stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 16 Releases Wiki Activity
Files
108d1c64b323808d6085fca05818fc581c6b003a
git.stella-ops.org/docs/modules/policy/prep/2025-11-20-violation-events-prep.md
master d519782a8f
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Details
prep docs and service updates
2025-11-21 06:56:36 +00:00

1.2 KiB
Raw Blame History

Violation Events Prep — PREP-POLICY-ENGINE-38-201-VIOLATION-EVENTS-DE

Status: Draft (2025-11-20) Owners: Policy Guild Scope: Define violation event payloads emitted after snapshot stream (35-201).

Dependencies

  • Snapshot API/stream shape (35-201).
  • Severity fusion rules (40-001) to know which fields to emit.

Draft event

  • event_type: policy.violation.detected
  • Fields: tenant_id, snapshot_id, policy_profile_hash, component_purl, advisory_id, violation_code, severity, status, trace_ref, occurred_at, event_id (hash of snapshot_id + component_purl + advisory_id).
  • Transport: NATS subject policy.violation.detected; durable stream; idempotency via event_id.
  • Metrics: policy_violation_events_total{tenant,violation_code}.

Acceptance

  • Draft schema at docs/modules/policy/schemas/policy-violation-event@draft.json and sample at docs/modules/policy/samples/policy-violation-event@draft.json.
  • Confirm subject + retention with Scheduler/Notify.

Handoff

Use this doc as the prep artefact for PREP-POLICY-ENGINE-38-201-VIOLATION-EVENTS-DE. Update once snapshot stream and fusion rules are frozen; then unblock implementation.