api/proto/teleport/usageevents/v1/usageevents.proto

// Copyright 2022 Gravitational, Inc
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//      http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

syntax = "proto3";

package teleport.usageevents.v1;

option go_package = "github.com/gravitational/teleport/api/gen/proto/go/usageevents/v1;usageeventsv1";

// UIBannerClickEvent is a usage event sent by the UI when the upgrade
// banner is clicked.
message UIBannerClickEvent {
  // The cluster alert name.
  string alert = 1;
}

// UIOnboardCompleteGoToDashboardClickEvent is a UI event sent when initial
// registration is complete.
message UIOnboardCompleteGoToDashboardClickEvent {
  // The event username. Not extracted from identity as this is pre-registration.
  string username = 1;
}

// UIOnboardAddFirstResourceClickEvent is a UI event sent when a user clicks the
// "add first resource" button.
message UIOnboardAddFirstResourceClickEvent {}

// UIOnboardAddFirstResourceLaterClickEvent is a UI event sent when a user
// clicks the "add first resource later" button.
message UIOnboardAddFirstResourceLaterClickEvent {}

// UIOnboardSetCredentialSubmitEvent is a UI event sent during registration when
// users configure their credentials.
message UIOnboardSetCredentialSubmitEvent {
  // The event username. Not extracted from identity as this is pre-registration.
  string username = 1;
}

// UIOnboardQuestionnaireSubmitEvent is a UI event sent during registration when
// the user submits their onboarding questionnaire.
message UIOnboardQuestionnaireSubmitEvent {
  // The event username. Not extracted from identity as this is pre-registration.
  string username = 1;
}

// UIOnboardRegisterChallengeSubmitEvent is a UI event sent during registration
// when the MFA challenge is completed.
message UIOnboardRegisterChallengeSubmitEvent {
  // The event username. Not extracted from identity as this is pre-registration.
  string username = 1;
  // The type of MFA used.
  string mfa_type = 2;
  // The type of login used.
  string login_flow = 3;
}

// UIRecoveryCodesContinueClickEvent is a UI event sent during
// registration when the user configures cluster recovery codes.
message UIRecoveryCodesContinueClickEvent {
  // The event username. Not extracted from identity as this is pre-registration.
  string username = 1;
}

// UIRecoveryCodesCopyClickEvent is a UI event sent during
// registration when the user copies recovery codes.
message UIRecoveryCodesCopyClickEvent {
  // The event username. Not extracted from identity as this is pre-registration.
  string username = 1;
}

// UIRecoveryCodesPrintClickEvent is a UI event sent during
// registration when the user prints recovery codes.
message UIRecoveryCodesPrintClickEvent {
  // The event username. Not extracted from identity as this is pre-registration.
  string username = 1;
}

// DiscoverMetadata contains common metadata for Discover related events.
message DiscoverMetadata {
  // Uniquely identifies Discover wizard "session". Will allow to correlate
  // events within the same Discover wizard run.
  string id = 1;
}

// DiscoverResource represents a resource type.
enum DiscoverResource {
  DISCOVER_RESOURCE_UNSPECIFIED = 0;
  DISCOVER_RESOURCE_SERVER = 1;
  DISCOVER_RESOURCE_KUBERNETES = 2;
  DISCOVER_RESOURCE_DATABASE_POSTGRES_SELF_HOSTED = 3;
  DISCOVER_RESOURCE_DATABASE_MYSQL_SELF_HOSTED = 4;
  DISCOVER_RESOURCE_DATABASE_MONGODB_SELF_HOSTED = 5;
  DISCOVER_RESOURCE_DATABASE_POSTGRES_RDS = 6;
  DISCOVER_RESOURCE_DATABASE_MYSQL_RDS = 7;
  DISCOVER_RESOURCE_APPLICATION_HTTP = 8;
  DISCOVER_RESOURCE_APPLICATION_TCP = 9;
  DISCOVER_RESOURCE_WINDOWS_DESKTOP = 10;
  DISCOVER_RESOURCE_DATABASE_SQLSERVER_RDS = 11;
  DISCOVER_RESOURCE_DATABASE_POSTGRES_REDSHIFT = 12;
  DISCOVER_RESOURCE_DATABASE_SQLSERVER_SELF_HOSTED = 13;
  DISCOVER_RESOURCE_DATABASE_REDIS_SELF_HOSTED = 14;
  DISCOVER_RESOURCE_DATABASE_POSTGRES_GCP = 15;
  DISCOVER_RESOURCE_DATABASE_MYSQL_GCP = 16;
  DISCOVER_RESOURCE_DATABASE_SQLSERVER_GCP = 17;

