("rule.id", r.ID()), slog.Any("alert.state", state))
 			itemsToAdd = append(itemsToAdd, rulestatehistorytypes.RuleStateHistory{
 				RuleID:       r.ID(),
 				RuleName:     r.Name(),
@@ -350,7 +350,7 @@ func (r *PromRule) Eval(ctx context.Context, ts time.Time) (int, error) {
 		itemsToAdd[idx] = item
 	}
 
-	_ = r.RecordRuleStateHistory(ctx, itemsToAdd)
+	r.RecordRuleStateHistory(ctx, prevState, currentState, itemsToAdd)
 
 	return len(r.Active), nil
 }

pkg/query-service/rules/rule.go

@@ -41,7 +41,11 @@ type Rule interface {
 	SetEvaluationTimestamp(time.Time)
 	GetEvaluationTimestamp() time.Time
 
-	RecordRuleStateHistory(ctx context.Context, itemsToAdd []rulestatehistorytypes.RuleStateHistory) error
+	RecordRuleStateHistory(
+		ctx context.Context,
+		prevState, currentState ruletypes.AlertState,
+		itemsToAdd []rulestatehistorytypes.RuleStateHistory,
+	) error
 
 	SendAlerts(
 		ctx context.Context,

pkg/query-service/rules/rule_task.go

@@ -2,7 +2,6 @@ package rules
 
 import (
 	"context"
-	"runtime/debug"
 	"sort"
 	"sync"
 	"time"
@@ -309,10 +308,7 @@ func (g *RuleTask) Eval(ctx context.Context, ts time.Time) {
 
 	defer func() {
 		if r := recover(); r != nil {
-			g.logger.ErrorContext(
-				ctx, "panic during rule evaluation", slog.Any("panic", r),
-				slog.String("stack", string(debug.Stack())),
-			)
+			g.logger.ErrorContext(ctx, "panic during threshold rule evaluation", "panic", r)
 		}
 	}()
 

pkg/query-service/rules/setups_test.go

@@ -17,7 +17,7 @@ import (
 	"github.com/stretchr/testify/require"
 )
 
-func prepareQuerierForMetrics(t *testing.T, telemetryStore telemetrystore.TelemetryStore) (querier.Querier, *telemetrytypestest.MockMetadataStore) {
+func prepareQuerierForMetrics(t *testing.T, telemetryStore telemetrystore.TelemetryStore) querier.Querier {
 	providerSettings := instrumentationtest.New().ToProviderSettings()
 	metadataStore := telemetrytypestest.NewMockMetadataStore()
 
@@ -46,12 +46,11 @@ func prepareQuerierForMetrics(t *testing.T, telemetryStore telemetrystore.Teleme
 		nil, // prometheus
 		nil, // traceStmtBuilder
 		nil, // logStmtBuilder
-		nil, // auditStmtBuilder
 		metricStmtBuilder,
 		nil, // meterStmtBuilder
 		nil, // traceOperatorStmtBuilder
 		nil, // bucketCache
-	), metadataStore
+	)
 }
 
 func prepareQuerierForLogs(telemetryStore telemetrystore.TelemetryStore, keysMap map[string][]*telemetrytypes.TelemetryFieldKey) querier.Querier {
@@ -92,7 +91,6 @@ func prepareQuerierForLogs(telemetryStore telemetrystore.TelemetryStore, keysMap
 		nil,            // prometheus
 		nil,            // traceStmtBuilder
 		logStmtBuilder, // logStmtBuilder
-		nil,            // auditStmtBuilder
 		nil,            // metricStmtBuilder
 		nil,            // meterStmtBuilder
 		nil,            // traceOperatorStmtBuilder
@@ -133,7 +131,6 @@ func prepareQuerierForTraces(telemetryStore telemetrystore.TelemetryStore, keysM
 		nil,              // prometheus
 		traceStmtBuilder, // traceStmtBuilder
 		nil,              // logStmtBuilder
-		nil,              // auditStmtBuilder
 		nil,              // metricStmtBuilder
 		nil,              // meterStmtBuilder
 		nil,              // traceOperatorStmtBuilder

pkg/query-service/rules/threshold_rule.go

@@ -40,7 +40,7 @@ func NewThresholdRule(
 	logger *slog.Logger,
 	opts ...RuleOption,
 ) (*ThresholdRule, error) {
-	logger.Info("creating new ThresholdRule", slog.String("rule.id", id))
+	logger.Info("creating new ThresholdRule", "id", id)
 
 	opts = append(opts, WithLogger(logger))
 
@@ -76,6 +76,7 @@ func (r *ThresholdRule) prepareQueryRange(ctx context.Context, ts time.Time) (*q
 		slog.Int64("ts", ts.UnixMilli()),
 		slog.Int64("eval_window", r.evalWindow.Milliseconds()),
 		slog.Int64("eval_delay", r.evalDelay.Milliseconds()),
+		slog.String("rule.id", r.ID()),
 	)
 
 	startTs, endTs := r.Timestamps(ts)
@@ -198,7 +199,7 @@ func (r *ThresholdRule) buildAndRunQuery(ctx context.Context, orgID valuer.UUID,
 			results = append(results, tsData)
 		} else {
 			// NOTE: should not happen but just to ensure we don't miss it if it happens for some reason
-			r.logger.WarnContext(ctx, "expected qbtypes.TimeSeriesData but got unexpected type", slog.String("item.type", reflect.TypeOf(item).String()))
+			r.logger.WarnContext(ctx, "expected qbtypes.TimeSeriesData but got unexpected type", slog.String("rule.id", r.ID()), slog.String("item.type", reflect.TypeOf(item).String()))
 		}
 	}
 
@@ -224,7 +225,7 @@ func (r *ThresholdRule) buildAndRunQuery(ctx context.Context, orgID valuer.UUID,
 	var resultVector ruletypes.Vector
 
 	if queryResult == nil || len(queryResult.Aggregations) == 0 || queryResult.Aggregations[0] == nil {
-		r.logger.WarnContext(ctx, "query result is nil", slog.String("query.name", selectedQuery))
+		r.logger.WarnContext(ctx, "query result is nil", slog.String("rule.id", r.ID()), slog.String("query.name", selectedQuery))
 		return resultVector, nil
 	}
 
@@ -234,7 +235,7 @@ func (r *ThresholdRule) buildAndRunQuery(ctx context.Context, orgID valuer.UUID,
 		filteredSeries, filterErr := r.BaseRule.FilterNewSeries(ctx, ts, seriesToProcess)
 		// In case of error we log the error and continue with the original series
 		if filterErr != nil {
-			r.logger.ErrorContext(ctx, "error filtering new series", errors.Attr(filterErr))
+			r.logger.ErrorContext(ctx, "error filtering new series", slog.String("rule.id", r.ID()), errors.Attr(filterErr))
 		} else {
 			seriesToProcess = filteredSeries
 		}
@@ -242,11 +243,7 @@ func (r *ThresholdRule) buildAndRunQuery(ctx context.Context, orgID valuer.UUID,
 
 	for _, series := range seriesToProcess {
 		if !r.Condition().ShouldEval(series) {
-			r.logger.InfoContext(
-				ctx, "not enough data points to evaluate series, skipping",
-				slog.Int("series.num_points", len(series.Values)),
-				slog.Int("series.required_points", r.Condition().RequiredNumPoints),
-			)
+			r.logger.InfoContext(ctx, "not enough data points to evaluate series, skipping", slog.String("rule.id", r.ID()), slog.Int("series.num_points", len(series.Values)), slog.Int("series.required_points", r.Condition().RequiredNumPoints))
 			continue
 		}
 		resultSeries, err := r.Threshold.Eval(series, r.Unit(), ruletypes.EvalData{
@@ -297,10 +294,7 @@ func (r *ThresholdRule) Eval(ctx context.Context, ts time.Time) (int, error) {
 		value := valueFormatter.Format(smpl.V, r.Unit())
 		// todo(aniket): handle different threshold
 		threshold := valueFormatter.Format(smpl.Target, smpl.TargetUnit)
-		r.logger.DebugContext(
-			ctx, "alert template data for rule", slog.String("formatter.name", valueFormatter.Name()),
-			slog.String("alert.value", value), slog.String("alert.threshold", threshold),
-		)
+		r.logger.DebugContext(ctx, "alert template data for rule", slog.String("rule.id", r.ID()), slog.String("formatter.name", valueFormatter.Name()), slog.String("alert.value", value), slog.String("alert.threshold", threshold))
 
 		tmplData := ruletypes.AlertTemplateData(l, value, threshold)
 		// Inject some convenience variables that are easier to remember for users
@@ -319,7 +313,7 @@ func (r *ThresholdRule) Eval(ctx context.Context, ts time.Time) (int, error) {
 			result, err := tmpl.Expand()
 			if err != nil {
 				result = fmt.Sprintf("<error expanding template: %s>", err)
-				r.logger.ErrorContext(ctx, "expanding alert template failed", errors.Attr(err), slog.Any("alert.template_data", tmplData))
+				r.logger.ErrorContext(ctx, "expanding alert template failed", slog.String("rule.id", r.ID()), errors.Attr(err), slog.Any("alert.template_data", tmplData))
 			}
 			return result
 		}
@@ -351,13 +345,13 @@ func (r *ThresholdRule) Eval(ctx context.Context, ts time.Time) (int, error) {
 		case ruletypes.AlertTypeTraces:
 			link := r.prepareLinksToTraces(ctx, ts, smpl.Metric)
 			if link != "" && r.hostFromSource() != "" {
-				r.logger.InfoContext(ctx, "adding traces link to annotations", slog.String("annotation.link", fmt.Sprintf("%s/traces-explorer?%s", r.hostFromSource(), link)))
+				r.logger.InfoContext(ctx, "adding traces link to annotations", slog.String("rule.id", r.ID()), slog.String("annotation.link", fmt.Sprintf("%s/traces-explorer?%s", r.hostFromSource(), link)))
 				annotations = append(annotations, ruletypes.Label{Name: "related_traces", Value: fmt.Sprintf("%s/traces-explorer?%s", r.hostFromSource(), link)})
 			}
 		case ruletypes.AlertTypeLogs:
 			link := r.prepareLinksToLogs(ctx, ts, smpl.Metric)
 			if link != "" && r.hostFromSource() != "" {
-				r.logger.InfoContext(ctx, "adding logs link to annotations", slog.String("annotation.link", fmt.Sprintf("%s/logs/logs-explorer?%s", r.hostFromSource(), link)))
+				r.logger.InfoContext(ctx, "adding logs link to annotations", slog.String("rule.id", r.ID()), slog.String("annotation.link", fmt.Sprintf("%s/logs/logs-explorer?%s", r.hostFromSource(), link)))
 				annotations = append(annotations, ruletypes.Label{Name: "related_logs", Value: fmt.Sprintf("%s/logs/logs-explorer?%s", r.hostFromSource(), link)})
 			}
 		}
@@ -384,7 +378,7 @@ func (r *ThresholdRule) Eval(ctx context.Context, ts time.Time) (int, error) {
 		}
 	}
 
-	r.logger.InfoContext(ctx, "number of alerts found", slog.Int("alert.count", len(alerts)))
+	r.logger.InfoContext(ctx, "number of alerts found", slog.String("rule.id", r.ID()), slog.Int("alert.count", len(alerts)))
 
 	// alerts[h] is ready, add or update active list now
 	for h, a := range alerts {
@@ -412,7 +406,7 @@ func (r *ThresholdRule) Eval(ctx context.Context, ts time.Time) (int, error) {
 	for fp, a := range r.Active {
 		labelsJSON, err := json.Marshal(a.QueryResultLabels)
 		if err != nil {
-			r.logger.ErrorContext(ctx, "error marshaling labels", errors.Attr(err), slog.Any("alert.labels", a.Labels))
+			r.logger.ErrorContext(ctx, "error marshaling labels", slog.String("rule.id", r.ID()), errors.Attr(err), slog.Any("alert.labels", a.Labels))
 		}
 		if _, ok := resultFPs[fp]; !ok {
 			// If the alert was previously firing, keep it around for a given
@@ -421,7 +415,7 @@ func (r *ThresholdRule) Eval(ctx context.Context, ts time.Time) (int, error) {
 				delete(r.Active, fp)
 			}
 			if a.State != ruletypes.StateInactive {
-				r.logger.DebugContext(ctx, "converting firing alert to inactive")
+				r.logger.DebugContext(ctx, "converting firing alert to inactive", slog.String("rule.id", r.ID()))
 				a.State = ruletypes.StateInactive
 				a.ResolvedAt = ts
 				itemsToAdd = append(itemsToAdd, rulestatehistorytypes.RuleStateHistory{
@@ -439,7 +433,7 @@ func (r *ThresholdRule) Eval(ctx context.Context, ts time.Time) (int, error) {
 		}
 
 		if a.State == ruletypes.StatePending && ts.Sub(a.ActiveAt) >= r.holdDuration.Duration() {
-			r.logger.DebugContext(ctx, "converting pending alert to firing")
+			r.logger.DebugContext(ctx, "converting pending alert to firing", slog.String("rule.id", r.ID()))
 			a.State = ruletypes.StateFiring
 			a.FiredAt = ts
 			state := ruletypes.StateFiring
@@ -469,7 +463,7 @@ func (r *ThresholdRule) Eval(ctx context.Context, ts time.Time) (int, error) {
 				state = ruletypes.StateFiring
 			}
 			a.State = state
-			r.logger.DebugContext(ctx, "converting alert state", slog.Any("alert.state", state))
+			r.logger.DebugContext(ctx, "converting alert state", slog.String("rule.id", r.ID()), slog.Any("alert.state", state))
 			itemsToAdd = append(itemsToAdd, rulestatehistorytypes.RuleStateHistory{
 				RuleID:       r.ID(),
 				RuleName:     r.Name(),
@@ -492,7 +486,7 @@ func (r *ThresholdRule) Eval(ctx context.Context, ts time.Time) (int, error) {
 		itemsToAdd[idx] = item
 	}
 
-	_ = r.RecordRuleStateHistory(ctx, itemsToAdd)
+	r.RecordRuleStateHistory(ctx, prevState, currentState, itemsToAdd)
 
 	r.health = ruletypes.HealthGood
 	r.lastError = err

pkg/query-service/rules/threshold_rule_test.go

@@ -511,8 +511,7 @@ func TestThresholdRuleUnitCombinations(t *testing.T) {
 	}
 	telemetryStore := telemetrystoretest.New(telemetrystore.Config{}, &queryMatcherAny{})
 
-	querier, mockMetadataStore := prepareQuerierForMetrics(t, telemetryStore)
-	mockMetadataStore.TypeMap["signoz_calls_total"] = metrictypes.SumType
+	querier := prepareQuerierForMetrics(t, telemetryStore)
 
 	cols := []cmock.ColumnType{
 		{Name: "ts", Type: "DateTime"},
@@ -728,8 +727,7 @@ func TestThresholdRuleNoData(t *testing.T) {
 			WithArgs(nil, nil, nil, nil, nil, nil, nil, nil).
 			WillReturnRows(rows)
 
-		querier, mockMetadataStore := prepareQuerierForMetrics(t, telemetryStore)
-		mockMetadataStore.TypeMap["signoz_calls_total"] = metrictypes.SumType
+		querier := prepareQuerierForMetrics(t, telemetryStore)
 
 		var target float64 = 0
 		postableRule.RuleCondition.Thresholds = &ruletypes.RuleThresholdData{
@@ -1117,8 +1115,7 @@ func TestMultipleThresholdRule(t *testing.T) {
 			WithArgs(nil, nil, nil, nil, nil, nil, nil, nil).
 			WillReturnRows(rows)
 
-		querier, mockMetadataStore := prepareQuerierForMetrics(t, telemetryStore)
-		mockMetadataStore.TypeMap["signoz_calls_total"] = metrictypes.SumType
+		querier := prepareQuerierForMetrics(t, telemetryStore)
 
 		postableRule.RuleCondition.CompareOperator = c.compareOperator
 		postableRule.RuleCondition.MatchType = c.matchType
@@ -1906,8 +1903,7 @@ func TestThresholdEval_RequireMinPoints(t *testing.T) {
 			WithArgs(nil, nil, nil, nil, nil, nil, nil, nil).
 			WillReturnRows(rows)
 
-		querier, mockMetadataStore := prepareQuerierForMetrics(t, telemetryStore)
-		mockMetadataStore.TypeMap["signoz_calls_total"] = metrictypes.SumType
+		querier := prepareQuerierForMetrics(t, telemetryStore)
 
 		rc := postableRule.RuleCondition
 		rc.Target = &c.target

pkg/querybuilder/where_clause_visitor.go

@@ -818,9 +818,9 @@ func (v *filterExpressionVisitor) VisitFunctionCall(ctx *grammar.FunctionCallCon
 			case "has":
 				cond = fmt.Sprintf("has(%s, %s)", fieldName, v.builder.Var(value[0]))
 			case "hasAny":
-				cond = fmt.Sprintf("hasAny(%s, %s)", fieldName, v.builder.Var(value[0]))
+				cond = fmt.Sprintf("hasAny(%s, %s)", fieldName, v.builder.Var(value))
 			case "hasAll":
-				cond = fmt.Sprintf("hasAll(%s, %s)", fieldName, v.builder.Var(value[0]))
+				cond = fmt.Sprintf("hasAll(%s, %s)", fieldName, v.builder.Var(value))
 			}
 			conds = append(conds, cond)
 		}

pkg/ruler/rulestore/sqlrulestore/rule.go

@@ -133,8 +133,7 @@ func (r *rule) GetStoredRulesByMetricName(ctx context.Context, orgID string, met
 	for _, storedRule := range storedRules {
 		var ruleData ruletypes.PostableRule
 		if err := json.Unmarshal([]byte(storedRule.Data), &ruleData); err != nil {
-			//nolint:sloglint
-			r.logger.WarnContext(ctx, "failed to unmarshal rule data", slog.String("rule.id", storedRule.ID.StringValue()), errors.Attr(err))
+			r.logger.WarnContext(ctx, "failed to unmarshal rule data", slog.String("rule_id", storedRule.ID.StringValue()), errors.Attr(err))
 			continue
 		}
 

pkg/signoz/signoz.go

@@ -33,7 +33,6 @@ import (
 	"github.com/SigNoz/signoz/pkg/sqlschema"
 	"github.com/SigNoz/signoz/pkg/sqlstore"
 	"github.com/SigNoz/signoz/pkg/statsreporter"
-	"github.com/SigNoz/signoz/pkg/telemetryaudit"
 	"github.com/SigNoz/signoz/pkg/telemetrylogs"
 	"github.com/SigNoz/signoz/pkg/telemetrymetadata"
 	"github.com/SigNoz/signoz/pkg/telemetrymeter"
@@ -396,11 +395,6 @@ func New(
 		telemetrylogs.TagAttributesV2TableName,
 		telemetrylogs.LogAttributeKeysTblName,
 		telemetrylogs.LogResourceKeysTblName,
-		telemetryaudit.DBName,
-		telemetryaudit.AuditLogsTableName,
-		telemetryaudit.TagAttributesTableName,
-		telemetryaudit.LogAttributeKeysTblName,
-		telemetryaudit.LogResourceKeysTblName,
 		telemetrymetadata.DBName,
 		telemetrymetadata.AttributesMetadataLocalTableName,
 		telemetrymetadata.ColumnEvolutionMetadataTableName,

pkg/sqlstore/sqlitesqlstore/provider.go

@@ -6,8 +6,6 @@ import (
 	"fmt"
 	"log/slog"
 	"net/url"
-	"os"
-	"time"
 
 	"github.com/SigNoz/signoz/pkg/errors"
 	"github.com/SigNoz/signoz/pkg/factory"
@@ -25,7 +23,6 @@ type provider struct {
 	bundb     *sqlstore.BunDB
 	dialect   *dialect
 	formatter sqlstore.SQLFormatter
-	done      chan struct{}
 }
 
 func NewFactory(hookFactories ...factory.ProviderFactory[sqlstore.SQLStoreHook, sqlstore.Config]) factory.ProviderFactory[sqlstore.SQLStore, sqlstore.Config] {
@@ -62,19 +59,13 @@ func New(ctx context.Context, providerSettings factory.ProviderSettings, config
 
 	sqliteDialect := sqlitedialect.New()
 	bunDB := sqlstore.NewBunDB(settings, sqldb, sqliteDialect, hooks)
-
-	done := make(chan struct{})
-	p := &provider{
+	return &provider{
 		settings:  settings,
 		sqldb:     sqldb,
 		bundb:     bunDB,
 		dialect:   new(dialect),
 		formatter: newFormatter(bunDB.Dialect()),
-		done:      done,
-	}
-	go p.walDiagnosticLoop(config.Sqlite.Path)
-
-	return p, nil
+	}, nil
 }
 
 func (provider *provider) BunDB() *bun.DB {
@@ -118,73 +109,3 @@ func (provider *provider) WrapAlreadyExistsErrf(err error, code errors.Code, for
 
 	return err
 }
-
-// walDiagnosticLoop periodically logs pool stats, WAL file size, and busy prepared statements
-// to help diagnose WAL checkpoint failures caused by permanent read locks.
-func (provider *provider) walDiagnosticLoop(dbPath string) {
-	ticker := time.NewTicker(60 * time.Second)
-	defer ticker.Stop()
-
-	logger := provider.settings.Logger()
-	walPath := dbPath + "-wal"
-
-	for {
-		select {
-		case <-provider.done:
-			return
-		case <-ticker.C:
-			// 1. Log pool stats (no SQL needed)
-			stats := provider.sqldb.Stats()
-			logger.Info("sqlite_pool_stats",
-				slog.Int("max_open", stats.MaxOpenConnections),
-				slog.Int("open", stats.OpenConnections),
-				slog.Int("in_use", stats.InUse),
-				slog.Int("idle", stats.Idle),
-				slog.Int64("wait_count", stats.WaitCount),
-				slog.String("wait_duration", stats.WaitDuration.String()),
-				slog.Int64("max_idle_closed", stats.MaxIdleClosed),
-				slog.Int64("max_idle_time_closed", stats.MaxIdleTimeClosed),
-				slog.Int64("max_lifetime_closed", stats.MaxLifetimeClosed),
-			)
-
-			// 2. Log WAL file size (no SQL needed)
-			if info, err := os.Stat(walPath); err == nil {
-				logger.Info("sqlite_wal_size",
-					slog.Int64("bytes", info.Size()),
-					slog.String("path", walPath),
-				)
-			}
-
-			// 3. Check for busy prepared statements on a single pool connection
-			provider.checkBusyStatements(logger)
-		}
-	}
-}
-
-func (provider *provider) checkBusyStatements(logger *slog.Logger) {
-	conn, err := provider.sqldb.Conn(context.Background())
-	if err != nil {
-		logger.Warn("sqlite_diag_conn_error", slog.String("error", err.Error()))
-		return
-	}
-	defer conn.Close()
-
-	rows, err := conn.QueryContext(context.Background(), "SELECT sql FROM sqlite_stmt WHERE busy")
-	if err != nil {
-		logger.Warn("sqlite_diag_query_error", slog.String("error", err.Error()))
-		return
-	}
-	defer rows.Close()
-
-	for rows.Next() {
-		var stmtSQL string
-		if err := rows.Scan(&stmtSQL); err != nil {
-			logger.Warn("sqlite_diag_scan_error", slog.String("error", err.Error()))
-			continue
-		}
-		logger.Warn("leaked_busy_statement", slog.String("sql", stmtSQL))
-	}
-	if err := rows.Err(); err != nil {
-		logger.Warn("sqlite_diag_rows_error", slog.String("error", err.Error()))
-	}
-}

