DEV is used during development to collect log details useful for troubleshooting that fall outside the scope of other channels.

HEALTH is used to report "background" operational events, initiated by CockroachDB or reporting on automatic processes: - Current resource usage, including critical resource usage - Node-node connection events, including connection errors and gossip details - Range and table leasing events - Up- and down-replication, range unavailability.

KV_DISTRIBUTION is used to report data distribution events, such as moving replicas between stores in the cluster, or adding (removing) replicas to ranges.

OPS is used to report "point" operational events, initiated by user operators or automation: - Operator or system actions on server processes: process starts, stops, shutdowns, crashes (if they can be logged), including each time: command-line parameters, current version being run - Actions that impact the topology of a cluster: node additions, removals, decommissions, etc.

PRIVILEGES is used to report data authorization changes, including: - Privilege grants/revocations on database, objects, etc.

SENSITIVE_ACCESS is used to report SQL data access to sensitive data: - Data access audit events (when table audit is enabled via [ALTER TABLE ..

SESSIONS is used to report client network activity when enabled via the `server.auth_log.sql_connections.enabled` and/or `server.auth_log.sql_sessions.enabled` [cluster setting](cluster-settings.html): - Connections opened/closed - Authentication events: logins, failed attempts - Session and query cancellation This is typically configured in "audit" mode, with event numbering and synchronous writes.

SQL_EXEC is used to report SQL execution on behalf of client connections: - Logical SQL statement executions (when enabled via the `sql.log.all_statements.enabled` [cluster setting](cluster-settings.html)) - uncaught Go panic errors during the execution of a SQL statement.

SQL_INTERNAL_PERF is like the `SQL_PERF` channel, but is aimed at helping developers of CockroachDB itself.

SQL_PERF is used to report SQL executions that are marked as "out of the ordinary" to facilitate performance investigations.

SQL_SCHEMA is used to report changes to the SQL logical schema, excluding privilege and ownership changes (which are reported separately on the `PRIVILEGES` channel) and zone configuration changes (which go to the `OPS` channel).

STORAGE is used to report low-level storage layer events (RocksDB/Pebble).

TELEMETRY reports telemetry events.

USER_ADMIN is used to report changes in users and roles, including: - Users added/dropped - Changes to authentication credentials (e.g., passwords, validity, etc.) - Role grants/revocations - Role option grants/revocations This is typically configured in "audit" mode, with event numbering and synchronous writes.