  DISCOVER_RESOURCE_DATABASE_POSTGRES_REDSHIFT_SERVERLESS = 18;
  DISCOVER_RESOURCE_DATABASE_POSTGRES_AZURE = 19;
  DISCOVER_RESOURCE_DATABASE_DYNAMODB = 20;
  DISCOVER_RESOURCE_DATABASE_CASSANDRA_KEYSPACES = 21;
  DISCOVER_RESOURCE_DATABASE_CASSANDRA_SELF_HOSTED = 22; // Cassandra & ScyllaDb
  DISCOVER_RESOURCE_DATABASE_ELASTICSEARCH_SELF_HOSTED = 23;
  DISCOVER_RESOURCE_DATABASE_REDIS_ELASTICACHE = 24; // Elasticache & MemoryDb
  DISCOVER_RESOURCE_DATABASE_REDIS_MEMORYDB = 25;
  DISCOVER_RESOURCE_DATABASE_REDIS_AZURE_CACHE = 26;
  DISCOVER_RESOURCE_DATABASE_REDIS_CLUSTER_SELF_HOSTED = 27;

  DISCOVER_RESOURCE_DATABASE_MYSQL_AZURE = 28;
  DISCOVER_RESOURCE_DATABASE_SQLSERVER_AZURE = 29;
  DISCOVER_RESOURCE_DATABASE_SQLSERVER_MICROSOFT = 30;
  DISCOVER_RESOURCE_DATABASE_COCKROACHDB_SELF_HOSTED = 31;
  DISCOVER_RESOURCE_DATABASE_MONGODB_ATLAS = 32;
  DISCOVER_RESOURCE_DATABASE_SNOWFLAKE = 33;

  DISCOVER_RESOURCE_DOC_DATABASE_RDS_PROXY = 34;
  DISCOVER_RESOURCE_DOC_DATABASE_HIGH_AVAILABILITY = 35;
  DISCOVER_RESOURCE_DOC_DATABASE_DYNAMIC_REGISTRATION = 36;

  DISCOVER_RESOURCE_SAML_APPLICATION = 37;

  DISCOVER_RESOURCE_EC2_INSTANCE = 38;
}

// DiscoverResourceMetadata contains common metadata identifying resource type being added.
message DiscoverResourceMetadata {
  // Resource type that is being added.
  DiscoverResource resource = 1;
}

// DiscoverStatus represents a Discover Step outcome.
enum DiscoverStatus {
  DISCOVER_STATUS_UNSPECIFIED = 0;
  // The user tried to complete the action and it succeeded.
  DISCOVER_STATUS_SUCCESS = 1;
  // The system skipped the step.
  // For example:
  // When setting up a Database and there's already a Database Service proxying the DB.
  // In this case the Database Agent installation is skipped.
  DISCOVER_STATUS_SKIPPED = 2;
  // The user tried to complete the action and it failed.
  DISCOVER_STATUS_ERROR = 3;
  // The user did not complete the action and left the wizard.
  DISCOVER_STATUS_ABORTED = 4;
}

// DiscoverStepStatus contains fields that track a particular step outcome,
// for example connection test failed or succeeded, or user aborted the step.
message DiscoverStepStatus {
  // Indicates the step outcome.
  DiscoverStatus status = 1;
  // Contains error details in case of Error Status.
  // We have to be careful to not include any identifyable infomation like server addresses here.
  string error = 2;
}