pkg/telemetryaudit/condition_builder.go

@@ -1,200 +0,0 @@
-package telemetryaudit
-
-import (
-	"context"
-	"fmt"
-
-	schema "github.com/SigNoz/signoz-otel-collector/cmd/signozschemamigrator/schema_migrator"
-	"github.com/SigNoz/signoz/pkg/errors"
-	"github.com/SigNoz/signoz/pkg/querybuilder"
-	qbtypes "github.com/SigNoz/signoz/pkg/types/querybuildertypes/querybuildertypesv5"
-	"github.com/SigNoz/signoz/pkg/types/telemetrytypes"
-	"github.com/huandu/go-sqlbuilder"
-)
-
-type conditionBuilder struct {
-	fm qbtypes.FieldMapper
-}
-
-func NewConditionBuilder(fm qbtypes.FieldMapper) *conditionBuilder {
-	return &conditionBuilder{fm: fm}
-}
-
-func (c *conditionBuilder) conditionFor(
-	ctx context.Context,
-	startNs, endNs uint64,
-	key *telemetrytypes.TelemetryFieldKey,
-	operator qbtypes.FilterOperator,
-	value any,
-	sb *sqlbuilder.SelectBuilder,
-) (string, error) {
-	columns, err := c.fm.ColumnFor(ctx, startNs, endNs, key)
-	if err != nil {
-		return "", err
-	}
-
-	if operator.IsStringSearchOperator() {
-		value = querybuilder.FormatValueForContains(value)
-	}
-
-	fieldExpression, err := c.fm.FieldFor(ctx, startNs, endNs, key)
-	if err != nil {
-		return "", err
-	}
-
-	fieldExpression, value = querybuilder.DataTypeCollisionHandledFieldName(key, value, fieldExpression, operator)
-
-	switch operator {
-	case qbtypes.FilterOperatorEqual:
-		return sb.E(fieldExpression, value), nil
-	case qbtypes.FilterOperatorNotEqual:
-		return sb.NE(fieldExpression, value), nil
-	case qbtypes.FilterOperatorGreaterThan:
-		return sb.G(fieldExpression, value), nil
-	case qbtypes.FilterOperatorGreaterThanOrEq:
-		return sb.GE(fieldExpression, value), nil
-	case qbtypes.FilterOperatorLessThan:
-		return sb.LT(fieldExpression, value), nil
-	case qbtypes.FilterOperatorLessThanOrEq:
-		return sb.LE(fieldExpression, value), nil
-	case qbtypes.FilterOperatorLike:
-		return sb.Like(fieldExpression, value), nil
-	case qbtypes.FilterOperatorNotLike:
-		return sb.NotLike(fieldExpression, value), nil
-	case qbtypes.FilterOperatorILike:
-		return sb.ILike(fieldExpression, value), nil
-	case qbtypes.FilterOperatorNotILike:
-		return sb.NotILike(fieldExpression, value), nil
-	case qbtypes.FilterOperatorContains:
-		return sb.ILike(fieldExpression, fmt.Sprintf("%%%s%%", value)), nil
-	case qbtypes.FilterOperatorNotContains:
-		return sb.NotILike(fieldExpression, fmt.Sprintf("%%%s%%", value)), nil
-	case qbtypes.FilterOperatorRegexp:
-		return fmt.Sprintf(`match(%s, %s)`, sqlbuilder.Escape(fieldExpression), sb.Var(value)), nil
-	case qbtypes.FilterOperatorNotRegexp:
-		return fmt.Sprintf(`NOT match(%s, %s)`, sqlbuilder.Escape(fieldExpression), sb.Var(value)), nil
-	case qbtypes.FilterOperatorBetween:
-		values, ok := value.([]any)
-		if !ok {
-			return "", qbtypes.ErrBetweenValues
-		}
-		if len(values) != 2 {
-			return "", qbtypes.ErrBetweenValues
-		}
-		return sb.Between(fieldExpression, values[0], values[1]), nil
-	case qbtypes.FilterOperatorNotBetween:
-		values, ok := value.([]any)
-		if !ok {
-			return "", qbtypes.ErrBetweenValues
-		}
-		if len(values) != 2 {
-			return "", qbtypes.ErrBetweenValues
-		}
-		return sb.NotBetween(fieldExpression, values[0], values[1]), nil
-	case qbtypes.FilterOperatorIn:
-		values, ok := value.([]any)
-		if !ok {
-			return "", qbtypes.ErrInValues
-		}
-		conditions := []string{}
-		for _, value := range values {
-			conditions = append(conditions, sb.E(fieldExpression, value))
-		}
-		return sb.Or(conditions...), nil
-	case qbtypes.FilterOperatorNotIn:
-		values, ok := value.([]any)
-		if !ok {
-			return "", qbtypes.ErrInValues
-		}
-		conditions := []string{}
-		for _, value := range values {
-			conditions = append(conditions, sb.NE(fieldExpression, value))
-		}
-		return sb.And(conditions...), nil
-	case qbtypes.FilterOperatorExists, qbtypes.FilterOperatorNotExists:
-		var value any
-		column := columns[0]
-
-		switch column.Type.GetType() {
-		case schema.ColumnTypeEnumJSON:
-			if operator == qbtypes.FilterOperatorExists {
-				return sb.IsNotNull(fieldExpression), nil
-			}
-			return sb.IsNull(fieldExpression), nil
-		case schema.ColumnTypeEnumLowCardinality:
-			switch elementType := column.Type.(schema.LowCardinalityColumnType).ElementType; elementType.GetType() {
-			case schema.ColumnTypeEnumString:
-				value = ""
-				if operator == qbtypes.FilterOperatorExists {
-					return sb.NE(fieldExpression, value), nil
-				}
-				return sb.E(fieldExpression, value), nil
-			default:
-				return "", errors.NewInvalidInputf(errors.CodeInvalidInput, "exists operator is not supported for low cardinality column type %s", elementType)
-			}
-		case schema.ColumnTypeEnumString:
-			value = ""
-			if operator == qbtypes.FilterOperatorExists {
-				return sb.NE(fieldExpression, value), nil
-			}
-			return sb.E(fieldExpression, value), nil
-		case schema.ColumnTypeEnumUInt64, schema.ColumnTypeEnumUInt32, schema.ColumnTypeEnumUInt8:
-			value = 0
-			if operator == qbtypes.FilterOperatorExists {
-				return sb.NE(fieldExpression, value), nil
-			}
-			return sb.E(fieldExpression, value), nil
-		case schema.ColumnTypeEnumMap:
-			keyType := column.Type.(schema.MapColumnType).KeyType
-			if _, ok := keyType.(schema.LowCardinalityColumnType); !ok {
-				return "", errors.NewInvalidInputf(errors.CodeInvalidInput, "key type %s is not supported for map column type %s", keyType, column.Type)
-			}
-
-			switch valueType := column.Type.(schema.MapColumnType).ValueType; valueType.GetType() {
-			case schema.ColumnTypeEnumString, schema.ColumnTypeEnumBool, schema.ColumnTypeEnumFloat64:
-				leftOperand := fmt.Sprintf("mapContains(%s, '%s')", column.Name, key.Name)
-				if key.Materialized {
-					leftOperand = telemetrytypes.FieldKeyToMaterializedColumnNameForExists(key)
-				}
-				if operator == qbtypes.FilterOperatorExists {
-					return sb.E(leftOperand, true), nil
-				}
-				return sb.NE(leftOperand, true), nil
-			default:
-				return "", errors.NewInvalidInputf(errors.CodeInvalidInput, "exists operator is not supported for map column type %s", valueType)
-			}
-		default:
-			return "", errors.NewInvalidInputf(errors.CodeInvalidInput, "exists operator is not supported for column type %s", column.Type)
-		}
-	}
-	return "", errors.NewInvalidInputf(errors.CodeInvalidInput, "unsupported operator: %v", operator)
-}
-
-func (c *conditionBuilder) ConditionFor(
-	ctx context.Context,
-	startNs uint64,
-	endNs uint64,
-	key *telemetrytypes.TelemetryFieldKey,
-	operator qbtypes.FilterOperator,
-	value any,
-	sb *sqlbuilder.SelectBuilder,
-) (string, error) {
-	condition, err := c.conditionFor(ctx, startNs, endNs, key, operator, value, sb)
-	if err != nil {
-		return "", err
-	}
-
-	if key.FieldContext == telemetrytypes.FieldContextLog || key.FieldContext == telemetrytypes.FieldContextScope {
-		return condition, nil
-	}
-
-	if operator.AddDefaultExistsFilter() {
-		existsCondition, err := c.conditionFor(ctx, startNs, endNs, key, qbtypes.FilterOperatorExists, nil, sb)
-		if err != nil {
-			return "", err
-		}
-		return sb.And(condition, existsCondition), nil
-	}
-
-	return condition, nil
-}

pkg/telemetryaudit/const.go

@@ -1,129 +0,0 @@
-package telemetryaudit
-
-import (
-	schema "github.com/SigNoz/signoz-otel-collector/cmd/signozschemamigrator/schema_migrator"
-	qbtypes "github.com/SigNoz/signoz/pkg/types/querybuildertypes/querybuildertypesv5"
-	"github.com/SigNoz/signoz/pkg/types/telemetrytypes"
-)
-
-const (
-	// Internal Columns.
-	IDColumn                   = "id"
-	TimestampBucketStartColumn = "ts_bucket_start"
-	ResourceFingerPrintColumn  = "resource_fingerprint"
-
-	// Intrinsic Columns.
-	TimestampColumn         = "timestamp"
-	ObservedTimestampColumn = "observed_timestamp"
-	BodyColumn              = "body"
-	EventNameColumn         = "event_name"
-	TraceIDColumn           = "trace_id"
-	SpanIDColumn            = "span_id"
-	TraceFlagsColumn        = "trace_flags"
-	SeverityTextColumn      = "severity_text"
-	SeverityNumberColumn    = "severity_number"
-	ScopeNameColumn         = "scope_name"
-	ScopeVersionColumn      = "scope_version"
-
-	// Contextual Columns.
-	AttributesStringColumn = "attributes_string"
-	AttributesNumberColumn = "attributes_number"
-	AttributesBoolColumn   = "attributes_bool"
-	ResourceColumn         = "resource"
-	ScopeStringColumn      = "scope_string"
-)
-
-var (
-	DefaultFullTextColumn = &telemetrytypes.TelemetryFieldKey{
-		Name:          "body",
-		Signal:        telemetrytypes.SignalLogs,
-		FieldContext:  telemetrytypes.FieldContextLog,
-		FieldDataType: telemetrytypes.FieldDataTypeString,
-	}
-
-	IntrinsicFields = map[string]telemetrytypes.TelemetryFieldKey{
-		"body": {
-			Name:          "body",
-			Signal:        telemetrytypes.SignalLogs,
-			FieldContext:  telemetrytypes.FieldContextLog,
-			FieldDataType: telemetrytypes.FieldDataTypeString,
-		},
-		"trace_id": {
-			Name:          "trace_id",
-			Signal:        telemetrytypes.SignalLogs,
-			FieldContext:  telemetrytypes.FieldContextLog,
-			FieldDataType: telemetrytypes.FieldDataTypeString,
-		},
-		"span_id": {
-			Name:          "span_id",
-			Signal:        telemetrytypes.SignalLogs,
-			FieldContext:  telemetrytypes.FieldContextLog,
-			FieldDataType: telemetrytypes.FieldDataTypeString,
-		},
-		"trace_flags": {
-			Name:          "trace_flags",
-			Signal:        telemetrytypes.SignalLogs,
-			FieldContext:  telemetrytypes.FieldContextLog,
-			FieldDataType: telemetrytypes.FieldDataTypeNumber,
-		},
-		"severity_text": {
-			Name:          "severity_text",
-			Signal:        telemetrytypes.SignalLogs,
-			FieldContext:  telemetrytypes.FieldContextLog,
-			FieldDataType: telemetrytypes.FieldDataTypeString,
-		},
-		"severity_number": {
-			Name:          "severity_number",
-			Signal:        telemetrytypes.SignalLogs,
-			FieldContext:  telemetrytypes.FieldContextLog,
-			FieldDataType: telemetrytypes.FieldDataTypeNumber,
-		},
-		"event_name": {
-			Name:          "event_name",
-			Signal:        telemetrytypes.SignalLogs,
-			FieldContext:  telemetrytypes.FieldContextLog,
-			FieldDataType: telemetrytypes.FieldDataTypeString,
-		},
-	}
-
-	DefaultSortingOrder = []qbtypes.OrderBy{
-		{
-			Key: qbtypes.OrderByKey{
-				TelemetryFieldKey: telemetrytypes.TelemetryFieldKey{
-					Name: TimestampColumn,
-				},
-			},
-			Direction: qbtypes.OrderDirectionDesc,
-		},
-		{
-			Key: qbtypes.OrderByKey{
-				TelemetryFieldKey: telemetrytypes.TelemetryFieldKey{
-					Name: IDColumn,
-				},
-			},
-			Direction: qbtypes.OrderDirectionDesc,
-		},
-	}
-)
-
-var auditLogColumns = map[string]*schema.Column{
-	"ts_bucket_start":      {Name: "ts_bucket_start", Type: schema.ColumnTypeUInt64},
-	"resource_fingerprint": {Name: "resource_fingerprint", Type: schema.ColumnTypeString},
-	"timestamp":            {Name: "timestamp", Type: schema.ColumnTypeUInt64},
-	"observed_timestamp":   {Name: "observed_timestamp", Type: schema.ColumnTypeUInt64},
-	"id":                   {Name: "id", Type: schema.ColumnTypeString},
-	"trace_id":             {Name: "trace_id", Type: schema.ColumnTypeString},
-	"span_id":              {Name: "span_id", Type: schema.ColumnTypeString},
-	"trace_flags":          {Name: "trace_flags", Type: schema.ColumnTypeUInt32},
-	"severity_text":        {Name: "severity_text", Type: schema.LowCardinalityColumnType{ElementType: schema.ColumnTypeString}},
-	"severity_number":      {Name: "severity_number", Type: schema.ColumnTypeUInt8},
-	"body":                 {Name: "body", Type: schema.ColumnTypeString},
-	"attributes_string":    {Name: "attributes_string", Type: schema.MapColumnType{KeyType: schema.LowCardinalityColumnType{ElementType: schema.ColumnTypeString}, ValueType: schema.ColumnTypeString}},
-	"attributes_number":    {Name: "attributes_number", Type: schema.MapColumnType{KeyType: schema.LowCardinalityColumnType{ElementType: schema.ColumnTypeString}, ValueType: schema.ColumnTypeFloat64}},
-	"attributes_bool":      {Name: "attributes_bool", Type: schema.MapColumnType{KeyType: schema.LowCardinalityColumnType{ElementType: schema.ColumnTypeString}, ValueType: schema.ColumnTypeBool}},
-	"resource":             {Name: "resource", Type: schema.JSONColumnType{}},
-	"event_name":           {Name: "event_name", Type: schema.ColumnTypeString},
-	"scope_name":           {Name: "scope_name", Type: schema.ColumnTypeString},
-	"scope_version":        {Name: "scope_version", Type: schema.ColumnTypeString},
-	"scope_string":         {Name: "scope_string", Type: schema.MapColumnType{KeyType: schema.LowCardinalityColumnType{ElementType: schema.ColumnTypeString}, ValueType: schema.ColumnTypeString}},
-}

pkg/telemetryaudit/field_mapper.go

@@ -1,124 +0,0 @@
-package telemetryaudit
-
-import (
-	"context"
-	"fmt"
-
-	schema "github.com/SigNoz/signoz-otel-collector/cmd/signozschemamigrator/schema_migrator"
-	"github.com/SigNoz/signoz/pkg/errors"
-	qbtypes "github.com/SigNoz/signoz/pkg/types/querybuildertypes/querybuildertypesv5"
-	"github.com/SigNoz/signoz/pkg/types/telemetrytypes"
-	"github.com/huandu/go-sqlbuilder"
-
-	"golang.org/x/exp/maps"
-)
-
-type fieldMapper struct{}
-
-func NewFieldMapper() qbtypes.FieldMapper {
-	return &fieldMapper{}
-}
-
-func (m *fieldMapper) getColumn(_ context.Context, key *telemetrytypes.TelemetryFieldKey) ([]*schema.Column, error) {
-	switch key.FieldContext {
-	case telemetrytypes.FieldContextResource:
-		return []*schema.Column{auditLogColumns["resource"]}, nil
-	case telemetrytypes.FieldContextScope:
-		switch key.Name {
-		case "name", "scope.name", "scope_name":
-			return []*schema.Column{auditLogColumns["scope_name"]}, nil
-		case "version", "scope.version", "scope_version":
-			return []*schema.Column{auditLogColumns["scope_version"]}, nil
-		}
-		return []*schema.Column{auditLogColumns["scope_string"]}, nil
-	case telemetrytypes.FieldContextAttribute:
-		switch key.FieldDataType {
-		case telemetrytypes.FieldDataTypeString:
-			return []*schema.Column{auditLogColumns["attributes_string"]}, nil
-		case telemetrytypes.FieldDataTypeInt64, telemetrytypes.FieldDataTypeFloat64, telemetrytypes.FieldDataTypeNumber:
-			return []*schema.Column{auditLogColumns["attributes_number"]}, nil
-		case telemetrytypes.FieldDataTypeBool:
-			return []*schema.Column{auditLogColumns["attributes_bool"]}, nil
-		}
-	case telemetrytypes.FieldContextLog, telemetrytypes.FieldContextUnspecified:
-		col, ok := auditLogColumns[key.Name]
-		if !ok {
-			return nil, qbtypes.ErrColumnNotFound
-		}
-		return []*schema.Column{col}, nil
-	}
-
-	return nil, qbtypes.ErrColumnNotFound
-}
-
-func (m *fieldMapper) FieldFor(ctx context.Context, _, _ uint64, key *telemetrytypes.TelemetryFieldKey) (string, error) {
-	columns, err := m.getColumn(ctx, key)
-	if err != nil {
-		return "", err
-	}
-	if len(columns) != 1 {
-		return "", errors.Newf(errors.TypeInternal, errors.CodeInternal, "expected exactly 1 column, got %d", len(columns))
-	}
-	column := columns[0]
-
-	switch column.Type.GetType() {
-	case schema.ColumnTypeEnumJSON:
-		if key.FieldContext != telemetrytypes.FieldContextResource {
-			return "", errors.Newf(errors.TypeInvalidInput, errors.CodeInvalidInput, "only resource context fields are supported for json columns in audit, got %s", key.FieldContext.String)
-		}
-		return fmt.Sprintf("%s.`%s`::String", column.Name, key.Name), nil
-	case schema.ColumnTypeEnumLowCardinality:
-		return column.Name, nil
-	case schema.ColumnTypeEnumString, schema.ColumnTypeEnumUInt64, schema.ColumnTypeEnumUInt32, schema.ColumnTypeEnumUInt8:
-		return column.Name, nil
-	case schema.ColumnTypeEnumMap:
-		keyType := column.Type.(schema.MapColumnType).KeyType
-		if _, ok := keyType.(schema.LowCardinalityColumnType); !ok {
-			return "", errors.NewInvalidInputf(errors.CodeInvalidInput, "key type %s is not supported for map column type %s", keyType, column.Type)
-		}
-
-		switch valueType := column.Type.(schema.MapColumnType).ValueType; valueType.GetType() {
-		case schema.ColumnTypeEnumString, schema.ColumnTypeEnumBool, schema.ColumnTypeEnumFloat64:
-			if key.Materialized {
-				return telemetrytypes.FieldKeyToMaterializedColumnName(key), nil
-			}
-			return fmt.Sprintf("%s['%s']", column.Name, key.Name), nil
-		default:
-			return "", errors.NewInvalidInputf(errors.CodeInvalidInput, "unsupported map value type %s", valueType)
-		}
-	}
-
-	return column.Name, nil
-}
-
-func (m *fieldMapper) ColumnFor(ctx context.Context, _, _ uint64, key *telemetrytypes.TelemetryFieldKey) ([]*schema.Column, error) {
-	return m.getColumn(ctx, key)
-}
-
-func (m *fieldMapper) ColumnExpressionFor(
-	ctx context.Context,
-	tsStart, tsEnd uint64,
-	field *telemetrytypes.TelemetryFieldKey,
-	keys map[string][]*telemetrytypes.TelemetryFieldKey,
-) (string, error) {
-	fieldExpression, err := m.FieldFor(ctx, tsStart, tsEnd, field)
-	if errors.Is(err, qbtypes.ErrColumnNotFound) {
-		keysForField := keys[field.Name]
-		if len(keysForField) == 0 {
-			if _, ok := auditLogColumns[field.Name]; ok {
-				field.FieldContext = telemetrytypes.FieldContextLog
-				fieldExpression, _ = m.FieldFor(ctx, tsStart, tsEnd, field)
-			} else {
-				correction, found := telemetrytypes.SuggestCorrection(field.Name, maps.Keys(keys))
-				if found {
-					return "", errors.Wrap(err, errors.TypeInvalidInput, errors.CodeInvalidInput, correction)
-				}
-				return "", errors.Wrapf(err, errors.TypeInvalidInput, errors.CodeInvalidInput, "field `%s` not found", field.Name)
-			}
-		} else {
-			fieldExpression, _ = m.FieldFor(ctx, tsStart, tsEnd, keysForField[0])
-		}
-	}
-
-	return fmt.Sprintf("%s AS `%s`", sqlbuilder.Escape(fieldExpression), field.Name), nil
-}

