GetEventTypeName retrieves the system.eventlog type name for the given payload.

SeverityByName attempts to parse the passed in string into a severity.

CHANNEL_MAX is the maximum allocated channel number so far.

DEV is used during development to collect log details useful for troubleshooting that fall outside the scope of other channels.

HEALTH is used to report "background" operational events, initiated by CockroachDB or reporting on automatic processes: - Current resource usage, including critical resource usage - Node-node connection events, including connection errors and gossip details - Range and table leasing events - Up- and down-replication, range unavailability.

KV_DISTRIBUTION is used to report data distribution events, such as moving replicas between stores in the cluster, or adding (removing) replicas to ranges.

OPS is used to report "point" operational events, initiated by user operators or automation: - Operator or system actions on server processes: process starts, stops, shutdowns, crashes (if they can be logged), including each time: command-line parameters, current version being run - Actions that impact the topology of a cluster: node additions, removals, decommissions, etc.

PRIVILEGES is used to report data authorization changes, including: - Privilege grants/revocations on database, objects, etc.

SENSITIVE_ACCESS is used to report SQL data access to sensitive data: - Data access audit events (when table audit is enabled via [EXPERIMENTAL_AUDIT](experimental-audit.html)) - SQL statements executed by users with the admin role - Operations that write to system tables This is typically configured in "audit" mode, with event numbering and synchronous writes.

SESSIONS is used to report client network activity when enabled via the `server.auth_log.sql_connections.enabled` and/or `server.auth_log.sql_sessions.enabled` [cluster setting](cluster-settings.html): - Connections opened/closed - Authentication events: logins, failed attempts - Session and query cancellation This is typically configured in "audit" mode, with event numbering and synchronous writes.

SQL_EXEC is used to report SQL execution on behalf of client connections: - Logical SQL statement executions (when enabled via the `sql.trace.log_statement_execute` [cluster setting](cluster-settings.html)) - uncaught Go panic errors during the execution of a SQL statement.

SQL_INTERNAL_PERF is like the `SQL_PERF` channel, but is aimed at helping developers of CockroachDB itself.

SQL_PERF is used to report SQL executions that are marked as "out of the ordinary" to facilitate performance investigations.

SQL_SCHEMA is used to report changes to the SQL logical schema, excluding privilege and ownership changes (which are reported separately on the `PRIVILEGES` channel) and zone configuration changes (which go to the `OPS` channel).

STORAGE is used to report low-level storage layer events (RocksDB/Pebble).

TELEMETRY reports telemetry events.

USER_ADMIN is used to report changes in users and roles, including: - Users added/dropped - Changes to authentication credentials (e.g., passwords, validity, etc.) - Role grants/revocations - Role option grants/revocations This is typically configured in "audit" mode, with event numbering and synchronous writes.

DEFAULT is the end sentinel.

ERROR is used for situations that require special handling, where normal operation could not proceed as expected.

FATAL is used for situations that require an immedate, hard server shutdown.

INFO is used for informational messages that do not require action.

NONE can be used in filters to specify that no messages should be emitted.

UNKNOWN is populated into decoded log entries when the severity could not be determined.

WARNING is used for situations which may require special handling, where normal operation is expected to resume automatically.

CommonEventDetails contains the fields common to all structed events.

Entry represents a cockroach log entry in the following two cases: - when reading a log file using the crdb-v1 format, entries are parsed into this struct.

A FileDetails holds all of the particulars that can be parsed by the name of a log file.

TestingStructuredLogEvent is an implementation of EventPayload for use in tests, in order to avoid importing the eventpb package.

EventPayload is implemented by CommonEventDetails.

Channel is the logical logging channel on which a message is sent.

Severity is the severity level of individual log events.