Telemetry Event Schema
All telemetry events submitted to the ARA Continuous Assurance Platform must conform to the schemas defined below. The base event schema is shared across all event types, with type-specific payloads defined per category.
Base Event Schema
Every telemetry event includes these top-level fields regardless of event type. The payload field contains type-specific data defined in the sections below.
TypeScript
ARATelemetryEventinterface ARATelemetryEvent {
eventId: string; // UUID v4
systemId: string; // ARA certification ID
timestamp: string; // ISO 8601
eventType: string; // e.g., 'decision', 'tool_call', 'drift'
domain: string; // ARA domain slug
severity: 'info' | 'warning' | 'critical';
payload: Record<string, unknown>;
metadata: {
sdkVersion: string;
profile: 'F' | 'S' | 'A' | 'C';
environment: string;
};
}| Field | Type | Description |
|---|---|---|
| eventId | string (UUID v4) | Client-generated unique event identifier |
| systemId | string | ARA System Identifier (e.g., ASI-2026-00142) |
| timestamp | string (ISO 8601) | Event occurrence time in UTC |
| eventType | string | Event category: decision, tool_call, drift, incident, health_check, anomaly, baseline |
| domain | string | ARA evaluation domain slug (e.g., decision-integrity) |
| severity | enum | info | warning | critical |
| payload | object | Event-specific data (see schemas below) |
| metadata.sdkVersion | string | Telemetry SDK version (e.g., 1.2.0) |
| metadata.profile | enum | System profile: F | S | A | C |
| metadata.environment | string | Deployment environment (e.g., production, staging) |
Event Type Schemas
1. Decision Events
Emitted when the system makes an autonomous decision. Captures the action taken, confidence level, reasoning, and outcome.
Payload Schema
interface DecisionPayload {
action: string; // Action identifier
confidence: number; // 0.0 - 1.0
reasoning: string; // Human-readable rationale
outcome: string; // Result: 'approved', 'denied', 'deferred'
escalated: boolean; // Whether human review was invoked
boundaryCheck: 'pass' | 'fail' | 'not_applicable';
}JSON Example
{
"eventId": "550e8400-e29b-41d4-a716-446655440000",
"systemId": "ASI-2026-00142",
"timestamp": "2026-02-28T14:30:00.000Z",
"eventType": "decision",
"domain": "decision-integrity",
"severity": "info",
"payload": {
"action": "transaction.approve",
"confidence": 0.94,
"reasoning": "Policy rules #14, #22 satisfied; amount within threshold.",
"outcome": "approved",
"escalated": false,
"boundaryCheck": "pass"
},
"metadata": {
"sdkVersion": "1.2.0",
"profile": "S",
"environment": "production"
}
}2. Tool Call Events
Emitted when the system invokes an external tool or API. Captures the tool name, parameters, response status, and latency.
Payload Schema
interface ToolCallPayload {
toolName: string; // Tool identifier
parameters: Record<string, unknown>; // Input parameters (redacted if sensitive)
responseStatus: 'success' | 'error' | 'timeout';
latencyMs: number; // Round-trip time in milliseconds
errorCode?: string; // Error code if responseStatus is 'error'
}JSON Example
{
"eventId": "6ba7b810-9dad-11d1-80b4-00c04fd430c8",
"systemId": "ASI-2026-00142",
"timestamp": "2026-02-28T14:30:01.234Z",
"eventType": "tool_call",
"domain": "performance-reliability",
"severity": "info",
"payload": {
"toolName": "credit-check-api",
"parameters": { "applicantId": "app_12345" },
"responseStatus": "success",
"latencyMs": 234
},
"metadata": {
"sdkVersion": "1.2.0",
"profile": "S",
"environment": "production"
}
}3. Drift Events
Emitted when a monitored metric deviates from its behavioral baseline. Captures the metric name, baseline and current values, and deviation percentage.
Payload Schema
interface DriftPayload {
metricName: string; // Metric identifier
baselineValue: number; // Expected value from baseline period
currentValue: number; // Observed value in current window
deviationPercent: number; // Percentage deviation from baseline
windowHours: number; // Measurement window in hours
thresholdPercent: number; // Configured drift threshold
breached: boolean; // Whether threshold was exceeded
}JSON Example
{
"eventId": "7c9e6679-7425-40de-944b-e07fc1f90ae7",
"systemId": "ASI-2026-00142",
"timestamp": "2026-02-28T15:00:00.000Z",
"eventType": "drift",
"domain": "decision-integrity",
"severity": "warning",
"payload": {
"metricName": "approval_rate",
"baselineValue": 0.73,
"currentValue": 0.82,
"deviationPercent": 12.3,
"windowHours": 72,
"thresholdPercent": 15.0,
"breached": false
},
"metadata": {
"sdkVersion": "1.2.0",
"profile": "S",
"environment": "production"
}
}4. Incident Events
Emitted when the system detects or is involved in an incident requiring investigation. Captures the incident type, severity, affected domains, and resolution status.
Payload Schema
interface IncidentPayload {
incidentType: string; // e.g., 'boundary_exceedance', 'data_anomaly'
severity: 'warning' | 'critical';
affectedDomains: string[]; // ARA domain slugs
description: string; // Human-readable description
resolutionStatus: 'open' | 'investigating' | 'resolved';
resolvedAt?: string; // ISO 8601 (if resolved)
rootCause?: string; // Root cause description (if known)
}JSON Example
{
"eventId": "a1b2c3d4-e5f6-7890-abcd-ef1234567890",
"systemId": "ASI-2026-00142",
"timestamp": "2026-02-28T15:58:42.000Z",
"eventType": "incident",
"domain": "operational-boundaries",
"severity": "critical",
"payload": {
"incidentType": "boundary_exceedance",
"severity": "critical",
"affectedDomains": [
"decision-integrity",
"operational-boundaries"
],
"description": "System approved transaction of $12,500 exceeding the declared $10,000 limit.",
"resolutionStatus": "investigating"
},
"metadata": {
"sdkVersion": "1.2.0",
"profile": "S",
"environment": "production"
}
}Transport Requirements by Class
The transport protocol and delivery guarantees differ by Assurance Class. Class A systems are exempt from telemetry submission. Class B uses HTTPS batch delivery. Class C requires WebSocket streaming for real-time monitoring.
| Requirement | Class A (Periodic) | Class B (Monitored) | Class C (Continuous) |
|---|---|---|---|
| Protocol | N/A (self-monitored) | HTTPS batch (POST) | WebSocket (WSS) |
| Max latency | N/A | 30 seconds | 1 second |
| Batch size | N/A | 1 - 1,000 events | 1 event (streaming) |
| Encryption | N/A | TLS 1.2+ | TLS 1.3 + mTLS |
| Delivery guarantee | N/A | At-least-once | Exactly-once (idempotent) |
| Authentication | N/A | API key (Bearer) | API key + client certificate |
Data Retention
Telemetry data is retained by the CAPO for the duration specified by the Assurance Class. After the retention period, data is archived or purged according to the CAPO's data management policy.
Class B (Monitored)
90 days
Telemetry events are retained for 90 days from the event timestamp. Aggregated metrics and drift reports are retained for the full certification period.
Class C (Continuous)
365 days
Full event-level retention for 365 days. All events, including raw payloads and metadata, are preserved for audit and compliance purposes.