// UIDiscoverStartedEvent is emitted when the wizard opens.
message UIDiscoverStartedEvent {
  DiscoverMetadata metadata = 1;
  DiscoverStepStatus status = 2;
}

// UIDiscoverResourceSelectionEvent is emitted when user selected resource type to add
// and proceeded to the next step.
message UIDiscoverResourceSelectionEvent {
  DiscoverMetadata metadata = 1;
  DiscoverResourceMetadata resource = 2;
  DiscoverStepStatus status = 3;
}

// UIDiscoverIntegrationAWSOIDCConnectEvent is emitted when a user is finished with the step
// that asks user to setup aws integration or select from a list of existing
// aws integrations.
message UIDiscoverIntegrationAWSOIDCConnectEvent {
  DiscoverMetadata metadata = 1;
  DiscoverResourceMetadata resource = 2;
  DiscoverStepStatus status = 3;
}

// UIDiscoverDatabaseRDSEnrollEvent is emitted when a user is finished with
// the step that asks user to select from a list of RDS databases.
message UIDiscoverDatabaseRDSEnrollEvent {
  DiscoverMetadata metadata = 1;
  DiscoverResourceMetadata resource = 2;
  DiscoverStepStatus status = 3;
  int64 selected_resources_count = 4;
}

// UICallToActionClickEvent is emmited when a user clicks a Teleport Web UI's CTA.
message UICallToActionClickEvent {
  CTA cta = 1;
}

// CTA represents teleport web UI's call to action buttons.
// We can't use prehog.v1alpha.CTA here because AuthService (and thus this file)
// is generated with gogofast, so we just copy the enum definition here instead.
// Make sure you update both.
enum CTA {
  CTA_UNSPECIFIED = 0;
  CTA_AUTH_CONNECTOR = 1;
  CTA_ACTIVE_SESSIONS = 2;
  CTA_ACCESS_REQUESTS = 3;
  CTA_PREMIUM_SUPPORT = 4;
  CTA_TRUSTED_DEVICES = 5;
  CTA_UPGRADE_BANNER = 6;
  CTA_BILLING_SUMMARY = 7;
  CTA_ACCESS_LIST = 8;
  CTA_ACCESS_MONITORING = 9;
  CTA_EXTERNAL_AUDIT_STORAGE = 10;
}

// UIDiscoverDeployServiceEvent is emitted after the user installs a Teleport Agent.
// For SSH this is the Teleport 'install-node' script.
//
// For Kubernetes this is the teleport-agent helm chart installation.
//
// For Database Access this step is the installation of the teleport 'install-db' script.
// It can be skipped if the cluster already has a Database Service capable of proxying the database.
message UIDiscoverDeployServiceEvent {
  DiscoverMetadata metadata = 1;
  DiscoverResourceMetadata resource = 2;
  DiscoverStepStatus status = 3;

  // DeployMethod describes the method used to deploy a service.
  enum DeployMethod {
    // DEPLOY_METHOD_UNSPECIFIED means there was an existing service
    // so deploying step got skipped.
    DEPLOY_METHOD_UNSPECIFIED = 0;
    // DEPLOY_METHOD_AUTO means Teleport deployed a service for the user.
    DEPLOY_METHOD_AUTO = 1;
    // DEPLOY_METHOD_MANUAL means a user deployed a service by themselves.
    DEPLOY_METHOD_MANUAL = 2;
  }

  DeployMethod deploy_method = 4;

  // DeployType describes the type of deployment.
  enum DeployType {
    // DEPLOY_METHOD_UNSPECIFIED means there was an existing service
    // so deploying step got skipped.
    DEPLOY_TYPE_UNSPECIFIED = 0;
    // DEPLOY_TYPE_INSTALL_SCRIPT means service was deployed using an
    // install script.
    DEPLOY_TYPE_INSTALL_SCRIPT = 1;
    // DEPLOY_TYPE_AMAZON_ECS means service was deployed using amazon's
    // elastic container service.
    DEPLOY_TYPE_AMAZON_ECS = 2;
  }