pkg/telemetryaudit/statement_builder.go

@@ -1,612 +0,0 @@
-package telemetryaudit
-
-import (
-	"context"
-	"fmt"
-	"log/slog"
-	"strings"
-
-	"github.com/SigNoz/signoz/pkg/errors"
-	"github.com/SigNoz/signoz/pkg/factory"
-	"github.com/SigNoz/signoz/pkg/querybuilder"
-	"github.com/SigNoz/signoz/pkg/telemetryresourcefilter"
-	qbtypes "github.com/SigNoz/signoz/pkg/types/querybuildertypes/querybuildertypesv5"
-	"github.com/SigNoz/signoz/pkg/types/telemetrytypes"
-	"github.com/huandu/go-sqlbuilder"
-)
-
-type auditQueryStatementBuilder struct {
-	logger                    *slog.Logger
-	metadataStore             telemetrytypes.MetadataStore
-	fm                        qbtypes.FieldMapper
-	cb                        qbtypes.ConditionBuilder
-	resourceFilterStmtBuilder qbtypes.StatementBuilder[qbtypes.LogAggregation]
-	aggExprRewriter           qbtypes.AggExprRewriter
-	fullTextColumn            *telemetrytypes.TelemetryFieldKey
-	jsonKeyToKey              qbtypes.JsonKeyToFieldFunc
-}
-
-var _ qbtypes.StatementBuilder[qbtypes.LogAggregation] = (*auditQueryStatementBuilder)(nil)
-
-func NewAuditQueryStatementBuilder(
-	settings factory.ProviderSettings,
-	metadataStore telemetrytypes.MetadataStore,
-	fieldMapper qbtypes.FieldMapper,
-	conditionBuilder qbtypes.ConditionBuilder,
-	aggExprRewriter qbtypes.AggExprRewriter,
-	fullTextColumn *telemetrytypes.TelemetryFieldKey,
-	jsonKeyToKey qbtypes.JsonKeyToFieldFunc,
-) *auditQueryStatementBuilder {
-	auditSettings := factory.NewScopedProviderSettings(settings, "github.com/SigNoz/signoz/pkg/telemetryaudit")
-
-	resourceFilterStmtBuilder := telemetryresourcefilter.New[qbtypes.LogAggregation](
-		settings,
-		DBName,
-		LogsResourceTableName,
-		telemetrytypes.SignalLogs,
-		telemetrytypes.SourceAudit,
-		metadataStore,
-		fullTextColumn,
-		jsonKeyToKey,
-	)
-
-	return &auditQueryStatementBuilder{
-		logger:                    auditSettings.Logger(),
-		metadataStore:             metadataStore,
-		fm:                        fieldMapper,
-		cb:                        conditionBuilder,
-		resourceFilterStmtBuilder: resourceFilterStmtBuilder,
-		aggExprRewriter:           aggExprRewriter,
-		fullTextColumn:            fullTextColumn,
-		jsonKeyToKey:              jsonKeyToKey,
-	}
-}
-
-func (b *auditQueryStatementBuilder) Build(
-	ctx context.Context,
-	start uint64,
-	end uint64,
-	requestType qbtypes.RequestType,
-	query qbtypes.QueryBuilderQuery[qbtypes.LogAggregation],
-	variables map[string]qbtypes.VariableItem,
-) (*qbtypes.Statement, error) {
-	start = querybuilder.ToNanoSecs(start)
-	end = querybuilder.ToNanoSecs(end)
-
-	keySelectors := getKeySelectors(query)
-	keys, _, err := b.metadataStore.GetKeysMulti(ctx, keySelectors)
-	if err != nil {
-		return nil, err
-	}
-
-	query = b.adjustKeys(ctx, keys, query, requestType)
-
-	q := sqlbuilder.NewSelectBuilder()
-
-	var stmt *qbtypes.Statement
-	switch requestType {
-	case qbtypes.RequestTypeRaw, qbtypes.RequestTypeRawStream:
-		stmt, err = b.buildListQuery(ctx, q, query, start, end, keys, variables)
-	case qbtypes.RequestTypeTimeSeries:
-		stmt, err = b.buildTimeSeriesQuery(ctx, q, query, start, end, keys, variables)
-	case qbtypes.RequestTypeScalar:
-		stmt, err = b.buildScalarQuery(ctx, q, query, start, end, keys, false, variables)
-	default:
-		return nil, errors.NewInvalidInputf(errors.CodeInvalidInput, "unsupported request type: %s", requestType)
-	}
-
-	if err != nil {
-		return nil, err
-	}
-
-	return stmt, nil
-}
-
-func getKeySelectors(query qbtypes.QueryBuilderQuery[qbtypes.LogAggregation]) []*telemetrytypes.FieldKeySelector {
-	var keySelectors []*telemetrytypes.FieldKeySelector
-
-	for idx := range query.Aggregations {
-		aggExpr := query.Aggregations[idx]
-		selectors := querybuilder.QueryStringToKeysSelectors(aggExpr.Expression)
-		keySelectors = append(keySelectors, selectors...)
-	}
-
-	if query.Filter != nil && query.Filter.Expression != "" {
-		whereClauseSelectors := querybuilder.QueryStringToKeysSelectors(query.Filter.Expression)
-		keySelectors = append(keySelectors, whereClauseSelectors...)
-	}
-
-	for idx := range query.GroupBy {
-		groupBy := query.GroupBy[idx]
-		keySelectors = append(keySelectors, &telemetrytypes.FieldKeySelector{
-			Name:          groupBy.Name,
-			Signal:        telemetrytypes.SignalLogs,
-			FieldContext:  groupBy.FieldContext,
-			FieldDataType: groupBy.FieldDataType,
-		})
-	}
-
-	for idx := range query.SelectFields {
-		selectField := query.SelectFields[idx]
-		keySelectors = append(keySelectors, &telemetrytypes.FieldKeySelector{
-			Name:          selectField.Name,
-			Signal:        telemetrytypes.SignalLogs,
-			FieldContext:  selectField.FieldContext,
-			FieldDataType: selectField.FieldDataType,
-		})
-	}
-
-	for idx := range query.Order {
-		keySelectors = append(keySelectors, &telemetrytypes.FieldKeySelector{
-			Name:          query.Order[idx].Key.Name,
-			Signal:        telemetrytypes.SignalLogs,
-			FieldContext:  query.Order[idx].Key.FieldContext,
-			FieldDataType: query.Order[idx].Key.FieldDataType,
-		})
-	}
-
-	for idx := range keySelectors {
-		keySelectors[idx].Signal = telemetrytypes.SignalLogs
-		keySelectors[idx].Source = telemetrytypes.SourceAudit
-		keySelectors[idx].SelectorMatchType = telemetrytypes.FieldSelectorMatchTypeExact
-	}
-
-	return keySelectors
-}
-
-func (b *auditQueryStatementBuilder) adjustKeys(ctx context.Context, keys map[string][]*telemetrytypes.TelemetryFieldKey, query qbtypes.QueryBuilderQuery[qbtypes.LogAggregation], requestType qbtypes.RequestType) qbtypes.QueryBuilderQuery[qbtypes.LogAggregation] {
-	keys["id"] = append([]*telemetrytypes.TelemetryFieldKey{{
-		Name:          "id",
-		Signal:        telemetrytypes.SignalLogs,
-		FieldContext:  telemetrytypes.FieldContextLog,
-		FieldDataType: telemetrytypes.FieldDataTypeString,
-	}}, keys["id"]...)
-
-	keys["timestamp"] = append([]*telemetrytypes.TelemetryFieldKey{{
-		Name:          "timestamp",
-		Signal:        telemetrytypes.SignalLogs,
-		FieldContext:  telemetrytypes.FieldContextLog,
-		FieldDataType: telemetrytypes.FieldDataTypeNumber,
-	}}, keys["timestamp"]...)
-
-	actions := querybuilder.AdjustKeysForAliasExpressions(&query, requestType)
-	actions = append(actions, querybuilder.AdjustDuplicateKeys(&query)...)
-
-	for idx := range query.SelectFields {
-		actions = append(actions, b.adjustKey(&query.SelectFields[idx], keys)...)
-	}
-	for idx := range query.GroupBy {
-		actions = append(actions, b.adjustKey(&query.GroupBy[idx].TelemetryFieldKey, keys)...)
-	}
-	for idx := range query.Order {
-		actions = append(actions, b.adjustKey(&query.Order[idx].Key.TelemetryFieldKey, keys)...)
-	}
-
-	for _, action := range actions {
-		b.logger.InfoContext(ctx, "key adjustment action", slog.String("action", action))
-	}
-
-	return query
-}
-
-func (b *auditQueryStatementBuilder) adjustKey(key *telemetrytypes.TelemetryFieldKey, keys map[string][]*telemetrytypes.TelemetryFieldKey) []string {
-	if _, ok := IntrinsicFields[key.Name]; ok {
-		intrinsicField := IntrinsicFields[key.Name]
-		return querybuilder.AdjustKey(key, keys, &intrinsicField)
-	}
-	return querybuilder.AdjustKey(key, keys, nil)
-}
-
-func (b *auditQueryStatementBuilder) buildListQuery(
-	ctx context.Context,
-	sb *sqlbuilder.SelectBuilder,
-	query qbtypes.QueryBuilderQuery[qbtypes.LogAggregation],
-	start, end uint64,
-	keys map[string][]*telemetrytypes.TelemetryFieldKey,
-	variables map[string]qbtypes.VariableItem,
-) (*qbtypes.Statement, error) {
-	var (
-		cteFragments []string
-		cteArgs      [][]any
-	)
-
-	if frag, args, err := b.maybeAttachResourceFilter(ctx, sb, query, start, end, variables); err != nil {
-		return nil, err
-	} else if frag != "" {
-		cteFragments = append(cteFragments, frag)
-		cteArgs = append(cteArgs, args)
-	}
-
-	sb.Select(TimestampColumn)
-	sb.SelectMore(IDColumn)
-	if len(query.SelectFields) == 0 {
-		sb.SelectMore(TraceIDColumn)
-		sb.SelectMore(SpanIDColumn)
-		sb.SelectMore(TraceFlagsColumn)
-		sb.SelectMore(SeverityTextColumn)
-		sb.SelectMore(SeverityNumberColumn)
-		sb.SelectMore(ScopeNameColumn)
-		sb.SelectMore(ScopeVersionColumn)
-		sb.SelectMore(BodyColumn)
-		sb.SelectMore(EventNameColumn)
-		sb.SelectMore(AttributesStringColumn)
-		sb.SelectMore(AttributesNumberColumn)
-		sb.SelectMore(AttributesBoolColumn)
-		sb.SelectMore(ResourceColumn)
-		sb.SelectMore(ScopeStringColumn)
-	} else {
-		for index := range query.SelectFields {
-			if query.SelectFields[index].Name == TimestampColumn || query.SelectFields[index].Name == IDColumn {
-				continue
-			}
-
-			colExpr, err := b.fm.ColumnExpressionFor(ctx, start, end, &query.SelectFields[index], keys)
-			if err != nil {
-				return nil, err
-			}
-			sb.SelectMore(colExpr)
-		}
-	}
-
-	sb.From(fmt.Sprintf("%s.%s", DBName, AuditLogsTableName))
-
-	preparedWhereClause, err := b.addFilterCondition(ctx, sb, start, end, query, keys, variables)
-	if err != nil {
-		return nil, err
-	}
-
-	for _, orderBy := range query.Order {
-		colExpr, err := b.fm.ColumnExpressionFor(ctx, start, end, &orderBy.Key.TelemetryFieldKey, keys)
-		if err != nil {
-			return nil, err
-		}
-		sb.OrderBy(fmt.Sprintf("%s %s", colExpr, orderBy.Direction.StringValue()))
-	}
-
-	if query.Limit > 0 {
-		sb.Limit(query.Limit)
-	} else {
-		sb.Limit(100)
-	}
-
-	if query.Offset > 0 {
-		sb.Offset(query.Offset)
-	}
-
-	mainSQL, mainArgs := sb.BuildWithFlavor(sqlbuilder.ClickHouse)
-
-	finalSQL := querybuilder.CombineCTEs(cteFragments) + mainSQL
-	finalArgs := querybuilder.PrependArgs(cteArgs, mainArgs)
-
-	stmt := &qbtypes.Statement{
-		Query: finalSQL,
-		Args:  finalArgs,
-	}
-	if preparedWhereClause != nil {
-		stmt.Warnings = preparedWhereClause.Warnings
-		stmt.WarningsDocURL = preparedWhereClause.WarningsDocURL
-	}
-
-	return stmt, nil
-}
-
-func (b *auditQueryStatementBuilder) buildTimeSeriesQuery(
-	ctx context.Context,
-	sb *sqlbuilder.SelectBuilder,
-	query qbtypes.QueryBuilderQuery[qbtypes.LogAggregation],
-	start, end uint64,
-	keys map[string][]*telemetrytypes.TelemetryFieldKey,
-	variables map[string]qbtypes.VariableItem,
-) (*qbtypes.Statement, error) {
-	var (
-		cteFragments []string
-		cteArgs      [][]any
-	)
-
-	if frag, args, err := b.maybeAttachResourceFilter(ctx, sb, query, start, end, variables); err != nil {
-		return nil, err
-	} else if frag != "" {
-		cteFragments = append(cteFragments, frag)
-		cteArgs = append(cteArgs, args)
-	}
-
-	sb.SelectMore(fmt.Sprintf(
-		"toStartOfInterval(fromUnixTimestamp64Nano(timestamp), INTERVAL %d SECOND) AS ts",
-		int64(query.StepInterval.Seconds()),
-	))
-
-	var allGroupByArgs []any
-
-	fieldNames := make([]string, 0, len(query.GroupBy))
-	for _, gb := range query.GroupBy {
-		expr, args, err := querybuilder.CollisionHandledFinalExpr(ctx, start, end, &gb.TelemetryFieldKey, b.fm, b.cb, keys, telemetrytypes.FieldDataTypeString, b.jsonKeyToKey)
-		if err != nil {
-			return nil, err
-		}
-
-		colExpr := fmt.Sprintf("toString(%s) AS `%s`", expr, gb.Name)
-		allGroupByArgs = append(allGroupByArgs, args...)
-		sb.SelectMore(colExpr)
-		fieldNames = append(fieldNames, fmt.Sprintf("`%s`", gb.Name))
-	}
-
-	allAggChArgs := make([]any, 0)
-	for i, agg := range query.Aggregations {
-		rewritten, chArgs, err := b.aggExprRewriter.Rewrite(ctx, start, end, agg.Expression, uint64(query.StepInterval.Seconds()), keys)
-		if err != nil {
-			return nil, err
-		}
-		allAggChArgs = append(allAggChArgs, chArgs...)
-		sb.SelectMore(fmt.Sprintf("%s AS __result_%d", rewritten, i))
-	}
-
-	sb.From(fmt.Sprintf("%s.%s", DBName, AuditLogsTableName))
-
-	preparedWhereClause, err := b.addFilterCondition(ctx, sb, start, end, query, keys, variables)
-	if err != nil {
-		return nil, err
-	}
-
-	var finalSQL string
-	var finalArgs []any
-
-	if query.Limit > 0 && len(query.GroupBy) > 0 {
-		cteSB := sqlbuilder.NewSelectBuilder()
-		cteStmt, err := b.buildScalarQuery(ctx, cteSB, query, start, end, keys, true, variables)
-		if err != nil {
-			return nil, err
-		}
-
-		cteFragments = append(cteFragments, fmt.Sprintf("__limit_cte AS (%s)", cteStmt.Query))
-		cteArgs = append(cteArgs, cteStmt.Args)
-
-		tuple := fmt.Sprintf("(%s)", strings.Join(fieldNames, ", "))
-		sb.Where(fmt.Sprintf("%s GLOBAL IN (SELECT %s FROM __limit_cte)", tuple, strings.Join(fieldNames, ", ")))
-
-		sb.GroupBy("ts")
-		sb.GroupBy(querybuilder.GroupByKeys(query.GroupBy)...)
-		if query.Having != nil && query.Having.Expression != "" {
-			rewriter := querybuilder.NewHavingExpressionRewriter()
-			rewrittenExpr, err := rewriter.RewriteForLogs(query.Having.Expression, query.Aggregations)
-			if err != nil {
-				return nil, err
-			}
-			sb.Having(rewrittenExpr)
-		}
-
-		if len(query.Order) != 0 {
-			for _, orderBy := range query.Order {
-				_, ok := aggOrderBy(orderBy, query)
-				if !ok {
-					sb.OrderBy(fmt.Sprintf("`%s` %s", orderBy.Key.Name, orderBy.Direction.StringValue()))
-				}
-			}
-			sb.OrderBy("ts desc")
-		}
-
-		combinedArgs := append(allGroupByArgs, allAggChArgs...)
-		mainSQL, mainArgs := sb.BuildWithFlavor(sqlbuilder.ClickHouse, combinedArgs...)
-
-		finalSQL = querybuilder.CombineCTEs(cteFragments) + mainSQL
-		finalArgs = querybuilder.PrependArgs(cteArgs, mainArgs)
-	} else {
-		sb.GroupBy("ts")
-		sb.GroupBy(querybuilder.GroupByKeys(query.GroupBy)...)
-		if query.Having != nil && query.Having.Expression != "" {
-			rewriter := querybuilder.NewHavingExpressionRewriter()
-			rewrittenExpr, err := rewriter.RewriteForLogs(query.Having.Expression, query.Aggregations)
-			if err != nil {
-				return nil, err
-			}
-			sb.Having(rewrittenExpr)
-		}
-
-		if len(query.Order) != 0 {
-			for _, orderBy := range query.Order {
-				_, ok := aggOrderBy(orderBy, query)
-				if !ok {
-					sb.OrderBy(fmt.Sprintf("`%s` %s", orderBy.Key.Name, orderBy.Direction.StringValue()))
-				}
-			}
-			sb.OrderBy("ts desc")
-		}
-
-		combinedArgs := append(allGroupByArgs, allAggChArgs...)
-		mainSQL, mainArgs := sb.BuildWithFlavor(sqlbuilder.ClickHouse, combinedArgs...)
-
-		finalSQL = querybuilder.CombineCTEs(cteFragments) + mainSQL
-		finalArgs = querybuilder.PrependArgs(cteArgs, mainArgs)
-	}
-
-	stmt := &qbtypes.Statement{
-		Query: finalSQL,
-		Args:  finalArgs,
-	}
-	if preparedWhereClause != nil {
-		stmt.Warnings = preparedWhereClause.Warnings
-		stmt.WarningsDocURL = preparedWhereClause.WarningsDocURL
-	}
-
-	return stmt, nil
-}
-
-func (b *auditQueryStatementBuilder) buildScalarQuery(
-	ctx context.Context,
-	sb *sqlbuilder.SelectBuilder,
-	query qbtypes.QueryBuilderQuery[qbtypes.LogAggregation],
-	start, end uint64,
-	keys map[string][]*telemetrytypes.TelemetryFieldKey,
-	skipResourceCTE bool,
-	variables map[string]qbtypes.VariableItem,
-) (*qbtypes.Statement, error) {
-	var (
-		cteFragments []string
-		cteArgs      [][]any
-	)
-
-	if frag, args, err := b.maybeAttachResourceFilter(ctx, sb, query, start, end, variables); err != nil {
-		return nil, err
-	} else if frag != "" && !skipResourceCTE {
-		cteFragments = append(cteFragments, frag)
-		cteArgs = append(cteArgs, args)
-	}
-
-	allAggChArgs := []any{}
-
-	var allGroupByArgs []any
-
-	for _, gb := range query.GroupBy {
-		expr, args, err := querybuilder.CollisionHandledFinalExpr(ctx, start, end, &gb.TelemetryFieldKey, b.fm, b.cb, keys, telemetrytypes.FieldDataTypeString, b.jsonKeyToKey)
-		if err != nil {
-			return nil, err
-		}
-
-		colExpr := fmt.Sprintf("toString(%s) AS `%s`", expr, gb.Name)
-		allGroupByArgs = append(allGroupByArgs, args...)
-		sb.SelectMore(colExpr)
-	}
-
-	rateInterval := (end - start) / querybuilder.NsToSeconds
-
-	if len(query.Aggregations) > 0 {
-		for idx := range query.Aggregations {
-			aggExpr := query.Aggregations[idx]
-			rewritten, chArgs, err := b.aggExprRewriter.Rewrite(ctx, start, end, aggExpr.Expression, rateInterval, keys)
-			if err != nil {
-				return nil, err
-			}
-			allAggChArgs = append(allAggChArgs, chArgs...)
-			sb.SelectMore(fmt.Sprintf("%s AS __result_%d", rewritten, idx))
-		}
-	}
-
-	sb.From(fmt.Sprintf("%s.%s", DBName, AuditLogsTableName))
-
-	preparedWhereClause, err := b.addFilterCondition(ctx, sb, start, end, query, keys, variables)
-	if err != nil {
-		return nil, err
-	}
-
-	sb.GroupBy(querybuilder.GroupByKeys(query.GroupBy)...)
-
-	if query.Having != nil && query.Having.Expression != "" {
-		rewriter := querybuilder.NewHavingExpressionRewriter()
-		rewrittenExpr, err := rewriter.RewriteForLogs(query.Having.Expression, query.Aggregations)
-		if err != nil {
-			return nil, err
-		}
-		sb.Having(rewrittenExpr)
-	}
-
-	for _, orderBy := range query.Order {
-		idx, ok := aggOrderBy(orderBy, query)
-		if ok {
-			sb.OrderBy(fmt.Sprintf("__result_%d %s", idx, orderBy.Direction.StringValue()))
-		} else {
-			sb.OrderBy(fmt.Sprintf("`%s` %s", orderBy.Key.Name, orderBy.Direction.StringValue()))
-		}
-	}
-
-	if len(query.Order) == 0 {
-		sb.OrderBy("__result_0 DESC")
-	}
-
-	if query.Limit > 0 {
-		sb.Limit(query.Limit)
-	}
-
-	combinedArgs := append(allGroupByArgs, allAggChArgs...)
-
-	mainSQL, mainArgs := sb.BuildWithFlavor(sqlbuilder.ClickHouse, combinedArgs...)
-
-	finalSQL := querybuilder.CombineCTEs(cteFragments) + mainSQL
-	finalArgs := querybuilder.PrependArgs(cteArgs, mainArgs)
-
-	stmt := &qbtypes.Statement{
-		Query: finalSQL,
-		Args:  finalArgs,
-	}
-	if preparedWhereClause != nil {
-		stmt.Warnings = preparedWhereClause.Warnings
-		stmt.WarningsDocURL = preparedWhereClause.WarningsDocURL
-	}
-
-	return stmt, nil
-}
-
-func (b *auditQueryStatementBuilder) addFilterCondition(
-	ctx context.Context,
-	sb *sqlbuilder.SelectBuilder,
-	start, end uint64,
-	query qbtypes.QueryBuilderQuery[qbtypes.LogAggregation],
-	keys map[string][]*telemetrytypes.TelemetryFieldKey,
-	variables map[string]qbtypes.VariableItem,
-) (*querybuilder.PreparedWhereClause, error) {
-	var preparedWhereClause *querybuilder.PreparedWhereClause
-	var err error
-
-	if query.Filter != nil && query.Filter.Expression != "" {
-		preparedWhereClause, err = querybuilder.PrepareWhereClause(query.Filter.Expression, querybuilder.FilterExprVisitorOpts{
-			Context:            ctx,
-			Logger:             b.logger,
-			FieldMapper:        b.fm,
-			ConditionBuilder:   b.cb,
-			FieldKeys:          keys,
-			SkipResourceFilter: true,
-			FullTextColumn:     b.fullTextColumn,
-			JsonKeyToKey:       b.jsonKeyToKey,
-			Variables:          variables,
-			StartNs:            start,
-			EndNs:              end,
-		})
-
-		if err != nil {
-			return nil, err
-		}
-	}
-
-	if preparedWhereClause != nil {
-		sb.AddWhereClause(preparedWhereClause.WhereClause)
-	}
-
-	startBucket := start/querybuilder.NsToSeconds - querybuilder.BucketAdjustment
-	var endBucket uint64
-	if end != 0 {
-		endBucket = end / querybuilder.NsToSeconds
-	}
-
-	if start != 0 {
-		sb.Where(sb.GE("timestamp", fmt.Sprintf("%d", start)), sb.GE("ts_bucket_start", startBucket))
-	}
-	if end != 0 {
-		sb.Where(sb.L("timestamp", fmt.Sprintf("%d", end)), sb.LE("ts_bucket_start", endBucket))
-	}
-
-	return preparedWhereClause, nil
-}
-
-func aggOrderBy(k qbtypes.OrderBy, q qbtypes.QueryBuilderQuery[qbtypes.LogAggregation]) (int, bool) {
-	for i, agg := range q.Aggregations {
-		if k.Key.Name == agg.Alias || k.Key.Name == agg.Expression || k.Key.Name == fmt.Sprintf("%d", i) {
-			return i, true
-		}
-	}
-	return 0, false
-}
-
-func (b *auditQueryStatementBuilder) maybeAttachResourceFilter(
-	ctx context.Context,
-	sb *sqlbuilder.SelectBuilder,
-	query qbtypes.QueryBuilderQuery[qbtypes.LogAggregation],
-	start, end uint64,
-	variables map[string]qbtypes.VariableItem,
-) (cteSQL string, cteArgs []any, err error) {
-	stmt, err := b.resourceFilterStmtBuilder.Build(ctx, start, end, qbtypes.RequestTypeRaw, query, variables)
-	if err != nil {
-		return "", nil, err
-	}
-
-	sb.Where("resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter)")
-
-	return fmt.Sprintf("__resource_filter AS (%s)", stmt.Query), stmt.Args, nil
-}

