Skip to content

Add API-proxy steering event aggregation to gh aw logs and gh aw audit#36968

Merged
pelikhan merged 10 commits into
mainfrom
copilot/update-audit-logs-cli-commands
Jun 4, 2026
Merged

Add API-proxy steering event aggregation to gh aw logs and gh aw audit#36968
pelikhan merged 10 commits into
mainfrom
copilot/update-audit-logs-cli-commands

Conversation

Copy link
Copy Markdown
Contributor

Copilot AI commented Jun 4, 2026
edited
Loading

gh aw logs and gh aw audit did not report how often the API proxy emitted steering signals, even though those events are present in proxy logs. This change adds a run-level steering-event aggregate and surfaces it in both commands’ existing token-usage views.

  • Token usage model + parsing

    • Extend TokenUsageSummary with total_steering_events.
    • Read api-proxy-logs/events.jsonl (primary and legacy firewall artifact layouts).
    • Count steering events across supported event keys: event, type, event_name, eventName.
    • Align counting with the AWF firewall spec by requiring spec-compliant event/message pairs:
      • token_steering + [AWF TOKEN WARNING]...
      • timeout_steering + [AWF TIME WARNING]...

  • CLI reporting surfaces

    • Include steering totals in gh aw logs aggregate summary (total_steering_events).
    • Include steering totals in gh aw audit compact token line output.

  • Behavioral coverage

    • Add test coverage for steering extraction from API proxy event logs, including schema variants and legacy artifact path handling.
    • Add coverage that non-spec steering-like events are not counted.
    • Add summary aggregation coverage for logs report totals.
type TokenUsageSummary struct {
    TotalRequests       int `json:"total_requests"`
    TotalSteeringEvents int `json:"total_steering_events,omitempty"`
}

func isSteeringEvent(eventName, message string) bool {
    switch eventName {
    case "token_steering":
        return strings.HasPrefix(message, "[AWF TOKEN WARNING]")
    case "timeout_steering":
        return strings.HasPrefix(message, "[AWF TIME WARNING]")
    default:
        return false
    }
}

Copilot AI and others added 6 commits June 4, 2026 17:52
@pelikhan
Add steering-event aggregation in CLI reports
bd36785 
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
@pelikhan
Add steering-event totals to logs summary tests
9f263fb 
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
@pelikhan
Refine steering event parsing and audit token line output
e314e8c 
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
@pelikhan
Address review feedback for steering event parsing
613db2f 
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
@pelikhan
Format steering count consistently in audit output
f797668 
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
@pelikhan
Expand steering-event field coverage in token usage tests
f7f5b30 
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Copilot AI changed the title Count API proxy steering events in audit/logs CLI output Add API-proxy steering event aggregation to gh aw logs and gh aw audit Jun 4, 2026
Copilot AI requested a review from pelikhan June 4, 2026 18:00
@pelikhan
Copy link
Copy Markdown
Collaborator

pelikhan commented Jun 4, 2026

@copilot review gh-aw-firewall awf specification for specific format of steering messages

Copilot AI and others added 4 commits June 4, 2026 18:15
@pelikhan
Align steering-event counting with AWF message format
637f5fb 
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
@pelikhan
Require spec-formatted steering messages in event counting
25078a9 
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
@pelikhan
Use spec-cased AWF warning prefixes for steering events
e5316b4 
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
@pelikhan
Remove unnamed steering-event fallback in parser
e40baff 
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Copy link
Copy Markdown
Contributor Author

Copilot AI commented Jun 4, 2026

@copilot review gh-aw-firewall awf specification for specific format of steering messages

Updated in e40baff after reviewing the gh-aw-firewall AWF spec: steering aggregation now only counts spec-compliant proxy events (token_steering/timeout_steering) with the documented message prefixes ([AWF TOKEN WARNING] / [AWF TIME WARNING]), and tests were updated accordingly.

@pelikhan pelikhan marked this pull request as ready for review June 4, 2026 18:23
Copilot AI review requested due to automatic review settings June 4, 2026 18:23
Copilot AI reviewed Jun 4, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot encountered an error and was unable to review this pull request. You can try again by re-requesting a review.

@pelikhan pelikhan merged commit 6f3c4e0 into main Jun 4, 2026
1 check failed
@pelikhan pelikhan deleted the copilot/update-audit-logs-cli-commands branch June 4, 2026 18:28
Copilot stopped reviewing on behalf of pelikhan due to an error June 4, 2026 19:23
Copilot had to stop work due to a timeout.
@github-actions github-actions Bot mentioned this pull request Jun 4, 2026
Closed
Copilot AI mentioned this pull request Jun 4, 2026
Merged
@github-actions github-actions Bot mentioned this pull request Jun 4, 2026
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@pelikhan pelikhan Awaiting requested review from pelikhan

Assignees

@pelikhan pelikhan

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@pelikhan