  DeployType deploy_type = 5;
}

// UIDiscoverDatabaseRegisterEvent is emitted when a user is finished with the step that registers a database resource.
message UIDiscoverDatabaseRegisterEvent {
  DiscoverMetadata metadata = 1;
  DiscoverResourceMetadata resource = 2;
  DiscoverStepStatus status = 3;
}

// UIDiscoverDatabaseConfigureMTLSEvent is emitted when a user is finished with the step that configures mutual TLS for a self-hosted database.
message UIDiscoverDatabaseConfigureMTLSEvent {
  DiscoverMetadata metadata = 1;
  DiscoverResourceMetadata resource = 2;
  DiscoverStepStatus status = 3;
}

// UIDiscoverDesktopActiveDirectoryToolsInstallEvent is emitted when the user is finished with the step that asks user to run the install Active Directory tools script for the Desktop flow.
message UIDiscoverDesktopActiveDirectoryToolsInstallEvent {
  DiscoverMetadata metadata = 1;
  DiscoverResourceMetadata resource = 2;
  DiscoverStepStatus status = 3;
}

// UIDiscoverDesktopActiveDirectoryConfigureEvent is emitted when the user is finished with the step that asks user to run the Configure Active Directory script for the Desktop flow.
message UIDiscoverDesktopActiveDirectoryConfigureEvent {
  DiscoverMetadata metadata = 1;
  DiscoverResourceMetadata resource = 2;
  DiscoverStepStatus status = 3;
}

// UIDiscoverAutoDiscoveredResourcesEvent is emitted when the user is finished with the step that auto discovers resources (waiting until resources show up).
// resources_count field must reflect the latest amount of discovered resources (get the number after user is finished with this step).
message UIDiscoverAutoDiscoveredResourcesEvent {
  DiscoverMetadata metadata = 1;
  DiscoverResourceMetadata resource = 2;
  DiscoverStepStatus status = 3;
  int64 resources_count = 4;
}

// UIDiscoverEC2InstanceSelectionEvent is emitted when the user is finished with the step that asks the user to select an EC2 Instance to enroll.
message UIDiscoverEC2InstanceSelectionEvent {
  DiscoverMetadata metadata = 1;
  DiscoverResourceMetadata resource = 2;
  DiscoverStepStatus status = 3;
}

// UIDiscoverDeployEICEEvent is emitted when the user deploys an EC2 Instance Connect Endpoint.
message UIDiscoverDeployEICEEvent {
  DiscoverMetadata metadata = 1;
  DiscoverResourceMetadata resource = 2;
  DiscoverStepStatus status = 3;
}

// UIDiscoverCreateNodeEvent is emitted when the node is created in Teleport.
message UIDiscoverCreateNodeEvent {
  DiscoverMetadata metadata = 1;
  DiscoverResourceMetadata resource = 2;
  DiscoverStepStatus status = 3;
}

// UIDiscoverDatabaseConfigureIAMPolicyEvent is emitted when a user is finished with the step that configures IAM policy for an RDS database.
message UIDiscoverDatabaseConfigureIAMPolicyEvent {
  DiscoverMetadata metadata = 1;
  DiscoverResourceMetadata resource = 2;
  DiscoverStepStatus status = 3;
}

// UIDiscoverPrincipalsConfigureEvent is emitted when a user is finished with the step that allows user to update their principals (setting up access).
message UIDiscoverPrincipalsConfigureEvent {
  DiscoverMetadata metadata = 1;
  DiscoverResourceMetadata resource = 2;
  DiscoverStepStatus status = 3;
}

// UIDiscoverTestConnectionEvent emitted on the "Test Connection" screen
// when the user clicked tested connection to their resource.
message UIDiscoverTestConnectionEvent {
  DiscoverMetadata metadata = 1;
  DiscoverResourceMetadata resource = 2;
  DiscoverStepStatus status = 3;
}

// UIDiscoverCompletedEvent is emitted when user completes the Discover wizard.
message UIDiscoverCompletedEvent {
  DiscoverMetadata metadata = 1;
  DiscoverResourceMetadata resource = 2;
  DiscoverStepStatus status = 3;
}