pkg/telemetryaudit/statement_builder_test.go

@@ -1,223 +0,0 @@
-package telemetryaudit
-
-import (
-	"context"
-	"testing"
-	"time"
-
-	"github.com/SigNoz/signoz/pkg/instrumentation/instrumentationtest"
-	"github.com/SigNoz/signoz/pkg/querybuilder"
-	qbtypes "github.com/SigNoz/signoz/pkg/types/querybuildertypes/querybuildertypesv5"
-	"github.com/SigNoz/signoz/pkg/types/telemetrytypes"
-	"github.com/SigNoz/signoz/pkg/types/telemetrytypes/telemetrytypestest"
-	"github.com/stretchr/testify/require"
-)
-
-func auditFieldKeyMap() map[string][]*telemetrytypes.TelemetryFieldKey {
-	key := func(name string, ctx telemetrytypes.FieldContext, dt telemetrytypes.FieldDataType, materialized bool) *telemetrytypes.TelemetryFieldKey {
-		return &telemetrytypes.TelemetryFieldKey{
-			Name:          name,
-			Signal:        telemetrytypes.SignalLogs,
-			FieldContext:  ctx,
-			FieldDataType: dt,
-			Materialized:  materialized,
-		}
-	}
-
-	attr := telemetrytypes.FieldContextAttribute
-	res := telemetrytypes.FieldContextResource
-	str := telemetrytypes.FieldDataTypeString
-	i64 := telemetrytypes.FieldDataTypeInt64
-
-	return map[string][]*telemetrytypes.TelemetryFieldKey{
-		"service.name":                 {key("service.name", res, str, false)},
-		"signoz.audit.action":          {key("signoz.audit.action", attr, str, true)},
-		"signoz.audit.outcome":         {key("signoz.audit.outcome", attr, str, true)},
-		"signoz.audit.principal.email": {key("signoz.audit.principal.email", attr, str, true)},
-		"signoz.audit.principal.id":    {key("signoz.audit.principal.id", attr, str, true)},
-		"signoz.audit.principal.type":  {key("signoz.audit.principal.type", attr, str, true)},
-		"signoz.audit.resource.kind":   {key("signoz.audit.resource.kind", res, str, false)},
-		"signoz.audit.resource.id":     {key("signoz.audit.resource.id", res, str, false)},
-		"signoz.audit.action_category": {key("signoz.audit.action_category", attr, str, false)},
-		"signoz.audit.error.type":      {key("signoz.audit.error.type", attr, str, false)},
-		"signoz.audit.error.code":      {key("signoz.audit.error.code", attr, str, false)},
-		"http.request.method":          {key("http.request.method", attr, str, false)},
-		"http.response.status_code":    {key("http.response.status_code", attr, i64, false)},
-	}
-}
-
-func newTestAuditStatementBuilder() *auditQueryStatementBuilder {
-	mockMetadataStore := telemetrytypestest.NewMockMetadataStore()
-	mockMetadataStore.KeysMap = auditFieldKeyMap()
-
-	fm := NewFieldMapper()
-	cb := NewConditionBuilder(fm)
-	aggExprRewriter := querybuilder.NewAggExprRewriter(instrumentationtest.New().ToProviderSettings(), nil, fm, cb, nil)
-
-	return NewAuditQueryStatementBuilder(
-		instrumentationtest.New().ToProviderSettings(),
-		mockMetadataStore,
-		fm,
-		cb,
-		aggExprRewriter,
-		DefaultFullTextColumn,
-		nil,
-	)
-}
-
-func TestStatementBuilder(t *testing.T) {
-	statementBuilder := newTestAuditStatementBuilder()
-	ctx := context.Background()
-
-	testCases := []struct {
-		name        string
-		requestType qbtypes.RequestType
-		query       qbtypes.QueryBuilderQuery[qbtypes.LogAggregation]
-		expected    qbtypes.Statement
-		expectedErr error
-	}{
-		// List: all actions by a specific user (materialized principal.id filter)
-		{
-			name:        "ListByPrincipalID",
-			requestType: qbtypes.RequestTypeRaw,
-			query: qbtypes.QueryBuilderQuery[qbtypes.LogAggregation]{
-				Signal: telemetrytypes.SignalLogs,
-				Source: telemetrytypes.SourceAudit,
-				Filter: &qbtypes.Filter{
-					Expression: "signoz.audit.principal.id = '019a-1234-abcd-5678'",
-				},
-				Limit: 100,
-			},
-			expected: qbtypes.Statement{
-				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_audit.distributed_logs_resource WHERE true AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?) SELECT timestamp, id, trace_id, span_id, trace_flags, severity_text, severity_number, scope_name, scope_version, body, event_name, attributes_string, attributes_number, attributes_bool, resource, scope_string FROM signoz_audit.distributed_logs WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND (`attribute_string_signoz$$audit$$principal$$id` = ? AND `attribute_string_signoz$$audit$$principal$$id_exists` = ?) AND timestamp >= ? AND ts_bucket_start >= ? AND timestamp < ? AND ts_bucket_start <= ? LIMIT ?",
-				Args:  []any{uint64(1747945619), uint64(1747983448), "019a-1234-abcd-5678", true, "1747947419000000000", uint64(1747945619), "1747983448000000000", uint64(1747983448), 100},
-			},
-		},
-		// List: all failed actions (materialized outcome filter)
-		{
-			name:        "ListByOutcomeFailure",
-			requestType: qbtypes.RequestTypeRaw,
-			query: qbtypes.QueryBuilderQuery[qbtypes.LogAggregation]{
-				Signal: telemetrytypes.SignalLogs,
-				Source: telemetrytypes.SourceAudit,
-				Filter: &qbtypes.Filter{
-					Expression: "signoz.audit.outcome = 'failure'",
-				},
-				Limit: 100,
-			},
-			expected: qbtypes.Statement{
-				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_audit.distributed_logs_resource WHERE true AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?) SELECT timestamp, id, trace_id, span_id, trace_flags, severity_text, severity_number, scope_name, scope_version, body, event_name, attributes_string, attributes_number, attributes_bool, resource, scope_string FROM signoz_audit.distributed_logs WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND (`attribute_string_signoz$$audit$$outcome` = ? AND `attribute_string_signoz$$audit$$outcome_exists` = ?) AND timestamp >= ? AND ts_bucket_start >= ? AND timestamp < ? AND ts_bucket_start <= ? LIMIT ?",
-				Args:  []any{uint64(1747945619), uint64(1747983448), "failure", true, "1747947419000000000", uint64(1747945619), "1747983448000000000", uint64(1747983448), 100},
-			},
-		},
-		// List: change history of a specific dashboard (two materialized column AND)
-		{
-			name:        "ListByResourceKindAndID",
-			requestType: qbtypes.RequestTypeRaw,
-			query: qbtypes.QueryBuilderQuery[qbtypes.LogAggregation]{
-				Signal: telemetrytypes.SignalLogs,
-				Source: telemetrytypes.SourceAudit,
-				Filter: &qbtypes.Filter{
-					Expression: "signoz.audit.resource.kind = 'dashboard' AND signoz.audit.resource.id = '019b-5678-efgh-9012'",
-				},
-				Limit: 100,
-			},
-			expected: qbtypes.Statement{
-				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_audit.distributed_logs_resource WHERE ((simpleJSONExtractString(labels, 'signoz.audit.resource.kind') = ? AND labels LIKE ? AND labels LIKE ?) AND (simpleJSONExtractString(labels, 'signoz.audit.resource.id') = ? AND labels LIKE ? AND labels LIKE ?)) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?) SELECT timestamp, id, trace_id, span_id, trace_flags, severity_text, severity_number, scope_name, scope_version, body, event_name, attributes_string, attributes_number, attributes_bool, resource, scope_string FROM signoz_audit.distributed_logs WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND true AND timestamp >= ? AND ts_bucket_start >= ? AND timestamp < ? AND ts_bucket_start <= ? LIMIT ?",
-				Args:  []any{"dashboard", "%signoz.audit.resource.kind%", "%signoz.audit.resource.kind\":\"dashboard%", "019b-5678-efgh-9012", "%signoz.audit.resource.id%", "%signoz.audit.resource.id\":\"019b-5678-efgh-9012%", uint64(1747945619), uint64(1747983448), "1747947419000000000", uint64(1747945619), "1747983448000000000", uint64(1747983448), 100},
-			},
-		},
-		// List: all dashboard deletions (compliance — resource.kind + action AND)
-		{
-			name:        "ListByResourceKindAndAction",
-			requestType: qbtypes.RequestTypeRaw,
-			query: qbtypes.QueryBuilderQuery[qbtypes.LogAggregation]{
-				Signal: telemetrytypes.SignalLogs,
-				Source: telemetrytypes.SourceAudit,
-				Filter: &qbtypes.Filter{
-					Expression: "signoz.audit.resource.kind = 'dashboard' AND signoz.audit.action = 'delete'",
-				},
-				Limit: 100,
-			},
-			expected: qbtypes.Statement{
-				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_audit.distributed_logs_resource WHERE (simpleJSONExtractString(labels, 'signoz.audit.resource.kind') = ? AND labels LIKE ? AND labels LIKE ?) AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?) SELECT timestamp, id, trace_id, span_id, trace_flags, severity_text, severity_number, scope_name, scope_version, body, event_name, attributes_string, attributes_number, attributes_bool, resource, scope_string FROM signoz_audit.distributed_logs WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND (`attribute_string_signoz$$audit$$action` = ? AND `attribute_string_signoz$$audit$$action_exists` = ?) AND timestamp >= ? AND ts_bucket_start >= ? AND timestamp < ? AND ts_bucket_start <= ? LIMIT ?",
-				Args:  []any{"dashboard", "%signoz.audit.resource.kind%", "%signoz.audit.resource.kind\":\"dashboard%", uint64(1747945619), uint64(1747983448), "delete", true, "1747947419000000000", uint64(1747945619), "1747983448000000000", uint64(1747983448), 100},
-			},
-		},
-		// List: all actions by service accounts (materialized principal.type)
-		{
-			name:        "ListByPrincipalType",
-			requestType: qbtypes.RequestTypeRaw,
-			query: qbtypes.QueryBuilderQuery[qbtypes.LogAggregation]{
-				Signal: telemetrytypes.SignalLogs,
-				Source: telemetrytypes.SourceAudit,
-				Filter: &qbtypes.Filter{
-					Expression: "signoz.audit.principal.type = 'service_account'",
-				},
-				Limit: 100,
-			},
-			expected: qbtypes.Statement{
-				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_audit.distributed_logs_resource WHERE true AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?) SELECT timestamp, id, trace_id, span_id, trace_flags, severity_text, severity_number, scope_name, scope_version, body, event_name, attributes_string, attributes_number, attributes_bool, resource, scope_string FROM signoz_audit.distributed_logs WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND (`attribute_string_signoz$$audit$$principal$$type` = ? AND `attribute_string_signoz$$audit$$principal$$type_exists` = ?) AND timestamp >= ? AND ts_bucket_start >= ? AND timestamp < ? AND ts_bucket_start <= ? LIMIT ?",
-				Args:  []any{uint64(1747945619), uint64(1747983448), "service_account", true, "1747947419000000000", uint64(1747945619), "1747983448000000000", uint64(1747983448), 100},
-			},
-		},
-		// Scalar: alert — count forbidden errors (outcome + action AND)
-		{
-			name:        "ScalarCountByOutcomeAndAction",
-			requestType: qbtypes.RequestTypeScalar,
-			query: qbtypes.QueryBuilderQuery[qbtypes.LogAggregation]{
-				Signal:       telemetrytypes.SignalLogs,
-				Source:       telemetrytypes.SourceAudit,
-				StepInterval: qbtypes.Step{Duration: 60 * time.Second},
-				Filter: &qbtypes.Filter{
-					Expression: "signoz.audit.outcome = 'failure' AND signoz.audit.action = 'update'",
-				},
-				Aggregations: []qbtypes.LogAggregation{
-					{Expression: "count()"},
-				},
-			},
-			expected: qbtypes.Statement{
-				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_audit.distributed_logs_resource WHERE true AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?) SELECT count() AS __result_0 FROM signoz_audit.distributed_logs WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND ((`attribute_string_signoz$$audit$$outcome` = ? AND `attribute_string_signoz$$audit$$outcome_exists` = ?) AND (`attribute_string_signoz$$audit$$action` = ? AND `attribute_string_signoz$$audit$$action_exists` = ?)) AND timestamp >= ? AND ts_bucket_start >= ? AND timestamp < ? AND ts_bucket_start <= ? ORDER BY __result_0 DESC",
-				Args:  []any{uint64(1747945619), uint64(1747983448), "failure", true, "update", true, "1747947419000000000", uint64(1747945619), "1747983448000000000", uint64(1747983448)},
-			},
-		},
-		// TimeSeries: failures grouped by principal email with top-N limit
-		{
-			name:        "TimeSeriesFailuresGroupedByPrincipal",
-			requestType: qbtypes.RequestTypeTimeSeries,
-			query: qbtypes.QueryBuilderQuery[qbtypes.LogAggregation]{
-				Signal:       telemetrytypes.SignalLogs,
-				Source:       telemetrytypes.SourceAudit,
-				StepInterval: qbtypes.Step{Duration: 60 * time.Second},
-				Aggregations: []qbtypes.LogAggregation{
-					{Expression: "count()"},
-				},
-				Filter: &qbtypes.Filter{
-					Expression: "signoz.audit.outcome = 'failure'",
-				},
-				GroupBy: []qbtypes.GroupByKey{
-					{TelemetryFieldKey: telemetrytypes.TelemetryFieldKey{Name: "signoz.audit.principal.email"}},
-				},
-				Limit: 5,
-			},
-			expected: qbtypes.Statement{
-				Query: "WITH __resource_filter AS (SELECT fingerprint FROM signoz_audit.distributed_logs_resource WHERE true AND seen_at_ts_bucket_start >= ? AND seen_at_ts_bucket_start <= ?), __limit_cte AS (SELECT toString(multiIf(`attribute_string_signoz$$audit$$principal$$email_exists` = ?, `attribute_string_signoz$$audit$$principal$$email`, NULL)) AS `signoz.audit.principal.email`, count() AS __result_0 FROM signoz_audit.distributed_logs WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND (`attribute_string_signoz$$audit$$outcome` = ? AND `attribute_string_signoz$$audit$$outcome_exists` = ?) AND timestamp >= ? AND ts_bucket_start >= ? AND timestamp < ? AND ts_bucket_start <= ? GROUP BY `signoz.audit.principal.email` ORDER BY __result_0 DESC LIMIT ?) SELECT toStartOfInterval(fromUnixTimestamp64Nano(timestamp), INTERVAL 60 SECOND) AS ts, toString(multiIf(`attribute_string_signoz$$audit$$principal$$email_exists` = ?, `attribute_string_signoz$$audit$$principal$$email`, NULL)) AS `signoz.audit.principal.email`, count() AS __result_0 FROM signoz_audit.distributed_logs WHERE resource_fingerprint GLOBAL IN (SELECT fingerprint FROM __resource_filter) AND (`attribute_string_signoz$$audit$$outcome` = ? AND `attribute_string_signoz$$audit$$outcome_exists` = ?) AND timestamp >= ? AND ts_bucket_start >= ? AND timestamp < ? AND ts_bucket_start <= ? AND (`signoz.audit.principal.email`) GLOBAL IN (SELECT `signoz.audit.principal.email` FROM __limit_cte) GROUP BY ts, `signoz.audit.principal.email`",
-				Args:  []any{uint64(1747945619), uint64(1747983448), true, "failure", true, "1747947419000000000", uint64(1747945619), "1747983448000000000", uint64(1747983448), 5, true, "failure", true, "1747947419000000000", uint64(1747945619), "1747983448000000000", uint64(1747983448)},
-			},
-		},
-	}
-
-	for _, testCase := range testCases {
-		t.Run(testCase.name, func(t *testing.T) {
-			q, err := statementBuilder.Build(ctx, 1747947419000, 1747983448000, testCase.requestType, testCase.query, nil)
-			if testCase.expectedErr != nil {
-				require.Error(t, err)
-				require.Contains(t, err.Error(), testCase.expectedErr.Error())
-			} else {
-				require.NoError(t, err)
-				require.Equal(t, testCase.expected.Query, q.Query)
-				require.Equal(t, testCase.expected.Args, q.Args)
-			}
-		})
-	}
-}

pkg/telemetryaudit/tables.go

@@ -1,12 +0,0 @@
-package telemetryaudit
-
-const (
-	DBName                      = "signoz_audit"
-	AuditLogsTableName          = "distributed_logs"
-	AuditLogsLocalTableName     = "logs"
-	TagAttributesTableName      = "distributed_tag_attributes"
-	TagAttributesLocalTableName = "tag_attributes"
-	LogAttributeKeysTblName     = "distributed_logs_attribute_keys"
-	LogResourceKeysTblName      = "distributed_logs_resource_keys"
-	LogsResourceTableName       = "distributed_logs_resource"
-)

pkg/telemetrylogs/json_stmt_builder_test.go

@@ -631,7 +631,7 @@ func TestJSONStmtBuilder_ArrayPaths(t *testing.T) {
 			filter: "hasAll(body.user.permissions, ['read', 'write'])",
 			expected: TestExpected{
 				WhereClause: "hasAll(dynamicElement(body_v2.`user.permissions`, 'Array(Nullable(String))'), ?)",
-				Args:        []any{uint64(1747945619), uint64(1747983448), []any{"read", "write"}, "1747947419000000000", uint64(1747945619), "1747983448000000000", uint64(1747983448), 10},
+				Args:        []any{uint64(1747945619), uint64(1747983448), []any{[]any{"read", "write"}}, "1747947419000000000", uint64(1747945619), "1747983448000000000", uint64(1747983448), 10},
 			},
 		},
 
@@ -757,7 +757,7 @@ func TestJSONStmtBuilder_ArrayPaths(t *testing.T) {
 			filter: "hasAny(education[].awards[].participated[].members, ['Piyush', 'Tushar'])",
 			expected: TestExpected{
 				WhereClause: "hasAny(arrayFlatten(arrayConcat(arrayMap(`body_v2.education`->arrayConcat(arrayMap(`body_v2.education[].awards`->arrayConcat(arrayMap(`body_v2.education[].awards[].participated`->dynamicElement(`body_v2.education[].awards[].participated`.`members`, 'Array(Nullable(String))'), dynamicElement(`body_v2.education[].awards`.`participated`, 'Array(JSON(max_dynamic_types=4, max_dynamic_paths=0))')), arrayMap(`body_v2.education[].awards[].participated`->dynamicElement(`body_v2.education[].awards[].participated`.`members`, 'Array(Nullable(String))'), arrayMap(x->assumeNotNull(dynamicElement(x, 'JSON')), arrayFilter(x->(dynamicType(x) = 'JSON'), dynamicElement(`body_v2.education[].awards`.`participated`, 'Array(Dynamic)'))))), dynamicElement(`body_v2.education`.`awards`, 'Array(JSON(max_dynamic_types=8, max_dynamic_paths=0))')), arrayMap(`body_v2.education[].awards`->arrayConcat(arrayMap(`body_v2.education[].awards[].participated`->dynamicElement(`body_v2.education[].awards[].participated`.`members`, 'Array(Nullable(String))'), dynamicElement(`body_v2.education[].awards`.`participated`, 'Array(JSON(max_dynamic_types=16, max_dynamic_paths=256))')), arrayMap(`body_v2.education[].awards[].participated`->dynamicElement(`body_v2.education[].awards[].participated`.`members`, 'Array(Nullable(String))'), arrayMap(x->assumeNotNull(dynamicElement(x, 'JSON')), arrayFilter(x->(dynamicType(x) = 'JSON'), dynamicElement(`body_v2.education[].awards`.`participated`, 'Array(Dynamic)'))))), arrayMap(x->assumeNotNull(dynamicElement(x, 'JSON')), arrayFilter(x->(dynamicType(x) = 'JSON'), dynamicElement(`body_v2.education`.`awards`, 'Array(Dynamic)'))))), dynamicElement(body_v2.`education`, 'Array(JSON(max_dynamic_types=16, max_dynamic_paths=0))')))), ?)",
-				Args:        []any{uint64(1747945619), uint64(1747983448), []any{"Piyush", "Tushar"}, "1747947419000000000", uint64(1747945619), "1747983448000000000", uint64(1747983448), 10},
+				Args:        []any{uint64(1747945619), uint64(1747983448), []any{[]any{"Piyush", "Tushar"}}, "1747947419000000000", uint64(1747945619), "1747983448000000000", uint64(1747983448), 10},
 			},
 		},
 		{

pkg/telemetrylogs/statement_builder.go

@@ -45,7 +45,6 @@ func NewLogQueryStatementBuilder(
 		DBName,
 		LogsResourceV2TableName,
 		telemetrytypes.SignalLogs,
-		telemetrytypes.SourceUnspecified,
 		metadataStore,
 		fullTextColumn,
 		jsonKeyToKey,

pkg/telemetrymetadata/metadata.go

@@ -13,7 +13,6 @@ import (
 	"github.com/SigNoz/signoz/pkg/errors"
 	"github.com/SigNoz/signoz/pkg/factory"
 	"github.com/SigNoz/signoz/pkg/querybuilder"
-	"github.com/SigNoz/signoz/pkg/telemetryaudit"
 	"github.com/SigNoz/signoz/pkg/telemetrylogs"
 	"github.com/SigNoz/signoz/pkg/telemetrymetrics"
 	"github.com/SigNoz/signoz/pkg/telemetrystore"
@@ -28,7 +27,6 @@ import (
 var (
 	ErrFailedToGetTracesKeys    = errors.Newf(errors.TypeInternal, errors.CodeInternal, "failed to get traces keys")
 	ErrFailedToGetLogsKeys      = errors.Newf(errors.TypeInternal, errors.CodeInternal, "failed to get logs keys")
-	ErrFailedToGetAuditKeys     = errors.Newf(errors.TypeInternal, errors.CodeInternal, "failed to get audit keys")
 	ErrFailedToGetTblStatement  = errors.Newf(errors.TypeInternal, errors.CodeInternal, "failed to get tbl statement")
 	ErrFailedToGetMetricsKeys   = errors.Newf(errors.TypeInternal, errors.CodeInternal, "failed to get metrics keys")
 	ErrFailedToGetMeterKeys     = errors.Newf(errors.TypeInternal, errors.CodeInternal, "failed to get meter keys")
@@ -52,11 +50,6 @@ type telemetryMetaStore struct {
 	logAttributeKeysTblName        string
 	logResourceKeysTblName         string
 	logsV2TblName                  string
-	auditDBName                    string
-	auditLogsTblName               string
-	auditFieldsTblName             string
-	auditAttributeKeysTblName      string
-	auditResourceKeysTblName       string
 	relatedMetadataDBName          string
 	relatedMetadataTblName         string
 	columnEvolutionMetadataTblName string
@@ -86,11 +79,6 @@ func NewTelemetryMetaStore(
 	logsFieldsTblName string,
 	logAttributeKeysTblName string,
 	logResourceKeysTblName string,
-	auditDBName string,
-	auditLogsTblName string,
-	auditFieldsTblName string,
-	auditAttributeKeysTblName string,
-	auditResourceKeysTblName string,
 	relatedMetadataDBName string,
 	relatedMetadataTblName string,
 	columnEvolutionMetadataTblName string,
@@ -113,11 +101,6 @@ func NewTelemetryMetaStore(
 		logsFieldsTblName:              logsFieldsTblName,
 		logAttributeKeysTblName:        logAttributeKeysTblName,
 		logResourceKeysTblName:         logResourceKeysTblName,
-		auditDBName:                    auditDBName,
-		auditLogsTblName:               auditLogsTblName,
-		auditFieldsTblName:             auditFieldsTblName,
-		auditAttributeKeysTblName:      auditAttributeKeysTblName,
-		auditResourceKeysTblName:       auditResourceKeysTblName,
 		relatedMetadataDBName:          relatedMetadataDBName,
 		relatedMetadataTblName:         relatedMetadataTblName,
 		columnEvolutionMetadataTblName: columnEvolutionMetadataTblName,
@@ -609,227 +592,6 @@ func (t *telemetryMetaStore) getLogsKeys(ctx context.Context, fieldKeySelectors
 	return keys, complete, nil
 }
 
-func (t *telemetryMetaStore) auditTblStatementToFieldKeys(ctx context.Context) ([]*telemetrytypes.TelemetryFieldKey, error) {
-	ctx = ctxtypes.NewContextWithCommentVals(ctx, map[string]string{
-		instrumentationtypes.TelemetrySignal:  telemetrytypes.SignalLogs.StringValue(),
-		instrumentationtypes.CodeNamespace:    "metadata",
-		instrumentationtypes.CodeFunctionName: "auditTblStatementToFieldKeys",
-	})
-
-	query := fmt.Sprintf("SHOW CREATE TABLE %s.%s", t.auditDBName, t.auditLogsTblName)
-	statements := []telemetrytypes.ShowCreateTableStatement{}
-	err := t.telemetrystore.ClickhouseDB().Select(ctx, &statements, query)
-	if err != nil {
-		return nil, errors.Wrap(err, errors.TypeInternal, errors.CodeInternal, ErrFailedToGetTblStatement.Error())
-	}
-
-	materialisedKeys, err := ExtractFieldKeysFromTblStatement(statements[0].Statement)
-	if err != nil {
-		return nil, errors.Wrap(err, errors.TypeInternal, errors.CodeInternal, ErrFailedToGetAuditKeys.Error())
-	}
-
-	for idx := range materialisedKeys {
-		materialisedKeys[idx].Signal = telemetrytypes.SignalLogs
-	}
-
-	return materialisedKeys, nil
-}
-
-func (t *telemetryMetaStore) getAuditKeys(ctx context.Context, fieldKeySelectors []*telemetrytypes.FieldKeySelector) ([]*telemetrytypes.TelemetryFieldKey, bool, error) {
-	ctx = ctxtypes.NewContextWithCommentVals(ctx, map[string]string{
-		instrumentationtypes.TelemetrySignal:  telemetrytypes.SignalLogs.StringValue(),
-		instrumentationtypes.CodeNamespace:    "metadata",
-		instrumentationtypes.CodeFunctionName: "getAuditKeys",
-	})
-
-	if len(fieldKeySelectors) == 0 {
-		return nil, true, nil
-	}
-
-	matKeys, err := t.auditTblStatementToFieldKeys(ctx)
-	if err != nil {
-		return nil, false, err
-	}
-	mapOfKeys := make(map[string]*telemetrytypes.TelemetryFieldKey)
-	for _, key := range matKeys {
-		mapOfKeys[key.Name+";"+key.FieldContext.StringValue()+";"+key.FieldDataType.StringValue()] = key
-	}
-
-	var queries []string
-	var allArgs []any
-
-	queryAttributeTable := false
-	queryResourceTable := false
-
-	for _, selector := range fieldKeySelectors {
-		if selector.FieldContext == telemetrytypes.FieldContextUnspecified {
-			queryAttributeTable = true
-			queryResourceTable = true
-			break
-		} else if selector.FieldContext == telemetrytypes.FieldContextAttribute {
-			queryAttributeTable = true
-		} else if selector.FieldContext == telemetrytypes.FieldContextResource {
-			queryResourceTable = true
-		}
-	}
-
-	tablesToQuery := []struct {
-		fieldContext telemetrytypes.FieldContext
-		shouldQuery  bool
-		tblName      string
-	}{
-		{telemetrytypes.FieldContextAttribute, queryAttributeTable, t.auditDBName + "." + t.auditAttributeKeysTblName},
-		{telemetrytypes.FieldContextResource, queryResourceTable, t.auditDBName + "." + t.auditResourceKeysTblName},
-	}
-
-	for _, table := range tablesToQuery {
-		if !table.shouldQuery {
-			continue
-		}
-
-		fieldContext := table.fieldContext
-		tblName := table.tblName
-
-		sb := sqlbuilder.Select(
-			"name AS tag_key",
-			fmt.Sprintf("'%s' AS tag_type", fieldContext.TagType()),
-			"lower(datatype) AS tag_data_type",
-			fmt.Sprintf("%d AS priority", getPriorityForContext(fieldContext)),
-		).From(tblName)
-
-		var limit int
-		conds := []string{}
-
-		for _, fieldKeySelector := range fieldKeySelectors {
-			if fieldKeySelector.FieldContext != telemetrytypes.FieldContextUnspecified && fieldKeySelector.FieldContext != fieldContext {
-				continue
-			}
-
-			fieldKeyConds := []string{}
-			if fieldKeySelector.SelectorMatchType == telemetrytypes.FieldSelectorMatchTypeExact {
-				fieldKeyConds = append(fieldKeyConds, sb.E("name", fieldKeySelector.Name))
-			} else {
-				fieldKeyConds = append(fieldKeyConds, sb.ILike("name", "%"+escapeForLike(fieldKeySelector.Name)+"%"))
-			}
-
-			if fieldKeySelector.FieldDataType != telemetrytypes.FieldDataTypeUnspecified {
-				fieldKeyConds = append(fieldKeyConds, sb.E("datatype", fieldKeySelector.FieldDataType.TagDataType()))
-			}
-
-			if len(fieldKeyConds) > 0 {
-				conds = append(conds, sb.And(fieldKeyConds...))
-			}
-			limit += fieldKeySelector.Limit
-		}
-
-		if len(conds) > 0 {
-			sb.Where(sb.Or(conds...))
-		}
-
-		sb.GroupBy("name", "datatype")
-		if limit == 0 {
-			limit = 1000
-		}
-
-		query, args := sb.BuildWithFlavor(sqlbuilder.ClickHouse)
-		queries = append(queries, query)
-		allArgs = append(allArgs, args...)
-	}
-
-	if len(queries) == 0 {
-		return []*telemetrytypes.TelemetryFieldKey{}, true, nil
-	}
-
-	var limit int
-	for _, fieldKeySelector := range fieldKeySelectors {
-		limit += fieldKeySelector.Limit
-	}
-	if limit == 0 {
-		limit = 1000
-	}
-
-	mainQuery := fmt.Sprintf(`
-		SELECT tag_key, tag_type, tag_data_type, max(priority) as priority
-		FROM (
-			%s
-		) AS combined_results
-		GROUP BY tag_key, tag_type, tag_data_type
-		ORDER BY priority
-		LIMIT %d
-	`, strings.Join(queries, " UNION ALL "), limit+1)
-
-	rows, err := t.telemetrystore.ClickhouseDB().Query(ctx, mainQuery, allArgs...)
-	if err != nil {
-		return nil, false, errors.Wrap(err, errors.TypeInternal, errors.CodeInternal, ErrFailedToGetAuditKeys.Error())
-	}
-	defer rows.Close()
-
-	keys := []*telemetrytypes.TelemetryFieldKey{}
-	rowCount := 0
-	searchTexts := []string{}
-
-	for _, fieldKeySelector := range fieldKeySelectors {
-		searchTexts = append(searchTexts, fieldKeySelector.Name)
-	}
-
-	for rows.Next() {
-		rowCount++
-		if rowCount > limit {
-			break
-		}
-
-		var name string
-		var fieldContext telemetrytypes.FieldContext
-		var fieldDataType telemetrytypes.FieldDataType
-		var priority uint8
-		err = rows.Scan(&name, &fieldContext, &fieldDataType, &priority)
-		if err != nil {
-			return nil, false, errors.Wrap(err, errors.TypeInternal, errors.CodeInternal, ErrFailedToGetAuditKeys.Error())
-		}
-		key, ok := mapOfKeys[name+";"+fieldContext.StringValue()+";"+fieldDataType.StringValue()]
-
-		if !ok {
-			key = &telemetrytypes.TelemetryFieldKey{
-				Name:          name,
-				Signal:        telemetrytypes.SignalLogs,
-				FieldContext:  fieldContext,
-				FieldDataType: fieldDataType,
-			}
-		}
-
-		keys = append(keys, key)
-		mapOfKeys[name+";"+fieldContext.StringValue()+";"+fieldDataType.StringValue()] = key
-	}
-
-	if rows.Err() != nil {
-		return nil, false, errors.Wrap(rows.Err(), errors.TypeInternal, errors.CodeInternal, ErrFailedToGetAuditKeys.Error())
-	}
-
-	complete := rowCount <= limit
-
-	// Add intrinsic audit fields (same as logs intrinsics: body, severity_text, etc.)
-	staticKeys := maps.Keys(telemetryaudit.IntrinsicFields)
-	for _, key := range staticKeys {
-		found := false
-		for _, v := range searchTexts {
-			if v == "" || strings.Contains(key, v) {
-				found = true
-				break
-			}
-		}
-
-		if found {
-			if field, exists := telemetryaudit.IntrinsicFields[key]; exists {
-				if _, added := mapOfKeys[field.Name+";"+field.FieldContext.StringValue()+";"+field.FieldDataType.StringValue()]; !added {
-					keys = append(keys, &field)
-				}
-			}
-		}
-	}
-
-	return keys, complete, nil
-}
-
 func getPriorityForContext(ctx telemetrytypes.FieldContext) int {
 	switch ctx {
 	case telemetrytypes.FieldContextLog:
@@ -1127,11 +889,7 @@ func (t *telemetryMetaStore) GetKeys(ctx context.Context, fieldKeySelector *tele
 	case telemetrytypes.SignalTraces:
 		keys, complete, err = t.getTracesKeys(ctx, selectors)
 	case telemetrytypes.SignalLogs:
-		if fieldKeySelector.Source == telemetrytypes.SourceAudit {
-			keys, complete, err = t.getAuditKeys(ctx, selectors)
-		} else {
-			keys, complete, err = t.getLogsKeys(ctx, selectors)
-		}
+		keys, complete, err = t.getLogsKeys(ctx, selectors)
 	case telemetrytypes.SignalMetrics:
 		if fieldKeySelector.Source == telemetrytypes.SourceMeter {
 			keys, complete, err = t.getMeterSourceMetricKeys(ctx, selectors)
@@ -1180,7 +938,6 @@ func (t *telemetryMetaStore) GetKeys(ctx context.Context, fieldKeySelector *tele
 func (t *telemetryMetaStore) GetKeysMulti(ctx context.Context, fieldKeySelectors []*telemetrytypes.FieldKeySelector) (map[string][]*telemetrytypes.TelemetryFieldKey, bool, error) {
 
 	logsSelectors := []*telemetrytypes.FieldKeySelector{}
-	auditSelectors := []*telemetrytypes.FieldKeySelector{}
 	tracesSelectors := []*telemetrytypes.FieldKeySelector{}
 	metricsSelectors := []*telemetrytypes.FieldKeySelector{}
 	meterSourceMetricsSelectors := []*telemetrytypes.FieldKeySelector{}
@@ -1188,11 +945,7 @@ func (t *telemetryMetaStore) GetKeysMulti(ctx context.Context, fieldKeySelectors
 	for _, fieldKeySelector := range fieldKeySelectors {
 		switch fieldKeySelector.Signal {
 		case telemetrytypes.SignalLogs:
-			if fieldKeySelector.Source == telemetrytypes.SourceAudit {
-				auditSelectors = append(auditSelectors, fieldKeySelector)
-			} else {
-				logsSelectors = append(logsSelectors, fieldKeySelector)
-			}
+			logsSelectors = append(logsSelectors, fieldKeySelector)
 		case telemetrytypes.SignalTraces:
 			tracesSelectors = append(tracesSelectors, fieldKeySelector)
 		case telemetrytypes.SignalMetrics:
@@ -1212,10 +965,6 @@ func (t *telemetryMetaStore) GetKeysMulti(ctx context.Context, fieldKeySelectors
 	if err != nil {
 		return nil, false, err
 	}
-	auditKeys, auditComplete, err := t.getAuditKeys(ctx, auditSelectors)
-	if err != nil {
-		return nil, false, err
-	}
 	tracesKeys, tracesComplete, err := t.getTracesKeys(ctx, tracesSelectors)
 	if err != nil {
 		return nil, false, err
@@ -1230,15 +979,12 @@ func (t *telemetryMetaStore) GetKeysMulti(ctx context.Context, fieldKeySelectors
 		return nil, false, err
 	}
 	// Complete only if all queries are complete
-	complete := logsComplete && auditComplete && tracesComplete && metricsComplete
+	complete := logsComplete && tracesComplete && metricsComplete
 
 	mapOfKeys := make(map[string][]*telemetrytypes.TelemetryFieldKey)
 	for _, key := range logsKeys {
 		mapOfKeys[key.Name] = append(mapOfKeys[key.Name], key)
 	}
-	for _, key := range auditKeys {
-		mapOfKeys[key.Name] = append(mapOfKeys[key.Name], key)
-	}
 	for _, key := range tracesKeys {
 		mapOfKeys[key.Name] = append(mapOfKeys[key.Name], key)
 	}
@@ -1592,97 +1338,6 @@ func (t *telemetryMetaStore) getLogFieldValues(ctx context.Context, fieldValueSe
 	return values, complete, nil
 }
 