// UICreateNewRoleClickEvent is an event that can be triggered during custom role creation
message UICreateNewRoleClickEvent {}

// UICreateNewRoleSaveClickEvent is an event that can be triggered during custom role creation
message UICreateNewRoleSaveClickEvent {}

// UICreateNewRoleCancelClickEvent is an event that can be triggered during custom role creation
message UICreateNewRoleCancelClickEvent {}

// UICreateNewRoleViewDocumentationClickEvent is an event that can be triggered during custom role creation
message UICreateNewRoleViewDocumentationClickEvent {}

// AssistCompletionEvent is an event that is emitted when a completion occurs in the Assistant
message AssistCompletionEvent {
  // ConversationId is the UUID that identifies a single Assist conversation
  string conversation_id = 1;
  // TotalTokens is the total amount of token used to satisfy this request
  int64 total_tokens = 2;
  // PromptTokens is the amount of estimated tokens used by the prompt
  int64 prompt_tokens = 3;
  // CompletionTokens is the amount of tokens that the completion response consists of
  int64 completion_tokens = 4;
}

// AssistExecutionEvent is an event that is emitted when an Assist command
// execution is triggered by the user.
message AssistExecutionEvent {
  // ConversationId is the UUID that identifies a single Assist conversation
  string conversation_id = 1;
  // NodeCount is the number of nodes the command was executed on
  int64 node_count = 2;
  // TotalTokens is the total amount of token used to satisfy this request
  int64 total_tokens = 3;
  // PromptTokens is the amount of estimated tokens used by the prompt
  int64 prompt_tokens = 4;
  // CompletionTokens is the amount of tokens that the completion response consists of
  int64 completion_tokens = 5;
}

// AssistNewConversationEvent is an event that is emitted for each new Assist
// conversation and contains the conversation category.
message AssistNewConversationEvent {
  // Category is the conversation category. This represents what kind of request
  // the user is asking Assist.
  string category = 1;
}

// AssistAccessRequest is an event that is emitted when a user requests access
// to a resource via Assist.
message AssistAccessRequest {
  // ResourceType describes the type of resource the user is requesting access to, e.g. "node", "db", "k8s" or "role".
  string resource_type = 1;
  // TotalTokens is the total amount of token used to generate the command summary
  int64 total_tokens = 2;
  // PromptTokens is the amount of estimated tokens used by the prompt to generate the command summary
  int64 prompt_tokens = 3;
  // CompletionTokens is the amount of tokens that the summary completion response consists of
  int64 completion_tokens = 4;
}

// AssistAction is an event that is emitted when a user triggers an action (SSH command generation, output explain, etc.)
// via Assist.
message AssistAction {
  // Action is the action that was triggered, e.g. "ssh-explain", "ssh-command-generate", etc.
  string action = 1;
  // TotalTokens is the total amount of token used to generate the command summary
  int64 total_tokens = 2;
  // PromptTokens is the amount of estimated tokens used by the prompt to generate the command summary
  int64 prompt_tokens = 3;
  // CompletionTokens is the amount of tokens that the summary completion response consists of
  int64 completion_tokens = 4;
}

// AccessListMetadata contains common metadata for Access List related events.
message AccessListMetadata {
  // Uniquely identifies an Access List. Will allow correlation of events within an access list.
  string id = 1;
}

// AccessListCreate is an event that is emitted when an access list is created.
message AccessListCreate {
  AccessListMetadata metadata = 1;
}

// AccessListUpdate is an event that is emitted when an access list is updated.
message AccessListUpdate {
  AccessListMetadata metadata = 1;
}

// AccessListDelete is an event that is emitted when an access list is deleted.
message AccessListDelete {
  AccessListMetadata metadata = 1;
}

// AccessListMemberCreate is an event that is emitted when a member is added to an access list.
message AccessListMemberCreate {
  AccessListMetadata metadata = 1;
}

// AccessListMemberCreate is an event that is emitted when a member is updated in an access list.
message AccessListMemberUpdate {
  AccessListMetadata metadata = 1;
}

// AccessListMemberDelete is an event that is emitted when a member is removed from an access list.
message AccessListMemberDelete {
  AccessListMetadata metadata = 1;
}

// AccessListGrantsToUser is an event that is emitted when access list permissions are granted to a user
// on login.
message AccessListGrantsToUser {
  // count_roles_granted is the number of roles granted to a user.
  int32 count_roles_granted = 1;

  // count_traits_granted is the number of traits granted to a user.
  int32 count_traits_granted = 2;
}

// AccessListReviewCreate is an event that is emitted when an access list review is created.
message AccessListReviewCreate {
  AccessListMetadata metadata = 1;

  // days_past_next_audit_date is how many days past the next audit date the review came in. Can be negative.
  int32 days_past_next_audit_date = 2;

  // membership_requirements_changed indicates that the membership requirements were changed.
  bool membership_requirements_changed = 3;

  // review_frequency_changed indicates that the review frequency was changed.
  bool review_frequency_changed = 4;

  // review_day_of_month_changed indicates that the review day of month was changed.
  bool review_day_of_month_changed = 5;

  // number_of_removed_members is how many members were removed as part of this review.
  int32 number_of_removed_members = 6;
}

// AccessListReviewDelete is an event that is emitted when an access list review is deleted.
message AccessListReviewDelete {
  AccessListMetadata metadata = 1;

  // access_list_review_id is the unique identifier for the access list review.
  string access_list_review_id = 2;
}

// IntegrationEnrollKind represents the types of integration that
// can be enrolled.
enum IntegrationEnrollKind {
  INTEGRATION_ENROLL_KIND_UNSPECIFIED = 0;
  INTEGRATION_ENROLL_KIND_SLACK = 1;
  INTEGRATION_ENROLL_KIND_AWS_OIDC = 2;
  INTEGRATION_ENROLL_KIND_PAGERDUTY = 3;
  INTEGRATION_ENROLL_KIND_EMAIL = 4;
  INTEGRATION_ENROLL_KIND_JIRA = 5;
  INTEGRATION_ENROLL_KIND_DISCORD = 6;
  INTEGRATION_ENROLL_KIND_MATTERMOST = 7;
  INTEGRATION_ENROLL_KIND_MS_TEAMS = 8;
  INTEGRATION_ENROLL_KIND_OPSGENIE = 9;
  INTEGRATION_ENROLL_KIND_OKTA = 10;
  INTEGRATION_ENROLL_KIND_JAMF = 11;
  INTEGRATION_ENROLL_KIND_MACHINE_ID = 12;
  INTEGRATION_ENROLL_KIND_MACHINE_ID_GITHUB_ACTIONS = 13;
  INTEGRATION_ENROLL_KIND_MACHINE_ID_CIRCLECI = 14;
  INTEGRATION_ENROLL_KIND_MACHINE_ID_GITLAB = 15;
  INTEGRATION_ENROLL_KIND_MACHINE_ID_JENKINS = 16;
  INTEGRATION_ENROLL_KIND_MACHINE_ID_ANSIBLE = 17;
  INTEGRATION_ENROLL_KIND_SERVICENOW = 18;
}

// IntegrationEnrollMetadata contains common metadata
// for Integration Enroll related events.
message IntegrationEnrollMetadata {
  // id is used as a unique identifier to correlate events within the
  // same enroll wizard run.
  string id = 1;
  // kind identifies what type of integration the user clicked on to enroll.
  IntegrationEnrollKind kind = 2;
  // user_name is anonymized.
  string user_name = 3;
}

// UIIntegrationEnrollEvent is an event that is emitted when a user
// clicks on a integration to enroll.
message UIIntegrationEnrollStartEvent {
  IntegrationEnrollMetadata metadata = 1;
}

// UIIntegrationEnrollEvent is an event that is emitted when a user
// completed enrolling an integration.
message UIIntegrationEnrollCompleteEvent {
  IntegrationEnrollMetadata metadata = 1;
}