-func (t *telemetryMetaStore) getAuditFieldValues(ctx context.Context, fieldValueSelector *telemetrytypes.FieldValueSelector) (*telemetrytypes.TelemetryFieldValues, bool, error) {
-	ctx = ctxtypes.NewContextWithCommentVals(ctx, map[string]string{
-		instrumentationtypes.TelemetrySignal:  telemetrytypes.SignalLogs.StringValue(),
-		instrumentationtypes.CodeNamespace:    "metadata",
-		instrumentationtypes.CodeFunctionName: "getAuditFieldValues",
-	})
-
-	limit := fieldValueSelector.Limit
-	if limit == 0 {
-		limit = 50
-	}
-
-	sb := sqlbuilder.Select("DISTINCT string_value, number_value").From(t.auditDBName + "." + t.auditFieldsTblName)
-
-	if fieldValueSelector.Name != "" {
-		sb.Where(sb.E("tag_key", fieldValueSelector.Name))
-	}
-
-	if fieldValueSelector.FieldContext != telemetrytypes.FieldContextUnspecified {
-		sb.Where(sb.E("tag_type", fieldValueSelector.FieldContext.TagType()))
-	}
-
-	if fieldValueSelector.FieldDataType != telemetrytypes.FieldDataTypeUnspecified {
-		sb.Where(sb.E("tag_data_type", fieldValueSelector.FieldDataType.TagDataType()))
-	}
-
-	if fieldValueSelector.Value != "" {
-		switch fieldValueSelector.FieldDataType {
-		case telemetrytypes.FieldDataTypeString:
-			sb.Where(sb.ILike("string_value", "%"+escapeForLike(fieldValueSelector.Value)+"%"))
-		case telemetrytypes.FieldDataTypeNumber:
-			sb.Where(sb.IsNotNull("number_value"))
-			sb.Where(sb.ILike("toString(number_value)", "%"+escapeForLike(fieldValueSelector.Value)+"%"))
-		case telemetrytypes.FieldDataTypeUnspecified:
-			sb.Where(sb.Or(
-				sb.ILike("string_value", "%"+escapeForLike(fieldValueSelector.Value)+"%"),
-				sb.ILike("toString(number_value)", "%"+escapeForLike(fieldValueSelector.Value)+"%"),
-			))
-		}
-	}
-
-	// fetch one extra row to detect whether the result set is complete
-	sb.Limit(limit + 1)
-
-	query, args := sb.BuildWithFlavor(sqlbuilder.ClickHouse)
-
-	rows, err := t.telemetrystore.ClickhouseDB().Query(ctx, query, args...)
-	if err != nil {
-		return nil, false, errors.Wrap(err, errors.TypeInternal, errors.CodeInternal, ErrFailedToGetAuditKeys.Error())
-	}
-	defer rows.Close()
-
-	values := &telemetrytypes.TelemetryFieldValues{}
-	seen := make(map[string]bool)
-	rowCount := 0
-	totalCount := 0
-
-	for rows.Next() {
-		rowCount++
-
-		var stringValue string
-		var numberValue float64
-		err = rows.Scan(&stringValue, &numberValue)
-		if err != nil {
-			return nil, false, errors.Wrap(err, errors.TypeInternal, errors.CodeInternal, ErrFailedToGetAuditKeys.Error())
-		}
-		if stringValue != "" && !seen[stringValue] {
-			if totalCount >= limit {
-				break
-			}
-			values.StringValues = append(values.StringValues, stringValue)
-			seen[stringValue] = true
-			totalCount++
-		}
-		if numberValue != 0 {
-			if totalCount >= limit {
-				break
-			}
-			if !seen[fmt.Sprintf("%f", numberValue)] {
-				values.NumberValues = append(values.NumberValues, numberValue)
-				seen[fmt.Sprintf("%f", numberValue)] = true
-				totalCount++
-			}
-		}
-	}
-
-	complete := rowCount <= limit
-
-	return values, complete, nil
-}
-
 // getMetricFieldValues returns field values and whether the result is complete.
 func (t *telemetryMetaStore) getMetricFieldValues(ctx context.Context, fieldValueSelector *telemetrytypes.FieldValueSelector) (*telemetrytypes.TelemetryFieldValues, bool, error) {
 	ctx = ctxtypes.NewContextWithCommentVals(ctx, map[string]string{
@@ -1973,11 +1628,7 @@ func (t *telemetryMetaStore) GetAllValues(ctx context.Context, fieldValueSelecto
 	case telemetrytypes.SignalTraces:
 		values, complete, err = t.getSpanFieldValues(ctx, fieldValueSelector)
 	case telemetrytypes.SignalLogs:
-		if fieldValueSelector.Source == telemetrytypes.SourceAudit {
-			values, complete, err = t.getAuditFieldValues(ctx, fieldValueSelector)
-		} else {
-			values, complete, err = t.getLogFieldValues(ctx, fieldValueSelector)
-		}
+		values, complete, err = t.getLogFieldValues(ctx, fieldValueSelector)
 	case telemetrytypes.SignalMetrics:
 		if fieldValueSelector.Source == telemetrytypes.SourceMeter {
 			values, complete, err = t.getMeterSourceMetricFieldValues(ctx, fieldValueSelector)

pkg/telemetrymetadata/metadata_query_test.go

@@ -5,7 +5,6 @@ import (
 	"testing"
 
 	"github.com/SigNoz/signoz/pkg/instrumentation/instrumentationtest"
-	"github.com/SigNoz/signoz/pkg/telemetryaudit"
 	"github.com/SigNoz/signoz/pkg/telemetrylogs"
 	"github.com/SigNoz/signoz/pkg/telemetrymeter"
 	"github.com/SigNoz/signoz/pkg/telemetrymetrics"
@@ -38,11 +37,6 @@ func TestGetFirstSeenFromMetricMetadata(t *testing.T) {
 		telemetrylogs.TagAttributesV2TableName,
 		telemetrylogs.LogAttributeKeysTblName,
 		telemetrylogs.LogResourceKeysTblName,
-		telemetryaudit.DBName,
-		telemetryaudit.AuditLogsTableName,
-		telemetryaudit.TagAttributesTableName,
-		telemetryaudit.LogAttributeKeysTblName,
-		telemetryaudit.LogResourceKeysTblName,
 		DBName,
 		AttributesMetadataLocalTableName,
 		ColumnEvolutionMetadataTableName,

pkg/telemetrymetadata/metadata_test.go

@@ -7,7 +7,6 @@ import (
 
 	"github.com/SigNoz/signoz/pkg/errors"
 	"github.com/SigNoz/signoz/pkg/instrumentation/instrumentationtest"
-	"github.com/SigNoz/signoz/pkg/telemetryaudit"
 	"github.com/SigNoz/signoz/pkg/telemetrylogs"
 	"github.com/SigNoz/signoz/pkg/telemetrymeter"
 	"github.com/SigNoz/signoz/pkg/telemetrymetrics"
@@ -37,11 +36,6 @@ func newTestTelemetryMetaStoreTestHelper(store telemetrystore.TelemetryStore) te
 		telemetrylogs.TagAttributesV2TableName,
 		telemetrylogs.LogAttributeKeysTblName,
 		telemetrylogs.LogResourceKeysTblName,
-		telemetryaudit.DBName,
-		telemetryaudit.AuditLogsTableName,
-		telemetryaudit.TagAttributesTableName,
-		telemetryaudit.LogAttributeKeysTblName,
-		telemetryaudit.LogResourceKeysTblName,
 		DBName,
 		AttributesMetadataLocalTableName,
 		ColumnEvolutionMetadataTableName,

pkg/telemetrymetadata/tables.go

@@ -9,6 +9,6 @@ const (
 	ColumnEvolutionMetadataTableName = "distributed_column_evolution_metadata"
 	PathTypesTableName               = otelcollectorconst.DistributedPathTypesTable
 	// Column Evolution table stores promoted paths as (signal, column_name, field_context, field_name); see signoz-otel-collector metadata_migrations.
-	PromotedPathsTableName = "distributed_column_evolution_metadata"
-	SkipIndexTableName     = "system.data_skipping_indices"
+	PromotedPathsTableName           = "distributed_column_evolution_metadata"
+	SkipIndexTableName               = "system.data_skipping_indices"
 )

pkg/telemetryresourcefilter/statement_builder.go

@@ -21,7 +21,6 @@ type resourceFilterStatementBuilder[T any] struct {
 	conditionBuilder qbtypes.ConditionBuilder
 	metadataStore    telemetrytypes.MetadataStore
 	signal           telemetrytypes.Signal
-	source           telemetrytypes.Source
 
 	fullTextColumn *telemetrytypes.TelemetryFieldKey
 	jsonKeyToKey   qbtypes.JsonKeyToFieldFunc
@@ -38,7 +37,6 @@ func New[T any](
 	dbName string,
 	tableName string,
 	signal telemetrytypes.Signal,
-	source telemetrytypes.Source,
 	metadataStore telemetrytypes.MetadataStore,
 	fullTextColumn *telemetrytypes.TelemetryFieldKey,
 	jsonKeyToKey qbtypes.JsonKeyToFieldFunc,
@@ -54,7 +52,6 @@ func New[T any](
 		conditionBuilder: cb,
 		metadataStore:    metadataStore,
 		signal:           signal,
-		source:           source,
 		fullTextColumn:   fullTextColumn,
 		jsonKeyToKey:     jsonKeyToKey,
 	}
@@ -75,7 +72,6 @@ func (b *resourceFilterStatementBuilder[T]) getKeySelectors(query qbtypes.QueryB
 			continue
 		}
 		keySelectors[idx].Signal = b.signal
-		keySelectors[idx].Source = b.source
 		keySelectors[idx].SelectorMatchType = telemetrytypes.FieldSelectorMatchTypeExact
 		filteredKeySelectors = append(filteredKeySelectors, keySelectors[idx])
 	}

pkg/telemetryresourcefilter/statement_builder_test.go

@@ -375,7 +375,6 @@ func TestResourceFilterStatementBuilder_Traces(t *testing.T) {
 		"signoz_traces",
 		"distributed_traces_v3_resource",
 		telemetrytypes.SignalTraces,
-		telemetrytypes.SourceUnspecified,
 		mockMetadataStore,
 		nil,
 		nil,
@@ -593,7 +592,6 @@ func TestResourceFilterStatementBuilder_Logs(t *testing.T) {
 		"signoz_logs",
 		"distributed_logs_v2_resource",
 		telemetrytypes.SignalLogs,
-		telemetrytypes.SourceUnspecified,
 		mockMetadataStore,
 		nil,
 		nil,
@@ -655,7 +653,6 @@ func TestResourceFilterStatementBuilder_Variables(t *testing.T) {
 		"signoz_traces",
 		"distributed_traces_v3_resource",
 		telemetrytypes.SignalTraces,
-		telemetrytypes.SourceUnspecified,
 		mockMetadataStore,
 		nil,
 		nil,

pkg/telemetrytraces/statement_builder.go

@@ -49,7 +49,6 @@ func NewTraceQueryStatementBuilder(
 		DBName,
 		TracesResourceV3TableName,
 		telemetrytypes.SignalTraces,
-		telemetrytypes.SourceUnspecified,
 		metadataStore,
 		nil,
 		nil,

pkg/telemetrytraces/trace_operator_statement_builder.go

@@ -39,7 +39,6 @@ func NewTraceOperatorStatementBuilder(
 		DBName,
 		TracesResourceV3TableName,
 		telemetrytypes.SignalTraces,
-		telemetrytypes.SourceUnspecified,
 		metadataStore,
 		nil,
 		nil,

pkg/types/cloudintegrationtypes/account.go

@@ -1,10 +1,8 @@
 package cloudintegrationtypes
 
 import (
-	"encoding/json"
 	"time"
 
-	"github.com/SigNoz/signoz/pkg/errors"
 	"github.com/SigNoz/signoz/pkg/types"
 	"github.com/SigNoz/signoz/pkg/valuer"
 )
@@ -31,285 +29,16 @@ type AccountConfig struct {
 	AWS *AWSAccountConfig `json:"aws" required:"true" nullable:"false"`
 }
 
-type AWSAccountConfig struct {
-	Regions []string `json:"regions" required:"true" nullable:"false"`
-}
-
-type PostableAccount struct {
-	Config      *PostableAccountConfig `json:"config" required:"true"`
-	Credentials *Credentials           `json:"credentials" required:"true"`
-}
-
-type PostableAccountConfig struct {
-	// as agent version is common for all providers, we can keep it at top level of this struct
-	AgentVersion string
-	Aws          *AWSPostableAccountConfig `json:"aws" required:"true" nullable:"false"`
-}
-
-type Credentials struct {
-	SigNozAPIURL string `json:"sigNozApiUrl" required:"true"`
-	SigNozAPIKey string `json:"sigNozApiKey" required:"true"` // PAT
-	IngestionURL string `json:"ingestionUrl" required:"true"`
-	IngestionKey string `json:"ingestionKey" required:"true"`
-}
-
-type AWSPostableAccountConfig struct {
-	DeploymentRegion string   `json:"deploymentRegion" required:"true"`
-	Regions          []string `json:"regions" required:"true" nullable:"false"`
-}
-
-type GettableAccountWithConnectionArtifact struct {
-	ID                 valuer.UUID         `json:"id" required:"true"`
-	ConnectionArtifact *ConnectionArtifact `json:"connectionArtifact" required:"true"`
-}
-
-type ConnectionArtifact struct {
-	// required till new providers are added
-	Aws *AWSConnectionArtifact `json:"aws" required:"true" nullable:"false"`
-}
-
-type AWSConnectionArtifact struct {
-	ConnectionURL string `json:"connectionUrl" required:"true"`
-}
-
-type GetConnectionArtifactRequest = PostableAccount
-
 type GettableAccounts struct {
 	Accounts []*Account `json:"accounts" required:"true" nullable:"false"`
 }
 
+type GettableAccount = Account
+
 type UpdatableAccount struct {
 	Config *AccountConfig `json:"config" required:"true" nullable:"false"`
 }
 
-func NewAccount(orgID valuer.UUID, provider CloudProviderType, config *AccountConfig) *Account {
-	return &Account{
-		Identifiable: types.Identifiable{
-			ID: valuer.GenerateUUID(),
-		},
-		TimeAuditable: types.TimeAuditable{
-			CreatedAt: time.Now(),
-			UpdatedAt: time.Now(),
-		},
-		OrgID:    orgID,
-		Provider: provider,
-		Config:   config,
-	}
-}
-
-func NewAccountFromStorable(storableAccount *StorableCloudIntegration) (*Account, error) {
-	// config can not be empty
-	if storableAccount.Config == "" {
-		return nil, errors.NewInternalf(errors.CodeInternal, "config is empty for account with id: %s", storableAccount.ID)
-	}
-
-	account := &Account{
-		Identifiable:      storableAccount.Identifiable,
-		TimeAuditable:     storableAccount.TimeAuditable,
-		ProviderAccountID: storableAccount.AccountID,
-		Provider:          storableAccount.Provider,
-		RemovedAt:         storableAccount.RemovedAt,
-		OrgID:             storableAccount.OrgID,
-		Config:            new(AccountConfig),
-	}
-
-	switch storableAccount.Provider {
-	case CloudProviderTypeAWS:
-		awsConfig := new(AWSAccountConfig)
-		err := json.Unmarshal([]byte(storableAccount.Config), awsConfig)
-		if err != nil {
-			return nil, err
-		}
-		account.Config.AWS = awsConfig
-	}
-
-	if storableAccount.LastAgentReport != nil {
-		account.AgentReport = &AgentReport{
-			TimestampMillis: storableAccount.LastAgentReport.TimestampMillis,
-			Data:            storableAccount.LastAgentReport.Data,
-		}
-	}
-
-	return account, nil
-}
-
-func NewAccountsFromStorables(storableAccounts []*StorableCloudIntegration) ([]*Account, error) {
-	accounts := make([]*Account, 0, len(storableAccounts))
-	for _, storableAccount := range storableAccounts {
-		account, err := NewAccountFromStorable(storableAccount)
-		if err != nil {
-			return nil, err
-		}
-		accounts = append(accounts, account)
-	}
-
-	return accounts, nil
-}
-
-func (account *Account) Update(config *AccountConfig) error {
-	if account.RemovedAt != nil {
-		return errors.New(errors.TypeUnsupported, ErrCodeCloudIntegrationRemoved, "this operation is not supported for a removed cloud integration account")
-	}
-	account.Config = config
-	account.UpdatedAt = time.Now()
-	return nil
-}
-
-func (account *Account) IsRemoved() bool {
-	return account.RemovedAt != nil
-}
-
-func NewAccountConfigFromPostable(provider CloudProviderType, config *PostableAccountConfig) (*AccountConfig, error) {
-	switch provider {
-	case CloudProviderTypeAWS:
-		if config.Aws == nil {
-			return nil, errors.NewInternalf(errors.CodeInternal, "AWS config is nil")
-		}
-		return &AccountConfig{
-			AWS: &AWSAccountConfig{
-				Regions: config.Aws.Regions,
-			},
-		}, nil
-	}
-
-	return nil, errors.NewInvalidInputf(ErrCodeCloudProviderInvalidInput, "invalid cloud provider: %s", provider.StringValue())
-}
-
-// func NewAccountFromPostableAccount(provider CloudProviderType, account *PostableAccount) (*Account, error) {
-// 	req := &Account{
-// 		Credentials: account.Credentials,
-// 	}
-
-// 	switch provider {
-// 	case CloudProviderTypeAWS:
-// 		req.Config = &ConnectionArtifactRequestConfig{
-// 			Aws: &AWSConnectionArtifactRequest{
-// 				DeploymentRegion: artifact.Config.Aws.DeploymentRegion,
-// 				Regions:          artifact.Config.Aws.Regions,
-// 			},
-// 		}
-
-// 		return req, nil
-// 	default:
-// 		return nil, errors.NewInvalidInputf(ErrCodeCloudProviderInvalidInput, "invalid cloud provider: %s", provider.StringValue())
-// 	}
-// }
-
-func NewAgentReport(data map[string]any) *AgentReport {
-	return &AgentReport{
-		TimestampMillis: time.Now().UnixMilli(),
-		Data:            data,
-	}
-}
-
-// ToJSON return JSON bytes for the provider's config
-// thats why not naming it MarshalJSON(), as it will interfere with default JSON marshalling of AccountConfig struct.
-// NOTE: this entertains first non-null provider's config.
-func (config *AccountConfig) ToJSON() ([]byte, error) {
-	if config.AWS != nil {
-		return json.Marshal(config.AWS)
-	}
-
-	return nil, errors.NewInternalf(errors.CodeInternal, "no provider account config found")
-}
-
-func (config *PostableAccountConfig) AddAgentVersion(agentVersion string) {
-	config.AgentVersion = agentVersion
-}
-
-// Validate checks that the connection artifact request has a valid provider-specific block
-// with non-empty, valid regions and a valid deployment region.
-func (account *PostableAccount) Validate(provider CloudProviderType) error {
-	if account.Config == nil || account.Credentials == nil {
-		return errors.New(errors.TypeInvalidInput, ErrCodeInvalidInput,
-			"config and credentials are required")
-	}
-
-	if account.Credentials.SigNozAPIURL == "" {
-		return errors.New(errors.TypeInvalidInput, ErrCodeInvalidInput,
-			"sigNozApiURL can not be empty")
-	}
-
-	if account.Credentials.SigNozAPIKey == "" {
-		return errors.New(errors.TypeInvalidInput, ErrCodeInvalidInput,
-			"sigNozApiKey can not be empty")
-	}
-
-	if account.Credentials.IngestionURL == "" {
-		return errors.New(errors.TypeInvalidInput, ErrCodeInvalidInput,
-			"ingestionUrl can not be empty")
-	}
-
-	if account.Credentials.IngestionKey == "" {
-		return errors.New(errors.TypeInvalidInput, ErrCodeInvalidInput,
-			"ingestionKey can not be empty")
-	}
-
-	switch provider {
-	case CloudProviderTypeAWS:
-		if account.Config.Aws == nil {
-			return errors.New(errors.TypeInvalidInput, ErrCodeInvalidInput,
-				"aws configuration is required")
-		}
-		return account.Config.Aws.Validate()
-	}
-
-	return errors.NewInvalidInputf(ErrCodeCloudProviderInvalidInput, "invalid cloud provider: %s", provider)
-}
-
-// Validate checks that the AWS connection artifact request has a valid deployment region
-// and a non-empty list of valid regions.
-func (req *AWSPostableAccountConfig) Validate() error {
-	if req.DeploymentRegion == "" {
-		return errors.New(errors.TypeInvalidInput, ErrCodeInvalidInput,
-			"deploymentRegion is required")
-	}
-	if _, ok := ValidAWSRegions[req.DeploymentRegion]; !ok {
-		return errors.Newf(errors.TypeInvalidInput, ErrCodeInvalidCloudRegion,
-			"invalid deployment region: %s", req.DeploymentRegion)
-	}
-
-	if len(req.Regions) == 0 {
-		return errors.New(errors.TypeInvalidInput, ErrCodeInvalidInput,
-			"at least one region is required")
-	}
-	for _, region := range req.Regions {
-		if _, ok := ValidAWSRegions[region]; !ok {
-			return errors.Newf(errors.TypeInvalidInput, ErrCodeInvalidCloudRegion,
-				"invalid AWS region: %s", region)
-		}
-	}
-	return nil
-}
-
-func (updatable *UpdatableAccount) Validate(provider CloudProviderType) error {
-	if updatable.Config == nil {
-		return errors.New(errors.TypeInvalidInput, ErrCodeInvalidInput,
-			"config is required")
-	}
-
-	switch provider {
-	case CloudProviderTypeAWS:
-		if updatable.Config.AWS == nil {
-			return errors.New(errors.TypeInvalidInput, ErrCodeInvalidInput,
-				"aws configuration is required")
-		}
-
-		if len(updatable.Config.AWS.Regions) == 0 {
-			return errors.New(errors.TypeInvalidInput, ErrCodeInvalidInput,
-				"at least one region is required")
-		}
-
-		for _, region := range updatable.Config.AWS.Regions {
-			if _, ok := ValidAWSRegions[region]; !ok {
-				return errors.Newf(errors.TypeInvalidInput, ErrCodeInvalidCloudRegion,
-					"invalid AWS region: %s", region)
-			}
-		}
-	default:
-		return errors.NewInvalidInputf(ErrCodeCloudProviderInvalidInput,
-			"invalid cloud provider: %s", provider.StringValue())
-	}
-
-	return nil
+type AWSAccountConfig struct {
+	Regions []string `json:"regions" required:"true" nullable:"false"`
 }