// ResourceCreateEvent is emitted when a resource is created.
message ResourceCreateEvent {
  // resource_type is the type of resource ("node", "node.openssh", "db", "k8s", "app").
  string resource_type = 1;
  // resource_origin is the origin of the resource ("cloud", "kubernetes").
  string resource_origin = 2;
  // cloud_provider is the cloud provider the resource came from ("AWS", "Azure", "GCP")
  // if resource_origin == "cloud".
  string cloud_provider = 3;
  // database contains additional database information if resource_type == "db".
  DiscoveredDatabaseMetadata database = 4;
}

// DiscoveredDatabaseMetadata contains additional database information.
message DiscoveredDatabaseMetadata {
  // database type.
  string db_type = 1;
  // database protocol.
  string db_protocol = 2;
}

// FeatureRecommendationEvent captures event emitted when a feature is recommended to user or
// when user completes the desired CTA for the feature.
//
// PostHost event: tp.ui.feature.recommendation
message FeatureRecommendationEvent {
  // anonymized Teleport username, 32 bytes (HMAC-SHA-256) encoded in base64;
  //
  // PostHog property: tp.user_name
  string user_name = 1;
  // feature is name of the Teleport feature.
  //
  // PostHost property: tp.feature
  Feature feature = 2;
  // feature_recommendation_status records recommendation state, which can be 'NOTIFIED' (feature is recommended)
  // OR 'DONE' (user completes desired CTA)
  //
  // PostHost property: tp.feature_recommendation_status
  FeatureRecommendationStatus feature_recommendation_status = 3;
}

// Feature is name of Teleport feature
enum Feature {
  FEATURE_UNSPECIFIED = 0;
  FEATURE_TRUSTED_DEVICES = 1;
}

// FeatureRecommendationStatus is feature recommendation status.
enum FeatureRecommendationStatus {
  FEATURE_RECOMMENDATION_STATUS_UNSPECIFIED = 0;
  // FEATURE_RECOMMENDATION_STATUS_NOTIFIED is emitted when a feature is recommended (notified in UI) to user.
  FEATURE_RECOMMENDATION_STATUS_NOTIFIED = 1;
  // FEATURE_RECOMMENDATION_STATUS_DONE is emitted when user completes the desired CTA.
  FEATURE_RECOMMENDATION_STATUS_DONE = 2;
}

// TAGExecuteQueryEvent is an event that is emitted
// when a single query is executed in the Teleport Access Graph.
// This event is emitted for both successful and failed queries and for
// successful queries, the total number of nodes and edges is reported.
message TAGExecuteQueryEvent {
  // total_nodes is the total amount of nodes returned by the query.
  int64 total_nodes = 1;
  // total_edges is the total amount of edges returned by the query.
  int64 total_edges = 2;
  // is_success is true if the query was successful and false it if failed.
  bool is_success = 3;
}

// SecurityReportGetResultEvent is emitted when the user requests a security report.
message SecurityReportGetResultEvent {
  // name is the name of the security report.
  string name = 1;
  // days is the time range of the security reports in days.
  int32 days = 2;
}

// DiscoveryFetchEvent is emitted when a DiscoveryService polls for new resources of a given type
message DiscoveryFetchEvent {
  // cloud_provider is the cloud provider used to fetch resources
  // Eg, AWS, Azure, GCP, Kubernetes
  string cloud_provider = 1;

  // resource_type is the type of resource that this fetch is polling.
  // It depends on the Cloud Provider (defined above).
  // Eg, rds, ec2, vm, aks, gce, app
  string resource_type = 2;
}

// UsageEventOneOf is a message that can accept a oneof of any supported
// external usage event.
message UsageEventOneOf {
  oneof event {
    UIBannerClickEvent ui_banner_click = 1;
    UIOnboardCompleteGoToDashboardClickEvent ui_onboard_complete_go_to_dashboard_click = 3;
    UIOnboardAddFirstResourceClickEvent ui_onboard_add_first_resource_click = 4;
    UIOnboardAddFirstResourceLaterClickEvent ui_onboard_add_first_resource_later_click = 5;
    UIOnboardSetCredentialSubmitEvent ui_onboard_set_credential_submit = 6;
    UIOnboardRegisterChallengeSubmitEvent ui_onboard_register_challenge_submit = 7;
    UIRecoveryCodesContinueClickEvent ui_recovery_codes_continue_click = 8;
    UIRecoveryCodesCopyClickEvent ui_recovery_codes_copy_click = 9;
    UIRecoveryCodesPrintClickEvent ui_recovery_codes_print_click = 10;
    UIDiscoverStartedEvent ui_discover_started_event = 11;
    UIDiscoverResourceSelectionEvent ui_discover_resource_selection_event = 12;
    UIDiscoverDeployServiceEvent ui_discover_deploy_service_event = 13;
    UIDiscoverDatabaseRegisterEvent ui_discover_database_register_event = 14;
    UIDiscoverDatabaseConfigureMTLSEvent ui_discover_database_configure_mtls_event = 15;
    UIDiscoverDesktopActiveDirectoryToolsInstallEvent ui_discover_desktop_active_directory_tools_install_event = 16;
    UIDiscoverDesktopActiveDirectoryConfigureEvent ui_discover_desktop_active_directory_configure_event = 17;
    UIDiscoverAutoDiscoveredResourcesEvent ui_discover_auto_discovered_resources_event = 18;
    UIDiscoverDatabaseConfigureIAMPolicyEvent ui_discover_database_configure_iam_policy_event = 19;
    UIDiscoverPrincipalsConfigureEvent ui_discover_principals_configure_event = 20;
    UIDiscoverTestConnectionEvent ui_discover_test_connection_event = 21;
    UIDiscoverCompletedEvent ui_discover_completed_event = 22;
    UICreateNewRoleClickEvent ui_create_new_role_click = 23;
    UICreateNewRoleSaveClickEvent ui_create_new_role_save_click = 24;
    UICreateNewRoleCancelClickEvent ui_create_new_role_cancel_click = 25;
    UICreateNewRoleViewDocumentationClickEvent ui_create_new_role_view_documentation_click = 26;
    UIDiscoverIntegrationAWSOIDCConnectEvent ui_discover_integration_aws_oidc_connect_event = 27;
    UIDiscoverDatabaseRDSEnrollEvent ui_discover_database_rds_enroll_event = 28;
    UICallToActionClickEvent ui_call_to_action_click_event = 29;
    AssistCompletionEvent assist_completion = 30;
    UIIntegrationEnrollStartEvent ui_integration_enroll_start_event = 31;
    UIIntegrationEnrollCompleteEvent ui_integration_enroll_complete_event = 32;
    UIOnboardQuestionnaireSubmitEvent ui_onboard_questionnaire_submit = 33;
    AssistExecutionEvent assist_execution = 34;
    AssistNewConversationEvent assist_new_conversation = 35;
    ResourceCreateEvent resource_create_event = 36;
    FeatureRecommendationEvent feature_recommendation_event = 37;
    AssistAccessRequest assist_access_request = 38;
    AssistAction assist_action = 39;
    AccessListCreate access_list_create = 40;
    AccessListUpdate access_list_update = 41;
    AccessListDelete access_list_delete = 42;
    AccessListMemberCreate access_list_member_create = 43;
    AccessListMemberUpdate access_list_member_update = 44;
    AccessListMemberDelete access_list_member_delete = 45;
    AccessListGrantsToUser access_list_grants_to_user = 46;
    UIDiscoverEC2InstanceSelectionEvent ui_discover_ec2_instance_selection = 47;
    UIDiscoverDeployEICEEvent ui_discover_deploy_eice = 48;
    UIDiscoverCreateNodeEvent ui_discover_create_node = 49;
    TAGExecuteQueryEvent tag_execute_query = 50;
    SecurityReportGetResultEvent security_report_get_result = 51;
    AccessListReviewCreate access_list_review_create = 52;
    AccessListReviewDelete access_list_review_delete = 53;
    DiscoveryFetchEvent discovery_fetch_event = 54;
  }
  reserved 2; //UIOnboardGetStartedClickEvent
  reserved "ui_onboard_get_started_click";
}