pkg/types/cloudintegrationtypes/checkin.go

@@ -1,93 +0,0 @@
-package cloudintegrationtypes
-
-import (
-	"time"
-
-	"github.com/SigNoz/signoz/pkg/errors"
-	"github.com/SigNoz/signoz/pkg/valuer"
-)
-
-type AgentCheckInRequest struct {
-	ProviderAccountID  string      `json:"providerAccountId" required:"false"`
-	CloudIntegrationID valuer.UUID `json:"cloudIntegrationId" required:"false"`
-
-	Data map[string]any `json:"data" required:"true" nullable:"true"`
-}
-
-type PostableAgentCheckIn struct {
-	AgentCheckInRequest
-	// following are backward compatible fields for older running agents, hence snake case JSON keys.
-	// Which get mapped to new fields in AgentCheckInRequest
-	ID        string `json:"account_id" required:"false"`       // => CloudIntegrationID
-	AccountID string `json:"cloud_account_id" required:"false"` // => ProviderAccountID
-}
-
-type AgentCheckInResponse struct {
-	CloudIntegrationID string                     `json:"cloudIntegrationId" required:"true"`
-	ProviderAccountID  string                     `json:"providerAccountId" required:"true"`
-	IntegrationConfig  *ProviderIntegrationConfig `json:"integrationConfig" required:"true"`
-	RemovedAt          *time.Time                 `json:"removedAt" required:"true" nullable:"true"`
-}
-
-type GettableAgentCheckIn struct {
-	// Older fields for backward compatibility with existing AWS agents
-	AccountID              string             `json:"account_id" required:"true"`
-	CloudAccountID         string             `json:"cloud_account_id" required:"true"`
-	OlderIntegrationConfig *IntegrationConfig `json:"integration_config" required:"true" nullable:"true"`
-	OlderRemovedAt         *time.Time         `json:"removed_at" required:"true" nullable:"true"`
-
-	AgentCheckInResponse
-}
-
-// IntegrationConfig older integration config struct for backward compatibility,
-// this will be eventually removed once agents are updated to use new struct.
-type IntegrationConfig struct {
-	EnabledRegions []string                  `json:"enabled_regions" required:"true" nullable:"false"` // backward compatible
-	Telemetry      *OldAWSCollectionStrategy `json:"telemetry" required:"true" nullable:"false"`       // backward compatible
-}
-
-type ProviderIntegrationConfig struct {
-	AWS *AWSIntegrationConfig `json:"aws" required:"true" nullable:"false"`
-}
-
-type AWSIntegrationConfig struct {
-	EnabledRegions              []string                        `json:"enabledRegions" required:"true" nullable:"false"`
-	TelemetryCollectionStrategy *AWSTelemetryCollectionStrategy `json:"telemetryCollectionStrategy" required:"true" nullable:"false"`
-}
-
-// NewGettableAgentCheckIn constructs a backward-compatible response from an AgentCheckInResponse.
-// It populates the old snake_case fields (account_id, cloud_account_id, integration_config, removed_at)
-// from the new camelCase fields so older agents continue to work unchanged.
-// The provider parameter controls which provider-specific block is mapped into the legacy integration_config.
-func NewGettableAgentCheckIn(provider CloudProviderType, resp *AgentCheckInResponse) *GettableAgentCheckIn {
-	gettable := &GettableAgentCheckIn{
-		AccountID:            resp.CloudIntegrationID,
-		CloudAccountID:       resp.ProviderAccountID,
-		OlderRemovedAt:       resp.RemovedAt,
-		AgentCheckInResponse: *resp,
-	}
-
-	switch provider {
-	case CloudProviderTypeAWS:
-		gettable.OlderIntegrationConfig = awsOlderIntegrationConfig(resp.IntegrationConfig)
-	}
-
-	return gettable
-}
-
-// Validate checks that the request uses either old fields (account_id, cloud_account_id) or
-// new fields (cloudIntegrationId, providerAccountId), never a mix of both.
-func (req *PostableAgentCheckIn) Validate() error {
-	hasOldFields := req.ID != "" || req.AccountID != ""
-	hasNewFields := !req.CloudIntegrationID.IsZero() || req.ProviderAccountID != ""
-
-	if hasOldFields && hasNewFields {
-		return errors.New(errors.TypeInvalidInput, ErrCodeInvalidInput,
-			"request must use either old fields (account_id, cloud_account_id) or new fields (cloudIntegrationId, providerAccountId), not both")
-	}
-	if !hasOldFields && !hasNewFields {
-		return errors.New(errors.TypeInvalidInput, ErrCodeInvalidInput,
-			"request must provide either old fields (account_id, cloud_account_id) or new fields (cloudIntegrationId, providerAccountId)")
-	}
-	return nil
-}

pkg/types/cloudintegrationtypes/cloudintegration.go

@@ -13,16 +13,10 @@ import (
 )
 
 var (
-	ErrCodeUnsupported                          = errors.MustNewCode("cloud_integration_unsupported")
-	ErrCodeInvalidInput                         = errors.MustNewCode("cloud_integration_invalid_input")
 	ErrCodeCloudIntegrationNotFound             = errors.MustNewCode("cloud_integration_not_found")
 	ErrCodeCloudIntegrationAlreadyExists        = errors.MustNewCode("cloud_integration_already_exists")
-	ErrCodeCloudIntegrationAlreadyConnected     = errors.MustNewCode("cloud_integration_already_connected")
-	ErrCodeCloudIntegrationInvalidConfig        = errors.MustNewCode("cloud_integration_invalid_config")
-	ErrCodeCloudIntegrationRemoved              = errors.MustNewCode("cloud_integration_removed")
 	ErrCodeCloudIntegrationServiceNotFound      = errors.MustNewCode("cloud_integration_service_not_found")
 	ErrCodeCloudIntegrationServiceAlreadyExists = errors.MustNewCode("cloud_integration_service_already_exists")
-	ErrCodeServiceDefinitionNotFound            = errors.MustNewCode("service_definition_not_found")
 )
 
 // StorableCloudIntegration represents a cloud integration stored in the database.
@@ -58,26 +52,6 @@ type StorableCloudIntegrationService struct {
 	CloudIntegrationID valuer.UUID `bun:"cloud_integration_id,type:text"`
 }
 
-// Following Service config types are only internally used to store service config in DB and use JSON snake case keys for backward compatibility.
-
-type StorableServiceConfig struct {
-	AWS *StorableAWSServiceConfig
-}
-
-type StorableAWSServiceConfig struct {
-	Logs    *StorableAWSLogsServiceConfig    `json:"logs,omitempty"`
-	Metrics *StorableAWSMetricsServiceConfig `json:"metrics,omitempty"`
-}
-
-type StorableAWSLogsServiceConfig struct {
-	Enabled   bool                `json:"enabled"`
-	S3Buckets map[string][]string `json:"s3_buckets,omitempty"` // region -> list of buckets in that region
-}
-
-type StorableAWSMetricsServiceConfig struct {
-	Enabled bool `json:"enabled"`
-}
-
 // Scan scans value from DB.
 func (r *StorableAgentReport) Scan(src any) error {
 	var data []byte
@@ -94,6 +68,10 @@ func (r *StorableAgentReport) Scan(src any) error {
 
 // Value creates value to be stored in DB.
 func (r *StorableAgentReport) Value() (driver.Value, error) {
+	if r == nil {
+		return nil, errors.NewInternalf(errors.CodeInternal, "agent report is nil")
+	}
+
 	serialized, err := json.Marshal(r)
 	if err != nil {
 		return nil, errors.WrapInternalf(
@@ -103,107 +81,3 @@ func (r *StorableAgentReport) Value() (driver.Value, error) {
 	// Return as string instead of []byte to ensure PostgreSQL stores as text, not bytes
 	return string(serialized), nil
 }
-
-func NewStorableCloudIntegration(account *Account) (*StorableCloudIntegration, error) {
-	configBytes, err := account.Config.ToJSON()
-	if err != nil {
-		return nil, err
-	}
-
-	storableAccount := &StorableCloudIntegration{
-		Identifiable:  account.Identifiable,
-		TimeAuditable: account.TimeAuditable,
-		Provider:      account.Provider,
-		Config:        string(configBytes),
-		AccountID:     account.ProviderAccountID,
-		OrgID:         account.OrgID,
-		RemovedAt:     account.RemovedAt,
-	}
-
-	if account.AgentReport != nil {
-		storableAccount.LastAgentReport = &StorableAgentReport{
-			TimestampMillis: account.AgentReport.TimestampMillis,
-			Data:            account.AgentReport.Data,
-		}
-	}
-
-	return storableAccount, nil
-}
-
-// NewStorableCloudIntegrationService creates a new StorableCloudIntegrationService with
-// generated ID and timestamps from a CloudIntegrationService and its serialized config JSON.
-func NewStorableCloudIntegrationService(svc *CloudIntegrationService, configJSON string) *StorableCloudIntegrationService {
-	return &StorableCloudIntegrationService{
-		Identifiable:       svc.Identifiable,
-		TimeAuditable:      svc.TimeAuditable,
-		Type:               svc.Type,
-		Config:             configJSON,
-		CloudIntegrationID: svc.CloudIntegrationID,
-	}
-}
-
-func (account *StorableCloudIntegration) Update(providerAccountID *string, agentReport *AgentReport) {
-	account.AccountID = providerAccountID
-	if agentReport != nil {
-		account.LastAgentReport = &StorableAgentReport{
-			TimestampMillis: agentReport.TimestampMillis,
-			Data:            agentReport.Data,
-		}
-	}
-}
-
-// following StorableServiceConfig related functions are helper functions to convert between JSON string and ServiceConfig domain struct.
-func newStorableServiceConfig(provider CloudProviderType, serviceID ServiceID, serviceConfig *ServiceConfig, supportedSignals *SupportedSignals) *StorableServiceConfig {
-	switch provider {
-	case CloudProviderTypeAWS:
-		storableAWSServiceConfig := new(StorableAWSServiceConfig)
-
-		if supportedSignals.Logs {
-			storableAWSServiceConfig.Logs = &StorableAWSLogsServiceConfig{
-				Enabled: serviceConfig.AWS.Logs.Enabled,
-			}
-
-			if serviceID == AWSServiceS3Sync {
-				storableAWSServiceConfig.Logs.S3Buckets = serviceConfig.AWS.Logs.S3Buckets
-			}
-		}
-
-		if supportedSignals.Metrics {
-			storableAWSServiceConfig.Metrics = &StorableAWSMetricsServiceConfig{
-				Enabled: serviceConfig.AWS.Metrics.Enabled,
-			}
-		}
-
-		return &StorableServiceConfig{AWS: storableAWSServiceConfig}
-	default:
-		return nil
-	}
-}
-
-func newStorableServiceConfigFromJSON(provider CloudProviderType, jsonStr string) (*StorableServiceConfig, error) {
-	switch provider {
-	case CloudProviderTypeAWS:
-		awsConfig := new(StorableAWSServiceConfig)
-		err := json.Unmarshal([]byte(jsonStr), awsConfig)
-		if err != nil {
-			return nil, errors.WrapInternalf(err, errors.CodeInternal, "couldn't parse AWS service config JSON")
-		}
-		return &StorableServiceConfig{AWS: awsConfig}, nil
-	default:
-		return nil, errors.NewInvalidInputf(ErrCodeCloudProviderInvalidInput, "invalid cloud provider: %s", provider.StringValue())
-	}
-}
-
-func (config *StorableServiceConfig) toJSON(provider CloudProviderType) ([]byte, error) {
-	switch provider {
-	case CloudProviderTypeAWS:
-		jsonBytes, err := json.Marshal(config.AWS)
-		if err != nil {
-			return nil, errors.WrapInternalf(err, errors.CodeInternal, "couldn't serialize AWS service config to JSON")
-		}
-
-		return jsonBytes, nil
-	default:
-		return nil, errors.NewInvalidInputf(ErrCodeCloudProviderInvalidInput, "invalid cloud provider: %s", provider.StringValue())
-	}
-}

pkg/types/cloudintegrationtypes/cloudprovider.go

@@ -1,8 +1,6 @@
 package cloudintegrationtypes
 
 import (
-	"fmt"
-
 	"github.com/SigNoz/signoz/pkg/errors"
 	"github.com/SigNoz/signoz/pkg/valuer"
 )
@@ -16,13 +14,19 @@ var (
 	CloudProviderTypeAzure = CloudProviderType{valuer.NewString("azure")}
 
 	// errors.
-	ErrCodeCloudProviderInvalidInput = errors.MustNewCode("cloud_integration_invalid_cloud_provider")
+	ErrCodeCloudProviderInvalidInput = errors.MustNewCode("invalid_cloud_provider")
 
-	CloudFormationQuickCreateBaseURL  = valuer.NewString("https://%s.console.aws.amazon.com/cloudformation/home")
-	AgentCloudFormationTemplateS3Path = valuer.NewString("https://signoz-integrations.s3.us-east-1.amazonaws.com/aws-quickcreate-template-%s.json")
-	AgentCloudFormationBaseStackName  = valuer.NewString("signoz-integration")
+	AWSIntegrationUserEmail   = valuer.MustNewEmail("aws-integration@signoz.io")
+	AzureIntegrationUserEmail = valuer.MustNewEmail("azure-integration@signoz.io")
 )
 
+// CloudIntegrationUserEmails is the list of valid emails for Cloud One Click integrations.
+// This is used for validation and restrictions in different contexts, across codebase.
+var CloudIntegrationUserEmails = []valuer.Email{
+	AWSIntegrationUserEmail,
+	AzureIntegrationUserEmail,
+}
+
 // NewCloudProvider returns a new CloudProviderType from a string.
 // It validates the input and returns an error if the input is not valid cloud provider.
 func NewCloudProvider(provider string) (CloudProviderType, error) {
@@ -35,7 +39,3 @@ func NewCloudProvider(provider string) (CloudProviderType, error) {
 		return CloudProviderType{}, errors.NewInvalidInputf(ErrCodeCloudProviderInvalidInput, "invalid cloud provider: %s", provider)
 	}
 }
-
-func NewIngestionKeyName(provider CloudProviderType) string {
-	return fmt.Sprintf("%s-integration", provider.StringValue())
-}

pkg/types/cloudintegrationtypes/connection.go

@@ -0,0 +1,81 @@
+package cloudintegrationtypes
+
+import (
+	"time"
+
+	"github.com/SigNoz/signoz/pkg/valuer"
+)
+
+type ConnectionArtifactRequest struct {
+	// required till new providers are added
+	Aws *AWSConnectionArtifactRequest `json:"aws" required:"true" nullable:"false"`
+}
+
+type AWSConnectionArtifactRequest struct {
+	DeploymentRegion string   `json:"deploymentRegion" required:"true"`
+	Regions          []string `json:"regions" required:"true" nullable:"false"`
+}
+
+type PostableConnectionArtifact = ConnectionArtifactRequest
+
+type ConnectionArtifact struct {
+	// required till new providers are added
+	Aws *AWSConnectionArtifact `json:"aws" required:"true" nullable:"false"`
+}
+
+type AWSConnectionArtifact struct {
+	ConnectionURL string `json:"connectionURL" required:"true"`
+}
+
+type GettableAccountWithArtifact struct {
+	ID       valuer.UUID         `json:"id" required:"true"`
+	Artifact *ConnectionArtifact `json:"connectionArtifact" required:"true"`
+}
+
+type AgentCheckInRequest struct {
+	ProviderAccountID  string `json:"providerAccountId" required:"false"`
+	CloudIntegrationID string `json:"cloudIntegrationId" required:"false"`
+
+	Data map[string]any `json:"data" required:"true" nullable:"true"`
+}
+
+type PostableAgentCheckInRequest struct {
+	AgentCheckInRequest
+	// following are backward compatible fields for older running agents
+	// which gets mapped to new fields in AgentCheckInRequest
+	ID        string `json:"account_id" required:"false"`       // => CloudIntegrationID
+	AccountID string `json:"cloud_account_id" required:"false"` // => ProviderAccountID
+}
+
+type AgentCheckInResponse struct {
+	CloudIntegrationID string                     `json:"cloudIntegrationId" required:"true"`
+	ProviderAccountID  string                     `json:"providerAccountId" required:"true"`
+	IntegrationConfig  *ProviderIntegrationConfig `json:"integrationConfig" required:"true"`
+	RemovedAt          *time.Time                 `json:"removedAt" required:"true" nullable:"true"`
+}
+
+type GettableAgentCheckInResponse struct {
+	// Older fields for backward compatibility with existing AWS agents
+	AccountID              string             `json:"account_id" required:"true"`
+	CloudAccountID         string             `json:"cloud_account_id" required:"true"`
+	OlderIntegrationConfig *IntegrationConfig `json:"integration_config" required:"true" nullable:"true"`
+	OlderRemovedAt         *time.Time         `json:"removed_at" required:"true" nullable:"true"`
+
+	AgentCheckInResponse
+}
+
+// IntegrationConfig older integration config struct for backward compatibility,
+// this will be eventually removed once agents are updated to use new struct.
+type IntegrationConfig struct {
+	EnabledRegions []string               `json:"enabled_regions" required:"true" nullable:"false"` // backward compatible
+	Telemetry      *AWSCollectionStrategy `json:"telemetry" required:"true" nullable:"false"`       // backward compatible
+}
+
+type ProviderIntegrationConfig struct {
+	AWS *AWSIntegrationConfig `json:"aws" required:"true" nullable:"false"`
+}
+
+type AWSIntegrationConfig struct {
+	EnabledRegions []string               `json:"enabledRegions" required:"true" nullable:"false"`
+	Telemetry      *AWSCollectionStrategy `json:"telemetry" required:"true" nullable:"false"`
+}

pkg/types/cloudintegrationtypes/regions.go

@@ -4,7 +4,10 @@ import (
 	"github.com/SigNoz/signoz/pkg/errors"
 )
 
-var ErrCodeInvalidCloudRegion = errors.MustNewCode("invalid_cloud_region")
+var (
+	ErrCodeInvalidCloudRegion    = errors.MustNewCode("invalid_cloud_region")
+	ErrCodeMismatchCloudProvider = errors.MustNewCode("cloud_provider_mismatch")
+)
 
 // List of all valid cloud regions on Amazon Web Services.
 var ValidAWSRegions = map[string]struct{}{

pkg/types/cloudintegrationtypes/service.go

@@ -2,7 +2,6 @@ package cloudintegrationtypes
 
 import (
 	"fmt"
-	"strings"
 	"time"
 
 	"github.com/SigNoz/signoz/pkg/errors"
@@ -26,22 +25,6 @@ type ServiceConfig struct {
 	AWS *AWSServiceConfig `json:"aws" required:"true" nullable:"false"`
 }
 
-type AWSServiceConfig struct {
-	Logs    *AWSServiceLogsConfig    `json:"logs"`
-	Metrics *AWSServiceMetricsConfig `json:"metrics"`
-}
-
-// AWSServiceLogsConfig is AWS specific logs config for a service
-// NOTE: the JSON keys are snake case for backward compatibility with existing agents.
-type AWSServiceLogsConfig struct {
-	Enabled   bool                `json:"enabled"`
-	S3Buckets map[string][]string `json:"s3Buckets,omitempty"`
-}
-
-type AWSServiceMetricsConfig struct {
-	Enabled bool `json:"enabled"`
-}
-
 // ServiceMetadata helps to quickly list available services and whether it is enabled or not.
 // As getting complete service definition is a heavy operation and the response is also large,
 // initial integration page load can be very slow.
@@ -62,24 +45,24 @@ type GettableServicesMetadata struct {
 	Services []*ServiceMetadata `json:"services" required:"true" nullable:"false"`
 }
 
-// Service represents a cloud integration service with its definition,
-// cloud integration service is non nil only when the service entry exists in DB with ANY config (enabled or disabled).
 type Service struct {
 	ServiceDefinition
-	CloudIntegrationService *CloudIntegrationService `json:"cloudIntegrationService" required:"true" nullable:"true"`
+	ServiceConfig *ServiceConfig `json:"serviceConfig" required:"false" nullable:"false"`
 }
 
+type GettableService = Service
+
 type UpdatableService struct {
 	Config *ServiceConfig `json:"config" required:"true" nullable:"false"`
 }
 
 type ServiceDefinition struct {
 	ServiceDefinitionMetadata
-	Overview                    string                       `json:"overview" required:"true"` // markdown
-	Assets                      Assets                       `json:"assets" required:"true"`
-	SupportedSignals            SupportedSignals             `json:"supportedSignals" required:"true"`
-	DataCollected               DataCollected                `json:"dataCollected" required:"true"`
-	TelemetryCollectionStrategy *TelemetryCollectionStrategy `json:"telemetryCollectionStrategy" required:"true" nullable:"false"`
+	Overview         string              `json:"overview" required:"true"` // markdown
+	Assets           Assets              `json:"assets" required:"true"`
+	SupportedSignals SupportedSignals    `json:"supported_signals" required:"true"`
+	DataCollected    DataCollected       `json:"dataCollected" required:"true"`
+	Strategy         *CollectionStrategy `json:"telemetryCollectionStrategy" required:"true" nullable:"false"`
 }
 
 // SupportedSignals for cloud provider's service.
@@ -94,10 +77,26 @@ type DataCollected struct {
 	Metrics []CollectedMetric       `json:"metrics"`
 }
 
-// TelemetryCollectionStrategy is cloud provider specific configuration for signal collection,
+// CollectionStrategy is cloud provider specific configuration for signal collection,
 // this is used by agent to understand the nitty-gritty for collecting telemetry for the cloud provider.
-type TelemetryCollectionStrategy struct {
-	AWS *AWSTelemetryCollectionStrategy `json:"aws" required:"true" nullable:"false"`
+type CollectionStrategy struct {
+	AWS *AWSCollectionStrategy `json:"aws" required:"true" nullable:"false"`
+}
+
+type AWSServiceConfig struct {
+	Logs    *AWSServiceLogsConfig    `json:"logs"`
+	Metrics *AWSServiceMetricsConfig `json:"metrics"`
+}
+
+// AWSServiceLogsConfig is AWS specific logs config for a service
+// NOTE: the JSON keys are snake case for backward compatibility with existing agents.
+type AWSServiceLogsConfig struct {
+	Enabled   bool                `json:"enabled"`
+	S3Buckets map[string][]string `json:"s3_buckets,omitempty"`
+}
+
+type AWSServiceMetricsConfig struct {
+	Enabled bool `json:"enabled"`
 }
 
 // Assets represents the collection of dashboards.
@@ -121,65 +120,46 @@ type CollectedMetric struct {
 	Description string `json:"description"`
 }
 
-// OldAWSCollectionStrategy is the backward-compatible snake_case form of AWSCollectionStrategy,
-// used in the legacy integration_config response field for older agents.
-type OldAWSCollectionStrategy struct {
-	Provider  string                 `json:"provider"`
-	Metrics   *OldAWSMetricsStrategy `json:"aws_metrics,omitempty"`
-	Logs      *OldAWSLogsStrategy    `json:"aws_logs,omitempty"`
-	S3Buckets map[string][]string    `json:"s3_buckets,omitempty"`
+// AWSCollectionStrategy represents signal collection strategy for AWS services.
+// this is AWS specific.
+// NOTE: this structure is still using snake case, for backward compatibility,
+// with existing agents.
+type AWSCollectionStrategy struct {
+	Metrics   *AWSMetricsStrategy `json:"aws_metrics,omitempty"`
+	Logs      *AWSLogsStrategy    `json:"aws_logs,omitempty"`
+	S3Buckets map[string][]string `json:"s3_buckets,omitempty"` // Only available in S3 Sync Service Type in AWS
 }
 
-// OldAWSMetricsStrategy is the snake_case form of AWSMetricsStrategy for older agents.
-type OldAWSMetricsStrategy struct {
+// AWSMetricsStrategy represents metrics collection strategy for AWS services.
+// this is AWS specific.
+// NOTE: this structure is still using snake case, for backward compatibility,
+// with existing agents.
+type AWSMetricsStrategy struct {
+	// to be used as https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudwatch-metricstream.html#cfn-cloudwatch-metricstream-includefilters
 	StreamFilters []struct {
+		// json tags here are in the shape expected by AWS API as detailed at
+		// https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudwatch-metricstream-metricstreamfilter.html
 		Namespace   string   `json:"Namespace"`
 		MetricNames []string `json:"MetricNames,omitempty"`
 	} `json:"cloudwatch_metric_stream_filters"`
 }
 
-// OldAWSLogsStrategy is the snake_case form of AWSLogsStrategy for older agents.
-type OldAWSLogsStrategy struct {
+// AWSLogsStrategy represents logs collection strategy for AWS services.
+// this is AWS specific.
+// NOTE: this structure is still using snake case, for backward compatibility,
+// with existing agents.
+type AWSLogsStrategy struct {
 	Subscriptions []struct {
+		// subscribe to all logs groups with specified prefix.
+		// eg: `/aws/rds/`
 		LogGroupNamePrefix string `json:"log_group_name_prefix"`
-		FilterPattern      string `json:"filter_pattern"`
+
+		// https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/FilterAndPatternSyntax.html
+		// "" implies no filtering is required.
+		FilterPattern string `json:"filter_pattern"`
 	} `json:"cloudwatch_logs_subscriptions"`
 }
 
-// AWSTelemetryCollectionStrategy represents signal collection strategy for AWS services.
-type AWSTelemetryCollectionStrategy struct {
-	Metrics   *AWSMetricsCollectionStrategy `json:"metrics,omitempty" required:"false" nullable:"false"`
-	Logs      *AWSLogsCollectionStrategy    `json:"logs,omitempty" required:"false" nullable:"false"`
-	S3Buckets map[string][]string           `json:"s3Buckets,omitempty" required:"false"` // Only available in S3 Sync Service Type in AWS
-}
-
-// AWSMetricsCollectionStrategy represents metrics collection strategy for AWS services.
-type AWSMetricsCollectionStrategy struct {
-	// to be used as https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudwatch-metricstream.html#cfn-cloudwatch-metricstream-includefilters
-	StreamFilters []*AWSCloudWatchMetricStreamFilter `json:"streamFilters" required:"true" nullable:"false"`
-}
-
-type AWSCloudWatchMetricStreamFilter struct {
-	// https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudwatch-metricstream-metricstreamfilter.html
-	Namespace   string   `json:"namespace" required:"true"`
-	MetricNames []string `json:"metricNames,omitempty" required:"false" nullable:"false"`
-}
-
-// AWSLogsCollectionStrategy represents logs collection strategy for AWS services.
-type AWSLogsCollectionStrategy struct {
-	Subscriptions []*AWSCloudWatchLogsSubscription `json:"subscriptions" required:"true" nullable:"false"`
-}
-
-type AWSCloudWatchLogsSubscription struct {
-	// subscribe to all logs groups with specified prefix.
-	// eg: `/aws/rds/`
-	LogGroupNamePrefix string `json:"logGroupNamePrefix" required:"true"`
-
-	// https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/FilterAndPatternSyntax.html
-	// "" implies no filtering is required
-	FilterPattern string `json:"filterPattern" required:"true"`
-}
-
 // Dashboard represents a dashboard definition for cloud integration.
 // This is used to show available pre-made dashboards for a service,
 // hence has additional fields like id, title and description.
@@ -190,156 +170,12 @@ type Dashboard struct {
 	Definition  dashboardtypes.StorableDashboardData `json:"definition,omitempty"`
 }
 
-func NewCloudIntegrationService(serviceID ServiceID, cloudIntegrationID valuer.UUID, config *ServiceConfig) *CloudIntegrationService {
-	return &CloudIntegrationService{
-		Identifiable: types.Identifiable{
-			ID: valuer.GenerateUUID(),
-		},
-		TimeAuditable: types.TimeAuditable{
-			CreatedAt: time.Now(),
-			UpdatedAt: time.Now(),
-		},
-		Type:               serviceID,
-		Config:             config,
-		CloudIntegrationID: cloudIntegrationID,
-	}
-}
-
-func NewCloudIntegrationServiceFromStorable(stored *StorableCloudIntegrationService, config *ServiceConfig) *CloudIntegrationService {
-	return &CloudIntegrationService{
-		Identifiable:       stored.Identifiable,
-		TimeAuditable:      stored.TimeAuditable,
-		Type:               stored.Type,
-		Config:             config,
-		CloudIntegrationID: stored.CloudIntegrationID,
-	}
-}
-
-func NewServiceMetadata(definition ServiceDefinition, enabled bool) *ServiceMetadata {
-	return &ServiceMetadata{
-		ServiceDefinitionMetadata: definition.ServiceDefinitionMetadata,
-		Enabled:                   enabled,
-	}
-}
-
-func NewService(def ServiceDefinition, storableService *CloudIntegrationService) *Service {
-	return &Service{
-		ServiceDefinition:       def,
-		CloudIntegrationService: storableService,
-	}
-}
-
-func NewServiceConfigFromJSON(provider CloudProviderType, jsonString string) (*ServiceConfig, error) {
-	storableServiceConfig, err := newStorableServiceConfigFromJSON(provider, jsonString)
-	if err != nil {
-		return nil, err
-	}
-
-	switch provider {
-	case CloudProviderTypeAWS:
-		awsServiceConfig := new(AWSServiceConfig)
-
-		if storableServiceConfig.AWS.Logs != nil {
-			awsServiceConfig.Logs = &AWSServiceLogsConfig{
-				Enabled:   storableServiceConfig.AWS.Logs.Enabled,
-				S3Buckets: storableServiceConfig.AWS.Logs.S3Buckets,
-			}
-		}
-
-		if storableServiceConfig.AWS.Metrics != nil {
-			awsServiceConfig.Metrics = &AWSServiceMetricsConfig{
-				Enabled: storableServiceConfig.AWS.Metrics.Enabled,
-			}
-		}
-
-		return &ServiceConfig{AWS: awsServiceConfig}, nil
-	default:
-		return nil, errors.NewInvalidInputf(ErrCodeCloudProviderInvalidInput, "invalid cloud provider: %s", provider.StringValue())
-	}
-}
-
-// Update sets the service config.
-func (service *CloudIntegrationService) Update(config *ServiceConfig) {
-	service.Config = config
-	service.UpdatedAt = time.Now()
-}
-
-// IsServiceEnabled returns true if the service has at least one signal (logs or metrics) enabled
-// for the given cloud provider.
-func (config *ServiceConfig) IsServiceEnabled(provider CloudProviderType) bool {
-	switch provider {
-	case CloudProviderTypeAWS:
-		logsEnabled := config.AWS.Logs != nil && config.AWS.Logs.Enabled
-		metricsEnabled := config.AWS.Metrics != nil && config.AWS.Metrics.Enabled
-		return logsEnabled || metricsEnabled
-	default:
-		return false
-	}
-}
-
-// IsMetricsEnabled returns true if metrics are explicitly enabled for the given cloud provider.
-// Used to gate dashboard availability — dashboards are only shown when metrics are enabled.
-func (config *ServiceConfig) IsMetricsEnabled(provider CloudProviderType) bool {
-	switch provider {
-	case CloudProviderTypeAWS:
-		return config.AWS.Metrics != nil && config.AWS.Metrics.Enabled
-	default:
-		return false
-	}
-}
-
-// IsLogsEnabled returns true if logs are explicitly enabled for the given cloud provider.
-func (config *ServiceConfig) IsLogsEnabled(provider CloudProviderType) bool {
-	switch provider {
-	case CloudProviderTypeAWS:
-		return config.AWS.Logs != nil && config.AWS.Logs.Enabled
-	default:
-		return false
-	}
-}
-
-func (config *ServiceConfig) ToJSON(provider CloudProviderType, serviceID ServiceID, supportedSignals *SupportedSignals) ([]byte, error) {
-	storableServiceConfig := newStorableServiceConfig(provider, serviceID, config, supportedSignals)
-	return storableServiceConfig.toJSON(provider)
-}
-
-func (updatableService *UpdatableService) Validate(provider CloudProviderType, serviceID ServiceID) error {
-	switch provider {
-	case CloudProviderTypeAWS:
-		if updatableService.Config.AWS == nil {
-			return errors.NewInvalidInputf(ErrCodeCloudProviderInvalidInput, "AWS config is required for AWS service")
-		}
-
-		if serviceID == AWSServiceS3Sync {
-			if updatableService.Config.AWS.Logs == nil || updatableService.Config.AWS.Logs.S3Buckets == nil {
-				return errors.NewInvalidInputf(ErrCodeCloudProviderInvalidInput, "AWS S3 Sync service requires S3 bucket configuration for logs")
-			}
-		}
-
-		return nil
-	default:
-		return errors.NewInvalidInputf(ErrCodeCloudProviderInvalidInput, "invalid cloud provider: %s", provider.StringValue())
-	}
-}
+// UTILS
 
 // GetCloudIntegrationDashboardID returns the dashboard id for a cloud integration, given the cloud provider, service id, and dashboard id.
 // This is used to generate unique dashboard ids for cloud integration, and also to parse the dashboard id to get the cloud provider and service id when needed.
 func GetCloudIntegrationDashboardID(cloudProvider CloudProviderType, svcID, dashboardID string) string {
-	return fmt.Sprintf("cloud-integration--%s--%s--%s", cloudProvider.StringValue(), svcID, dashboardID)
-}
-
-// ParseCloudIntegrationDashboardID parses a dashboard id generated by GetCloudIntegrationDashboardID
-// into its constituent parts (cloudProvider, serviceID, dashboardID).
-func ParseCloudIntegrationDashboardID(id string) (CloudProviderType, string, string, error) {
-	parts := strings.SplitN(id, "--", 4)
-	if len(parts) != 4 || parts[0] != "cloud-integration" {
-		return CloudProviderType{}, "", "", errors.New(errors.TypeNotFound, ErrCodeCloudIntegrationNotFound, "invalid cloud integration dashboard id")
-	}
-	provider, err := NewCloudProvider(parts[1])
-	if err != nil {
-		return CloudProviderType{}, "", "", err
-	}
-	return provider, parts[2], parts[3], nil
+	return fmt.Sprintf("cloud-integration--%s--%s--%s", cloudProvider, svcID, dashboardID)
 }
 
 // GetDashboardsFromAssets returns the list of dashboards for the cloud provider service from definition.
@@ -353,9 +189,9 @@ func GetDashboardsFromAssets(
 	dashboards := make([]*dashboardtypes.Dashboard, 0)
 
 	for _, d := range assets.Dashboards {
-		author := fmt.Sprintf("%s-integration", cloudProvider.StringValue())
+		author := fmt.Sprintf("%s-integration", cloudProvider)
 		dashboards = append(dashboards, &dashboardtypes.Dashboard{
-			ID:     d.ID,
+			ID:     GetCloudIntegrationDashboardID(cloudProvider, svcID, d.ID),
 			Locked: true,
 			OrgID:  orgID,
 			Data:   d.Definition,
@@ -372,53 +208,3 @@ func GetDashboardsFromAssets(
 
 	return dashboards
 }
-
-// awsOlderIntegrationConfig converts a ProviderIntegrationConfig into the legacy snake_case
-// IntegrationConfig format consumed by older AWS agents. Returns nil if AWS config is absent.
-func awsOlderIntegrationConfig(cfg *ProviderIntegrationConfig) *IntegrationConfig {
-	if cfg == nil || cfg.AWS == nil {
-		return nil
-	}
-	awsCfg := cfg.AWS
-
-	older := &IntegrationConfig{
-		EnabledRegions: awsCfg.EnabledRegions,
-	}
-
-	if awsCfg.TelemetryCollectionStrategy == nil {
-		return older
-	}
-
-	// Older agents expect a "provider" field and fully snake_case keys inside telemetry.
-	oldTelemetry := &OldAWSCollectionStrategy{
-		Provider:  CloudProviderTypeAWS.StringValue(),
-		S3Buckets: awsCfg.TelemetryCollectionStrategy.S3Buckets,
-	}
-
-	if awsCfg.TelemetryCollectionStrategy.Metrics != nil {
-		// Convert camelCase cloudwatchMetricStreamFilters → snake_case cloudwatch_metric_stream_filters
-		oldMetrics := &OldAWSMetricsStrategy{}
-		for _, f := range awsCfg.TelemetryCollectionStrategy.Metrics.StreamFilters {
-			oldMetrics.StreamFilters = append(oldMetrics.StreamFilters, struct {
-				Namespace   string   `json:"Namespace"`
-				MetricNames []string `json:"MetricNames,omitempty"`
-			}{Namespace: f.Namespace, MetricNames: f.MetricNames})
-		}
-		oldTelemetry.Metrics = oldMetrics
-	}
-
-	if awsCfg.TelemetryCollectionStrategy.Logs != nil {
-		// Convert camelCase cloudwatchLogsSubscriptions → snake_case cloudwatch_logs_subscriptions
-		oldLogs := &OldAWSLogsStrategy{}
-		for _, s := range awsCfg.TelemetryCollectionStrategy.Logs.Subscriptions {
-			oldLogs.Subscriptions = append(oldLogs.Subscriptions, struct {
-				LogGroupNamePrefix string `json:"log_group_name_prefix"`
-				FilterPattern      string `json:"filter_pattern"`
-			}{LogGroupNamePrefix: s.LogGroupNamePrefix, FilterPattern: s.FilterPattern})
-		}
-		oldTelemetry.Logs = oldLogs
-	}
-
-	older.Telemetry = oldTelemetry
-	return older
-}

pkg/types/cloudintegrationtypes/store.go

@@ -38,8 +38,6 @@ type Store interface {
 
 	// UpdateService updates an existing cloud integration service
 	UpdateService(ctx context.Context, service *StorableCloudIntegrationService) error
-
-	RunInTx(context.Context, func(ctx context.Context) error) error
 }
 
 type ServiceDefinitionStore interface {

pkg/types/telemetrytypes/source.go

@@ -7,13 +7,11 @@ type Source struct {
 }
 
 var (
-	SourceAudit       = Source{valuer.NewString("audit")}
 	SourceMeter       = Source{valuer.NewString("meter")}
 	SourceUnspecified = Source{valuer.NewString("")}
 )
 
 // Enum returns the acceptable values for Source.
-// TODO: Add SourceAudit once the frontend is ready for consumption.
 func (Source) Enum() []any {
 	return []any{
 		SourceMeter,

pkg/types/tracedetailtypes/waterfall.go

@@ -1,247 +0,0 @@
-package tracedetailtypes
-
-import (
-	"encoding/json"
-	"maps"
-	"time"
-
-	"github.com/SigNoz/signoz/pkg/types/cachetypes"
-)
-
-// WaterfallRequest is the request body for the v3 waterfall API.
-type WaterfallRequest struct {
-	SelectedSpanID   string   `json:"selectedSpanId"`
-	UncollapsedSpans []string `json:"uncollapsedSpans"`
-	Limit            uint     `json:"limit"`
-}
-
-// WaterfallResponse is the response for the v3 waterfall API.
-type WaterfallResponse struct {
-	StartTimestampMillis          uint64            `json:"startTimestampMillis"`
-	EndTimestampMillis            uint64            `json:"endTimestampMillis"`
-	DurationNano                  uint64            `json:"durationNano"`
-	RootServiceName               string            `json:"rootServiceName"`
-	RootServiceEntryPoint         string            `json:"rootServiceEntryPoint"`
-	TotalSpansCount               uint64            `json:"totalSpansCount"`
-	TotalErrorSpansCount          uint64            `json:"totalErrorSpansCount"`
-	ServiceNameToTotalDurationMap map[string]uint64 `json:"serviceNameToTotalDurationMap"`
-	Spans                         []*WaterfallSpan  `json:"spans"`
-	HasMissingSpans               bool              `json:"hasMissingSpans"`
-	UncollapsedSpans              []string          `json:"uncollapsedSpans"`
-}
-
-// Event represents a span event.
-type Event struct {
-	Name         string         `json:"name,omitempty"`
-	TimeUnixNano uint64         `json:"timeUnixNano,omitempty"`
-	AttributeMap map[string]any `json:"attributeMap,omitempty"`
-	IsError      bool           `json:"isError,omitempty"`
-}
-
-// WaterfallSpan represents the span in waterfall response,
-// this uses snake_case keys for response as a special case since these
-// keys can be directly used to query spans and client need to know the actual fields.
-// This pattern should not be copied elsewhere.
-type WaterfallSpan struct {
-	Attributes         map[string]any    `json:"attributes"`
-	DBName             string            `json:"db_name"`
-	DBOperation        string            `json:"db_operation"`
-	DurationNano       uint64            `json:"duration_nano"`
-	Events             []Event           `json:"events"`
-	ExternalHTTPMethod string            `json:"external_http_method"`
-	ExternalHTTPURL    string            `json:"external_http_url"`
-	Flags              uint32            `json:"flags"`
-	HasError           bool              `json:"has_error"`
-	HTTPHost           string            `json:"http_host"`
-	HTTPMethod         string            `json:"http_method"`
-	HTTPURL            string            `json:"http_url"`
-	IsRemote           string            `json:"is_remote"`
-	Kind               int32             `json:"kind"`
-	KindString         string            `json:"kind_string"`
-	Links              string            `json:"links"`
-	Name               string            `json:"name"`
-	ParentSpanID       string            `json:"parent_span_id"`
-	Resource           map[string]string `json:"resource"`
-	ResponseStatusCode string            `json:"response_status_code"`
-	SpanID             string            `json:"span_id"`
-	StatusCode         int32             `json:"status_code"`
-	StatusCodeString   string            `json:"status_code_string"`
-	StatusMessage      string            `json:"status_message"`
-	Timestamp          string            `json:"timestamp"`
-	TraceID            string            `json:"trace_id"`
-	TraceState         string            `json:"trace_state"`
-
-	// Tree structure fields
-	Children         []*WaterfallSpan `json:"-"`
-	SubTreeNodeCount uint64           `json:"sub_tree_node_count"`
-	HasChildren      bool             `json:"has_children"`
-	Level            uint64           `json:"level"`
-
-	// timeUnixNano is an internal field used for tree building and sorting.
-	// It is not serialized in the JSON response.
-	TimeUnixNano uint64 `json:"-"`
-	// serviceName is an internal field used for service time calculation.
-	ServiceName string `json:"-"`
-}
-
-// CopyWithoutChildren creates a shallow copy and reset computed tree fields.
-func (s *WaterfallSpan) CopyWithoutChildren(level uint64) *WaterfallSpan {
-	cp := *s
-	cp.Level = level
-	cp.HasChildren = len(s.Children) > 0
-	cp.Children = make([]*WaterfallSpan, 0)
-	cp.SubTreeNodeCount = 0
-	return &cp
-}
-
-// SpanModel is the ClickHouse scan struct for the v3 waterfall query.
-type SpanModel struct {
-	TimeUnixNano       time.Time          `ch:"timestamp"`
-	DurationNano       uint64             `ch:"duration_nano"`
-	SpanID             string             `ch:"span_id"`
-	TraceID            string             `ch:"trace_id"`
-	HasError           bool               `ch:"has_error"`
-	Kind               int8               `ch:"kind"`
-	ServiceName        string             `ch:"resource_string_service$$name"`
-	Name               string             `ch:"name"`
-	References         string             `ch:"references"`
-	AttributesString   map[string]string  `ch:"attributes_string"`
-	AttributesNumber   map[string]float64 `ch:"attributes_number"`
-	AttributesBool     map[string]bool    `ch:"attributes_bool"`
-	ResourcesString    map[string]string  `ch:"resources_string"`
-	Events             []string           `ch:"events"`
-	StatusMessage      string             `ch:"status_message"`
-	StatusCodeString   string             `ch:"status_code_string"`
-	SpanKind           string             `ch:"kind_string"`
-	ParentSpanID       string             `ch:"parent_span_id"`
-	Flags              uint32             `ch:"flags"`
-	IsRemote           string             `ch:"is_remote"`
-	TraceState         string             `ch:"trace_state"`
-	StatusCode         int32              `ch:"status_code"`
-	DBName             string             `ch:"db_name"`
-	DBOperation        string             `ch:"db_operation"`
-	HTTPMethod         string             `ch:"http_method"`
-	HTTPURL            string             `ch:"http_url"`
-	HTTPHost           string             `ch:"http_host"`
-	ExternalHTTPMethod string             `ch:"external_http_method"`
-	ExternalHTTPURL    string             `ch:"external_http_url"`
-	ResponseStatusCode string             `ch:"response_status_code"`
-}
-
-// ToSpan converts a SpanModel (ClickHouse scan result) into a Span for the waterfall response.
-func (item *SpanModel) ToSpan() *WaterfallSpan {
-	// Merge attributes_string, attributes_number, attributes_bool preserving native types
-	attributes := make(map[string]any, len(item.AttributesString)+len(item.AttributesNumber)+len(item.AttributesBool))
-	for k, v := range item.AttributesString {
-		attributes[k] = v
-	}
-	for k, v := range item.AttributesNumber {
-		attributes[k] = v
-	}
-	for k, v := range item.AttributesBool {
-		attributes[k] = v
-	}
-
-	resources := make(map[string]string)
-	maps.Copy(resources, item.ResourcesString)
-
-	events := make([]Event, 0, len(item.Events))
-	for _, eventStr := range item.Events {
-		var event Event
-		if err := json.Unmarshal([]byte(eventStr), &event); err != nil {
-			continue
-		}
-		events = append(events, event)
-	}
-
-	return &WaterfallSpan{
-		Attributes:         attributes,
-		DBName:             item.DBName,
-		DBOperation:        item.DBOperation,
-		DurationNano:       item.DurationNano,
-		Events:             events,
-		ExternalHTTPMethod: item.ExternalHTTPMethod,
-		ExternalHTTPURL:    item.ExternalHTTPURL,
-		Flags:              item.Flags,
-		HasError:           item.HasError,
-		HTTPHost:           item.HTTPHost,
-		HTTPMethod:         item.HTTPMethod,
-		HTTPURL:            item.HTTPURL,
-		IsRemote:           item.IsRemote,
-		Kind:               int32(item.Kind),
-		KindString:         item.SpanKind,
-		Links:              item.References,
-		Name:               item.Name,
-		ParentSpanID:       item.ParentSpanID,
-		Resource:           resources,
-		ResponseStatusCode: item.ResponseStatusCode,
-		SpanID:             item.SpanID,
-		StatusCode:         item.StatusCode,
-		StatusCodeString:   item.StatusCodeString,
-		StatusMessage:      item.StatusMessage,
-		Timestamp:          item.TimeUnixNano.Format(time.RFC3339Nano),
-		TraceID:            item.TraceID,
-		TraceState:         item.TraceState,
-		Children:           make([]*WaterfallSpan, 0),
-		TimeUnixNano:       uint64(item.TimeUnixNano.UnixNano()),
-		ServiceName:        item.ServiceName,
-	}
-}
-
-// TraceSummary is the ClickHouse scan struct for the trace_summary query.
-type TraceSummary struct {
-	TraceID  string    `ch:"trace_id"`
-	Start    time.Time `ch:"start"`
-	End      time.Time `ch:"end"`
-	NumSpans uint64    `ch:"num_spans"`
-}
-
-// OtelSpanRef is used for parsing the references/links JSON from ClickHouse.
-type OtelSpanRef struct {
-	TraceId string `json:"traceId,omitempty"`
-	SpanId  string `json:"spanId,omitempty"`
-	RefType string `json:"refType,omitempty"`
-}
-
-// WaterfallCache holds pre-processed trace data for caching.
-type WaterfallCache struct {
-	StartTime                     uint64                    `json:"startTime"`
-	EndTime                       uint64                    `json:"endTime"`
-	DurationNano                  uint64                    `json:"durationNano"`
-	TotalSpans                    uint64                    `json:"totalSpans"`
-	TotalErrorSpans               uint64                    `json:"totalErrorSpans"`
-	ServiceNameToTotalDurationMap map[string]uint64         `json:"serviceNameToTotalDurationMap"`
-	SpanIDToSpanNodeMap           map[string]*WaterfallSpan `json:"spanIdToSpanNodeMap"`
-	TraceRoots                    []*WaterfallSpan          `json:"traceRoots"`
-	HasMissingSpans               bool                      `json:"hasMissingSpans"`
-}
-
-func (c *WaterfallCache) Clone() cachetypes.Cacheable {
-	copyOfServiceNameToTotalDurationMap := make(map[string]uint64)
-	maps.Copy(copyOfServiceNameToTotalDurationMap, c.ServiceNameToTotalDurationMap)
-
-	copyOfSpanIDToSpanNodeMap := make(map[string]*WaterfallSpan)
-	maps.Copy(copyOfSpanIDToSpanNodeMap, c.SpanIDToSpanNodeMap)
-
-	copyOfTraceRoots := make([]*WaterfallSpan, len(c.TraceRoots))
-	copy(copyOfTraceRoots, c.TraceRoots)
-	return &WaterfallCache{
-		StartTime:                     c.StartTime,
-		EndTime:                       c.EndTime,
-		DurationNano:                  c.DurationNano,
-		TotalSpans:                    c.TotalSpans,
-		TotalErrorSpans:               c.TotalErrorSpans,
-		ServiceNameToTotalDurationMap: copyOfServiceNameToTotalDurationMap,
-		SpanIDToSpanNodeMap:           copyOfSpanIDToSpanNodeMap,
-		TraceRoots:                    copyOfTraceRoots,
-		HasMissingSpans:               c.HasMissingSpans,
-	}
-}
-
-func (c *WaterfallCache) MarshalBinary() (data []byte, err error) {
-	return json.Marshal(c)
-}
-
-func (c *WaterfallCache) UnmarshalBinary(data []byte) error {
-	return json.Unmarshal(data, c)
-}

tests/integration/conftest.py

@@ -12,7 +12,6 @@ pytest_plugins = [
     "fixtures.sqlite",
     "fixtures.zookeeper",
     "fixtures.signoz",
-    "fixtures.audit",
     "fixtures.logs",
     "fixtures.traces",
     "fixtures.metrics",

tests/integration/fixtures/audit.py

@@ -1,404 +0,0 @@
-import datetime
-import json
-from abc import ABC
-from typing import Any, Callable, Generator, List, Optional
-
-import numpy as np
-import pytest
-from ksuid import KsuidMs
-
-from fixtures import types
-from fixtures.fingerprint import LogsOrTracesFingerprint
-
-
-class AuditResource(ABC):
-    labels: str
-    fingerprint: str
-    seen_at_ts_bucket_start: np.int64
-
-    def __init__(
-        self,
-        labels: dict[str, str],
-        fingerprint: str,
-        seen_at_ts_bucket_start: np.int64,
-    ) -> None:
-        self.labels = json.dumps(labels, separators=(",", ":"))
-        self.fingerprint = fingerprint
-        self.seen_at_ts_bucket_start = seen_at_ts_bucket_start
-
-    def np_arr(self) -> np.array:
-        return np.array(
-            [
-                self.labels,
-                self.fingerprint,
-                self.seen_at_ts_bucket_start,
-            ]
-        )
-
-
-class AuditResourceOrAttributeKeys(ABC):
-    name: str
-    datatype: str
-
-    def __init__(self, name: str, datatype: str) -> None:
-        self.name = name
-        self.datatype = datatype
-
-    def np_arr(self) -> np.array:
-        return np.array([self.name, self.datatype])
-
-
-class AuditTagAttributes(ABC):
-    unix_milli: np.int64
-    tag_key: str
-    tag_type: str
-    tag_data_type: str
-    string_value: str
-    int64_value: Optional[np.int64]
-    float64_value: Optional[np.float64]
-
-    def __init__(
-        self,
-        timestamp: datetime.datetime,
-        tag_key: str,
-        tag_type: str,
-        tag_data_type: str,
-        string_value: Optional[str],
-        int64_value: Optional[np.int64],
-        float64_value: Optional[np.float64],
-    ) -> None:
-        self.unix_milli = np.int64(int(timestamp.timestamp() * 1e3))
-        self.tag_key = tag_key
-        self.tag_type = tag_type
-        self.tag_data_type = tag_data_type
-        self.string_value = string_value or ""
-        self.int64_value = int64_value
-        self.float64_value = float64_value
-
-    def np_arr(self) -> np.array:
-        return np.array(
-            [
-                self.unix_milli,
-                self.tag_key,
-                self.tag_type,
-                self.tag_data_type,
-                self.string_value,
-                self.int64_value,
-                self.float64_value,
-            ]
-        )
-
-
-class AuditLog(ABC):
-    """Represents a single audit log event in signoz_audit.
-
-    Matches the ClickHouse DDL from the schema migration (ticket #1936):
-    - Database: signoz_audit
-    - Local table: logs
-    - Distributed table: distributed_logs
-    - No resources_string column (resource JSON only)
-    - Has event_name column
-    - 7 materialized columns auto-populated from attributes_string at INSERT time
-    """
-
-    ts_bucket_start: np.uint64
-    resource_fingerprint: str
-    timestamp: np.uint64
-    observed_timestamp: np.uint64
-    id: str
-    trace_id: str
-    span_id: str
-    trace_flags: np.uint32
-    severity_text: str
-    severity_number: np.uint8
-    body: str
-    scope_name: str
-    scope_version: str
-    scope_string: dict[str, str]
-    attributes_string: dict[str, str]
-    attributes_number: dict[str, np.float64]
-    attributes_bool: dict[str, bool]
-    resource_json: dict[str, str]
-    event_name: str
-
-    resource: List[AuditResource]
-    tag_attributes: List[AuditTagAttributes]
-    resource_keys: List[AuditResourceOrAttributeKeys]
-    attribute_keys: List[AuditResourceOrAttributeKeys]
-
-    def __init__(
-        self,
-        timestamp: Optional[datetime.datetime] = None,
-        resources: dict[str, Any] = {},
-        attributes: dict[str, Any] = {},
-        body: str = "",
-        event_name: str = "",
-        severity_text: str = "INFO",
-        trace_id: str = "",
-        span_id: str = "",
-        trace_flags: np.uint32 = 0,
-        scope_name: str = "signoz.audit",
-        scope_version: str = "",
-    ) -> None:
-        if timestamp is None:
-            timestamp = datetime.datetime.now()
-        self.tag_attributes = []
-        self.attribute_keys = []
-        self.resource_keys = []
-
-        self.timestamp = np.uint64(int(timestamp.timestamp() * 1e9))
-        self.observed_timestamp = self.timestamp
-
-        minute = timestamp.minute
-        bucket_minute = 0 if minute < 30 else 30
-        bucket_start = timestamp.replace(minute=bucket_minute, second=0, microsecond=0)
-        self.ts_bucket_start = np.uint64(int(bucket_start.timestamp()))
-
-        self.id = str(KsuidMs(datetime=timestamp))
-
-        self.trace_id = trace_id
-        self.span_id = span_id
-        self.trace_flags = trace_flags
-
-        self.severity_text = severity_text
-        self.severity_number = np.uint8(9 if severity_text == "INFO" else 17)
-
-        self.body = body
-        self.event_name = event_name
-
-        # Resources — JSON column only (no resources_string in audit DDL)
-        self.resource_json = {k: str(v) for k, v in resources.items()}
-        for k, v in self.resource_json.items():
-            self.tag_attributes.append(
-                AuditTagAttributes(
-                    timestamp=timestamp,
-                    tag_key=k,
-                    tag_type="resource",
-                    tag_data_type="string",
-                    string_value=str(v),
-                    int64_value=None,
-                    float64_value=None,
-                )
-            )
-            self.resource_keys.append(
-                AuditResourceOrAttributeKeys(name=k, datatype="string")
-            )
-
-        self.resource_fingerprint = LogsOrTracesFingerprint(
-            self.resource_json
-        ).calculate()
-
-        # Process attributes by type
-        self.attributes_string = {}
-        self.attributes_number = {}
-        self.attributes_bool = {}
-
-        for k, v in attributes.items():
-            if isinstance(v, bool):
-                self.attributes_bool[k] = v
-                self.tag_attributes.append(
-                    AuditTagAttributes(
-                        timestamp=timestamp,
-                        tag_key=k,
-                        tag_type="tag",
-                        tag_data_type="bool",
-                        string_value=None,
-                        int64_value=None,
-                        float64_value=None,
-                    )
-                )
-                self.attribute_keys.append(
-                    AuditResourceOrAttributeKeys(name=k, datatype="bool")
-                )
-            elif isinstance(v, int):
-                self.attributes_number[k] = np.float64(v)
-                self.tag_attributes.append(
-                    AuditTagAttributes(
-                        timestamp=timestamp,
-                        tag_key=k,
-                        tag_type="tag",
-                        tag_data_type="int64",
-                        string_value=None,
-                        int64_value=np.int64(v),
-                        float64_value=None,
-                    )
-                )
-                self.attribute_keys.append(
-                    AuditResourceOrAttributeKeys(name=k, datatype="int64")
-                )
-            elif isinstance(v, float):
-                self.attributes_number[k] = np.float64(v)
-                self.tag_attributes.append(
-                    AuditTagAttributes(
-                        timestamp=timestamp,
-                        tag_key=k,
-                        tag_type="tag",
-                        tag_data_type="float64",
-                        string_value=None,
-                        int64_value=None,
-                        float64_value=np.float64(v),
-                    )
-                )
-                self.attribute_keys.append(
-                    AuditResourceOrAttributeKeys(name=k, datatype="float64")
-                )
-            else:
-                self.attributes_string[k] = str(v)
-                self.tag_attributes.append(
-                    AuditTagAttributes(
-                        timestamp=timestamp,
-                        tag_key=k,
-                        tag_type="tag",
-                        tag_data_type="string",
-                        string_value=str(v),
-                        int64_value=None,
-                        float64_value=None,
-                    )
-                )
-                self.attribute_keys.append(
-                    AuditResourceOrAttributeKeys(name=k, datatype="string")
-                )
-
-        self.scope_name = scope_name
-        self.scope_version = scope_version
-        self.scope_string = {}
-
-        self.resource = [
-            AuditResource(
-                labels=self.resource_json,
-                fingerprint=self.resource_fingerprint,
-                seen_at_ts_bucket_start=self.ts_bucket_start,
-            )
-        ]
-
-    def np_arr(self) -> np.array:
-        return np.array(
-            [
-                self.ts_bucket_start,
-                self.resource_fingerprint,
-                self.timestamp,
-                self.observed_timestamp,
-                self.id,
-                self.trace_id,
-                self.span_id,
-                self.trace_flags,
-                self.severity_text,
-                self.severity_number,
-                self.body,
-                self.scope_name,
-                self.scope_version,
-                self.scope_string,
-                self.attributes_string,
-                self.attributes_number,
-                self.attributes_bool,
-                self.resource_json,
-                self.event_name,
-            ]
-        )
-
-
-@pytest.fixture(name="insert_audit_logs", scope="function")
-def insert_audit_logs(
-    clickhouse: types.TestContainerClickhouse,
-) -> Generator[Callable[[List[AuditLog]], None], Any, None]:
-    def _insert_audit_logs(logs: List[AuditLog]) -> None:
-        resources: List[AuditResource] = []
-        for log in logs:
-            resources.extend(log.resource)
-
-        if len(resources) > 0:
-            clickhouse.conn.insert(
-                database="signoz_audit",
-                table="distributed_logs_resource",
-                data=[resource.np_arr() for resource in resources],
-                column_names=[
-                    "labels",
-                    "fingerprint",
-                    "seen_at_ts_bucket_start",
-                ],
-            )
-
-        tag_attributes: List[AuditTagAttributes] = []
-        for log in logs:
-            tag_attributes.extend(log.tag_attributes)
-
-        if len(tag_attributes) > 0:
-            clickhouse.conn.insert(
-                database="signoz_audit",
-                table="distributed_tag_attributes",
-                data=[ta.np_arr() for ta in tag_attributes],
-                column_names=[
-                    "unix_milli",
-                    "tag_key",
-                    "tag_type",
-                    "tag_data_type",
-                    "string_value",
-                    "int64_value",
-                    "float64_value",
-                ],
-            )
-
-        attribute_keys: List[AuditResourceOrAttributeKeys] = []
-        for log in logs:
-            attribute_keys.extend(log.attribute_keys)
-
-        if len(attribute_keys) > 0:
-            clickhouse.conn.insert(
-                database="signoz_audit",
-                table="distributed_logs_attribute_keys",
-                data=[ak.np_arr() for ak in attribute_keys],
-                column_names=["name", "datatype"],
-            )
-
-        resource_keys: List[AuditResourceOrAttributeKeys] = []
-        for log in logs:
-            resource_keys.extend(log.resource_keys)
-
-        if len(resource_keys) > 0:
-            clickhouse.conn.insert(
-                database="signoz_audit",
-                table="distributed_logs_resource_keys",
-                data=[rk.np_arr() for rk in resource_keys],
-                column_names=["name", "datatype"],
-            )
-
-        clickhouse.conn.insert(
-            database="signoz_audit",
-            table="distributed_logs",
-            data=[log.np_arr() for log in logs],
-            column_names=[
-                "ts_bucket_start",
-                "resource_fingerprint",
-                "timestamp",
-                "observed_timestamp",
-                "id",
-                "trace_id",
-                "span_id",
-                "trace_flags",
-                "severity_text",
-                "severity_number",
-                "body",
-                "scope_name",
-                "scope_version",
-                "scope_string",
-                "attributes_string",
-                "attributes_number",
-                "attributes_bool",
-                "resource",
-                "event_name",
-            ],
-        )
-
-    yield _insert_audit_logs
-
-    cluster = clickhouse.env["SIGNOZ_TELEMETRYSTORE_CLICKHOUSE_CLUSTER"]
-    for table in [
-        "logs",
-        "logs_resource",
-        "tag_attributes",
-        "logs_attribute_keys",
-        "logs_resource_keys",
-    ]:
-        clickhouse.conn.query(
-            f"TRUNCATE TABLE signoz_audit.{table} ON CLUSTER '{cluster}' SYNC"
-        )

tests/integration/fixtures/querier.py

@@ -38,7 +38,6 @@ class OrderBy:
 class BuilderQuery:
     signal: str
     name: str = "A"
-    source: Optional[str] = None
     limit: Optional[int] = None
     filter_expression: Optional[str] = None
     select_fields: Optional[List[TelemetryFieldKey]] = None
@@ -49,8 +48,6 @@ class BuilderQuery:
             "signal": self.signal,
             "name": self.name,
         }
-        if self.source:
-            spec["source"] = self.source
         if self.limit is not None:
             spec["limit"] = self.limit
         if self.filter_expression:
@@ -58,9 +55,7 @@ class BuilderQuery:
         if self.select_fields:
             spec["selectFields"] = [f.to_dict() for f in self.select_fields]
         if self.order:
-            spec["order"] = [
-                o.to_dict() if hasattr(o, "to_dict") else o for o in self.order
-            ]
+            spec["order"] = [o.to_dict() for o in self.order]
         return {"type": "builder_query", "spec": spec}
 
 
@@ -81,9 +76,7 @@ class TraceOperatorQuery:
         if self.limit is not None:
             spec["limit"] = self.limit
         if self.order:
-            spec["order"] = [
-                o.to_dict() if hasattr(o, "to_dict") else o for o in self.order
-            ]
+            spec["order"] = [o.to_dict() for o in self.order]
         return {"type": "builder_trace_operator", "spec": spec}
 
 
@@ -449,7 +442,6 @@ def build_scalar_query(
     signal: str,
     aggregations: List[Dict],
     *,
-    source: Optional[str] = None,
     group_by: Optional[List[Dict]] = None,
     order: Optional[List[Dict]] = None,
     limit: Optional[int] = None,
@@ -466,9 +458,6 @@ def build_scalar_query(
         "aggregations": aggregations,
     }
 
-    if source:
-        spec["source"] = source
-
     if group_by:
         spec["groupBy"] = group_by
 

tests/integration/src/auditquerier/01_audit_logs.py

@@ -1,441 +0,0 @@
-from datetime import datetime, timedelta, timezone
-from http import HTTPStatus
-from typing import Callable, List
-
-import pytest
-
-from fixtures import types
-from fixtures.audit import AuditLog
-from fixtures.auth import USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD
-from fixtures.querier import (
-    BuilderQuery,
-    build_logs_aggregation,
-    build_order_by,
-    build_scalar_query,
-    make_query_request,
-)
-
-
-def test_audit_list_all(
-    signoz: types.SigNoz,
-    create_user_admin: None,  # pylint: disable=unused-argument
-    get_token: Callable[[str, str], str],
-    insert_audit_logs: Callable[[List[AuditLog]], None],
-) -> None:
-    """List audit events across multiple resource types — verify count, ordering, and fields."""
-    now = datetime.now(tz=timezone.utc)
-    insert_audit_logs(
-        [
-            AuditLog(
-                timestamp=now - timedelta(seconds=3),
-                resources={
-                    "service.name": "signoz",
-                    "signoz.audit.resource.kind": "alert-rule",
-                    "signoz.audit.resource.id": "alert-001",
-                },
-                attributes={
-                    "signoz.audit.principal.id": "user-010",
-                    "signoz.audit.principal.email": "ops@acme.com",
-                    "signoz.audit.principal.type": "user",
-                    "signoz.audit.action": "create",
-                    "signoz.audit.outcome": "success",
-                },
-                body="ops@acme.com (user-010) created alert-rule (alert-001)",
-                event_name="alert-rule.created",
-                severity_text="INFO",
-            ),
-            AuditLog(
-                timestamp=now - timedelta(seconds=2),
-                resources={
-                    "service.name": "signoz",
-                    "signoz.audit.resource.kind": "saved-view",
-                    "signoz.audit.resource.id": "view-001",
-                },
-                attributes={
-                    "signoz.audit.principal.id": "user-010",
-                    "signoz.audit.principal.email": "ops@acme.com",
-                    "signoz.audit.principal.type": "user",
-                    "signoz.audit.action": "update",
-                    "signoz.audit.outcome": "success",
-                },
-                body="ops@acme.com (user-010) updated saved-view (view-001)",
-                event_name="saved-view.updated",
-                severity_text="INFO",
-            ),
-            AuditLog(
-                timestamp=now - timedelta(seconds=1),
-                resources={
-                    "service.name": "signoz",
-                    "signoz.audit.resource.kind": "user",
-                    "signoz.audit.resource.id": "user-020",
-                },
-                attributes={
-                    "signoz.audit.principal.id": "user-010",
-                    "signoz.audit.principal.email": "ops@acme.com",
-                    "signoz.audit.principal.type": "user",
-                    "signoz.audit.action": "update",
-                    "signoz.audit.action_category": "access_control",
-                    "signoz.audit.outcome": "success",
-                },
-                body="ops@acme.com (user-010) updated user (user-020)",
-                event_name="user.role.changed",
-                severity_text="INFO",
-            ),
-        ]
-    )
-    token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
-
-    now = datetime.now(tz=timezone.utc)
-    response = make_query_request(
-        signoz,
-        token,
-        start_ms=int((now - timedelta(seconds=30)).timestamp() * 1000),
-        end_ms=int(now.timestamp() * 1000),
-        queries=[
-            BuilderQuery(
-                signal="logs",
-                source="audit",
-                limit=100,
-                order=[build_order_by("timestamp"), build_order_by("id")],
-            ).to_dict()
-        ],
-        request_type="raw",
-    )
-
-    assert response.status_code == HTTPStatus.OK
-    assert response.json()["status"] == "success"
-
-    rows = response.json()["data"]["data"]["results"][0]["rows"]
-    assert len(rows) == 3
-
-    # Most recent first
-    assert rows[0]["data"]["event_name"] == "user.role.changed"
-    assert rows[1]["data"]["event_name"] == "saved-view.updated"
-    assert rows[2]["data"]["event_name"] == "alert-rule.created"
-
-    # Verify event_name and body are present
-    assert rows[0]["data"]["body"] == "ops@acme.com (user-010) updated user (user-020)"
-    assert rows[0]["data"]["severity_text"] == "INFO"
-
-
-@pytest.mark.parametrize(
-    "filter_expression,expected_count,expected_event_names",
-    [
-        pytest.param(
-            "signoz.audit.principal.id = 'user-001'",
-            3,
-            {"session.login", "dashboard.updated", "dashboard.created"},
-            id="filter_by_principal_id",
-        ),
-        pytest.param(
-            "signoz.audit.outcome = 'failure'",
-            1,
-            {"dashboard.deleted"},
-            id="filter_by_outcome_failure",
-        ),
-        pytest.param(
-            "signoz.audit.resource.kind = 'dashboard'"
-            " AND signoz.audit.resource.id = 'dash-001'",
-            3,
-            {"dashboard.deleted", "dashboard.updated", "dashboard.created"},
-            id="filter_by_resource_kind_and_id",
-        ),
-        pytest.param(
-            "signoz.audit.principal.type = 'service_account'",
-            1,
-            {"serviceaccount.apikey.created"},
-            id="filter_by_principal_type",
-        ),
-        pytest.param(
-            "signoz.audit.resource.kind = 'dashboard'"
-            " AND signoz.audit.action = 'delete'",
-            1,
-            {"dashboard.deleted"},
-            id="filter_by_resource_kind_and_action",
-        ),
-    ],
-)
-def test_audit_filter(
-    signoz: types.SigNoz,
-    create_user_admin: None,  # pylint: disable=unused-argument
-    get_token: Callable[[str, str], str],
-    insert_audit_logs: Callable[[List[AuditLog]], None],
-    filter_expression: str,
-    expected_count: int,
-    expected_event_names: set,
-) -> None:
-    """Parametrized audit filter tests covering the documented query patterns."""
-    now = datetime.now(tz=timezone.utc)
-    insert_audit_logs(
-        [
-            AuditLog(
-                timestamp=now - timedelta(seconds=5),
-                resources={
-                    "service.name": "signoz",
-                    "signoz.audit.resource.kind": "dashboard",
-                    "signoz.audit.resource.id": "dash-001",
-                },
-                attributes={
-                    "signoz.audit.principal.id": "user-001",
-                    "signoz.audit.principal.email": "alice@acme.com",
-                    "signoz.audit.principal.type": "user",
-                    "signoz.audit.action": "create",
-                    "signoz.audit.action_category": "configuration_change",
-                    "signoz.audit.outcome": "success",
-                },
-                body="alice@acme.com created dashboard",
-                event_name="dashboard.created",
-            ),
-            AuditLog(
-                timestamp=now - timedelta(seconds=4),
-                resources={
-                    "service.name": "signoz",
-                    "signoz.audit.resource.kind": "dashboard",
-                    "signoz.audit.resource.id": "dash-001",
-                },
-                attributes={
-                    "signoz.audit.principal.id": "user-001",
-                    "signoz.audit.principal.email": "alice@acme.com",
-                    "signoz.audit.principal.type": "user",
-                    "signoz.audit.action": "update",
-                    "signoz.audit.action_category": "configuration_change",
-                    "signoz.audit.outcome": "success",
-                },
-                body="alice@acme.com updated dashboard",
-                event_name="dashboard.updated",
-            ),
-            AuditLog(
-                timestamp=now - timedelta(seconds=3),
-                resources={
-                    "service.name": "signoz",
-                    "signoz.audit.resource.kind": "dashboard",
-                    "signoz.audit.resource.id": "dash-001",
-                },
-                attributes={
-                    "signoz.audit.principal.id": "user-002",
-                    "signoz.audit.principal.email": "viewer@acme.com",
-                    "signoz.audit.principal.type": "user",
-                    "signoz.audit.action": "delete",
-                    "signoz.audit.action_category": "configuration_change",
-                    "signoz.audit.outcome": "failure",
-                    "signoz.audit.error.type": "forbidden",
-                    "signoz.audit.error.code": "authz_forbidden",
-                },
-                body="viewer@acme.com failed to delete dashboard",
-                event_name="dashboard.deleted",
-                severity_text="ERROR",
-            ),
-            AuditLog(
-                timestamp=now - timedelta(seconds=2),
-                resources={
-                    "service.name": "signoz",
-                    "signoz.audit.resource.kind": "serviceaccount",
-                    "signoz.audit.resource.id": "sa-001",
-                },
-                attributes={
-                    "signoz.audit.principal.id": "sa-001",
-                    "signoz.audit.principal.email": "",
-                    "signoz.audit.principal.type": "service_account",
-                    "signoz.audit.action": "create",
-                    "signoz.audit.action_category": "access_control",
-                    "signoz.audit.outcome": "success",
-                },
-                body="sa-001 created serviceaccount",
-                event_name="serviceaccount.apikey.created",
-            ),
-            AuditLog(
-                timestamp=now - timedelta(seconds=1),
-                resources={
-                    "service.name": "signoz",
-                    "signoz.audit.resource.kind": "session",
-                    "signoz.audit.resource.id": "*",
-                },
-                attributes={
-                    "signoz.audit.principal.id": "user-001",
-                    "signoz.audit.principal.email": "alice@acme.com",
-                    "signoz.audit.principal.type": "user",
-                    "signoz.audit.action": "login",
-                    "signoz.audit.action_category": "access_control",
-                    "signoz.audit.outcome": "success",
-                },
-                body="alice@acme.com login session",
-                event_name="session.login",
-            ),
-        ]
-    )
-    token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
-
-    now = datetime.now(tz=timezone.utc)
-    response = make_query_request(
-        signoz,
-        token,
-        start_ms=int((now - timedelta(seconds=30)).timestamp() * 1000),
-        end_ms=int(now.timestamp() * 1000),
-        queries=[
-            BuilderQuery(
-                signal="logs",
-                source="audit",
-                limit=100,
-                filter_expression=filter_expression,
-                order=[build_order_by("timestamp"), build_order_by("id")],
-            ).to_dict()
-        ],
-        request_type="raw",
-    )
-
-    assert response.status_code == HTTPStatus.OK
-
-    rows = response.json()["data"]["data"]["results"][0]["rows"]
-    assert len(rows) == expected_count
-
-    actual_event_names = {row["data"]["event_name"] for row in rows}
-    assert actual_event_names == expected_event_names
-
-
-def test_audit_scalar_count_failures(
-    signoz: types.SigNoz,
-    create_user_admin: None,  # pylint: disable=unused-argument
-    get_token: Callable[[str, str], str],
-    insert_audit_logs: Callable[[List[AuditLog]], None],
-) -> None:
-    """Alert query — count multiple failures from different principals."""
-    now = datetime.now(tz=timezone.utc)
-    insert_audit_logs(
-        [
-            AuditLog(
-                timestamp=now - timedelta(seconds=3),
-                resources={
-                    "service.name": "signoz",
-                    "signoz.audit.resource.kind": "dashboard",
-                    "signoz.audit.resource.id": "dash-100",
-                },
-                attributes={
-                    "signoz.audit.principal.id": "user-050",
-                    "signoz.audit.principal.type": "user",
-                    "signoz.audit.action": "delete",
-                    "signoz.audit.outcome": "failure",
-                },
-                body="user-050 failed to delete dashboard",
-                event_name="dashboard.deleted",
-                severity_text="ERROR",
-            ),
-            AuditLog(
-                timestamp=now - timedelta(seconds=2),
-                resources={
-                    "service.name": "signoz",
-                    "signoz.audit.resource.kind": "alert-rule",
-                    "signoz.audit.resource.id": "alert-200",
-                },
-                attributes={
-                    "signoz.audit.principal.id": "user-060",
-                    "signoz.audit.principal.type": "user",
-                    "signoz.audit.action": "update",
-                    "signoz.audit.outcome": "failure",
-                },
-                body="user-060 failed to update alert-rule",
-                event_name="alert-rule.updated",
-                severity_text="ERROR",
-            ),
-            AuditLog(
-                timestamp=now - timedelta(seconds=1),
-                resources={
-                    "service.name": "signoz",
-                    "signoz.audit.resource.kind": "dashboard",
-                    "signoz.audit.resource.id": "dash-100",
-                },
-                attributes={
-                    "signoz.audit.principal.id": "user-050",
-                    "signoz.audit.principal.type": "user",
-                    "signoz.audit.action": "update",
-                    "signoz.audit.outcome": "success",
-                },
-                body="user-050 updated dashboard",
-                event_name="dashboard.updated",
-            ),
-        ]
-    )
-    token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
-
-    now = datetime.now(tz=timezone.utc)
-    response = make_query_request(
-        signoz,
-        token,
-        start_ms=int((now - timedelta(seconds=30)).timestamp() * 1000),
-        end_ms=int(now.timestamp() * 1000),
-        queries=[
-            build_scalar_query(
-                name="A",
-                signal="logs",
-                source="audit",
-                aggregations=[build_logs_aggregation("count()")],
-                filter_expression="signoz.audit.outcome = 'failure'",
-            )
-        ],
-        request_type="scalar",
-    )
-
-    assert response.status_code == HTTPStatus.OK
-    assert response.json()["status"] == "success"
-
-    scalar_data = response.json()["data"]["data"]["results"][0].get("data", [])
-    assert len(scalar_data) == 1
-    assert scalar_data[0][0] == 2
-
-
-def test_audit_does_not_leak_into_logs(
-    signoz: types.SigNoz,
-    create_user_admin: None,  # pylint: disable=unused-argument
-    get_token: Callable[[str, str], str],
-    insert_audit_logs: Callable[[List[AuditLog]], None],
-) -> None:
-    """A single audit event in signoz_audit must not appear in regular log queries."""
-    now = datetime.now(tz=timezone.utc)
-    insert_audit_logs(
-        [
-            AuditLog(
-                timestamp=now - timedelta(seconds=1),
-                resources={
-                    "service.name": "signoz",
-                    "signoz.audit.resource.kind": "organization",
-                    "signoz.audit.resource.id": "org-999",
-                },
-                attributes={
-                    "signoz.audit.principal.id": "user-admin",
-                    "signoz.audit.principal.type": "user",
-                    "signoz.audit.action": "update",
-                    "signoz.audit.outcome": "success",
-                },
-                body="user-admin updated organization (org-999)",
-                event_name="organization.updated",
-            ),
-        ]
-    )
-    token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
-
-    now = datetime.now(tz=timezone.utc)
-    response = make_query_request(
-        signoz,
-        token,
-        start_ms=int((now - timedelta(seconds=30)).timestamp() * 1000),
-        end_ms=int(now.timestamp() * 1000),
-        queries=[
-            BuilderQuery(
-                signal="logs",
-                limit=100,
-                order=[build_order_by("timestamp"), build_order_by("id")],
-            ).to_dict()
-        ],
-        request_type="raw",
-    )
-
-    assert response.status_code == HTTPStatus.OK
-
-    rows = response.json()["data"]["data"]["results"][0].get("rows") or []
-
-    audit_bodies = [
-        row["data"]["body"]
-        for row in rows
-        if "signoz.audit"
-        in row["data"].get("attributes_string", {}).get("signoz.audit.action", "")
-    ]
-    assert len(audit_bodies) == 0