Analytics & Audit
Analytics & Audit
Event tracking, audit logging, API usage, health checks, and webhook delivery.
27 tables in this group.
analytics_events
Partitioned table for analytics events - monthly partitions by created_at
| Column | Type | Nullable | Default |
|---|---|---|---|
id | uuid | No | gen_random_uuid() |
event_name | varchar | No | |
category | varchar | No | 'user_action'::character varying |
priority | varchar | No | 'medium'::character varying |
properties | jsonb | Yes | '{}'::jsonb |
timestamp | timestamptz | No | now() |
session_id | varchar | Yes | |
page_url | varchar | Yes | |
referrer | varchar | Yes | |
user_agent | varchar | Yes | |
user_id | uuid | Yes | |
client_id | varchar | Yes | |
environment | varchar | No | 'development'::character varying |
created_at | timestamptz | No | now() |
RLS Policies:
Users can insert analytics events— INSERT for {public}Users can view own analytics events— SELECT for {public}
audit_logs
| Column | Type | Nullable | Default |
|---|---|---|---|
id | uuid | No | uuid_generate_v4() |
user_id | uuid | No | |
action | varchar(100) | No | |
resource_type | varchar(100) | Yes | |
resource_id | varchar(255) | Yes | |
severity | varchar(20) | No | 'info'::character varying |
status | varchar(20) | No | 'success'::character varying |
ip_address | inet | No | |
user_agent | text | Yes | |
request_id | uuid | Yes | |
session_id | uuid | Yes | |
geo_country | varchar(2) | Yes | |
geo_city | varchar(100) | Yes | |
metadata | jsonb | Yes | '{}'::jsonb |
changes | jsonb | Yes | |
error_message | text | Yes | |
created_at | timestamptz | No | now() |
RLS Policies:
Service role can insert audit logs— INSERT for {public}rls_audit_logs_select— SELECT for {public}
Indexes:
audit_logs_pkeyidx_audit_logs_user_createdidx_audit_logs_user_id
auth_audit_log
Comprehensive authentication and authorization audit trail
| Column | Type | Nullable | Default |
|---|---|---|---|
id | int8 | No | |
user_id | uuid | Yes | |
event_type | text | No | |
event_status | text | No | 'success'::text |
ip_address | text | No | |
user_agent | text | Yes | |
request_path | text | Yes | |
request_method | text | Yes | |
details | jsonb | Yes | '{}'::jsonb |
error_message | text | Yes | |
flagged_as_suspicious | bool | No | false |
risk_score | int4 | Yes | 0 |
country_code | text | Yes | |
city | text | Yes | |
created_at | timestamptz | No | now() |
RLS Policies:
Admins or users can view audit logs— SELECT for {public}Auth admin can insert audit logs— INSERT for {supabase_auth_admin}
Indexes:
auth_audit_log_pkeyidx_auth_audit_log_user_event
admin_audit_log
| Column | Type | Nullable | Default |
|---|---|---|---|
id | uuid | No | gen_random_uuid() |
action | text | No | |
actor_id | uuid | Yes | |
actor_email | text | Yes | |
target_type | text | Yes | |
target_id | text | Yes | |
details | jsonb | Yes | '{}'::jsonb |
ip_address | inet | Yes | |
user_agent | text | Yes | |
created_at | timestamptz | No | now() |
RLS Policies:
Admins can read audit logs— SELECT for {authenticated}Service role can insert audit logs— INSERT for {service_role}Service role can read audit logs— SELECT for {service_role}
Indexes:
admin_audit_log_pkeyidx_admin_audit_log_actionidx_admin_audit_log_actor_ididx_admin_audit_log_created_at
api_usage_log
| Column | Type | Nullable | Default |
|---|---|---|---|
id | uuid | No | uuid_generate_v4() |
user_id | uuid | No | |
resource | varchar(255) | No | |
action | varchar(255) | No | |
metadata | jsonb | Yes | |
response_time_ms | numeric | Yes | |
status_code | int4 | Yes | |
environment | varchar(50) | Yes | 'staging'::character varying |
created_at | timestamptz | Yes | now() |
RLS Policies:
Admins can manage usage log— ALL for {public}
Indexes:
api_usage_log_pkeyidx_api_usage_log_user_id
supabase_audit_logs
| Column | Type | Nullable | Default |
|---|---|---|---|
id | uuid | No | |
user_id | uuid | No | |
operation | varchar(50) | No | |
table_name | varchar(100) | Yes | |
record_id | uuid | Yes | |
old_values | json | Yes | |
new_values | json | Yes | |
changed_fields | json | Yes | |
ip_address | varchar(45) | Yes | |
user_agent | varchar(500) | Yes | |
session_id | uuid | Yes | |
audit_metadata | json | Yes | |
severity | varchar(20) | Yes | |
created_at | timestamp | No |
RLS Policies:
supabase_audit_logs_delete_own— DELETE for {public}supabase_audit_logs_insert_own— INSERT for {public}supabase_audit_logs_select_own— SELECT for {public}supabase_audit_logs_update_own— UPDATE for {public}
Indexes:
ix_supabase_audit_logs_created_atix_supabase_audit_logs_operationix_supabase_audit_logs_user_idsupabase_audit_logs_pkey
api_health_checks
| Column | Type | Nullable | Default |
|---|---|---|---|
id | uuid | No | uuid_generate_v4() |
created_at | timestamptz | Yes | now() |
service | text | No | |
status | bool | No | |
latency_ms | float4 | No | |
error | text | Yes |
RLS Policies:
Authenticated users can view health checks— SELECT for {authenticated}
Indexes:
api_health_checks_pkey
service_health_checks
Health check records. Should be pruned regularly (recommended: keep only 7 days).
| Column | Type | Nullable | Default |
|---|---|---|---|
id | uuid | No | uuid_generate_v4() |
service_name | varchar(255) | No | |
platform | varchar(100) | No | |
status | varchar(50) | No | |
response_time_ms | numeric | Yes | |
status_code | int4 | Yes | |
error_message | text | Yes | |
environment | varchar(50) | Yes | 'staging'::character varying |
checked_at | timestamptz | Yes | now() |
RLS Policies:
Admins can manage health checks— ALL for {public}
Indexes:
service_health_checks_pkey
system_health_summary
System health summary. Should be pruned regularly (recommended: keep only 7 days).
| Column | Type | Nullable | Default |
|---|---|---|---|
id | uuid | No | uuid_generate_v4() |
overall_status | varchar(50) | No | |
healthy_count | int4 | No | 0 |
degraded_count | int4 | No | 0 |
unhealthy_count | int4 | No | 0 |
total_services | int4 | No | 0 |
critical_services_healthy | bool | Yes | true |
environment | varchar(50) | Yes | 'staging'::character varying |
recorded_at | timestamptz | Yes | now() |
RLS Policies:
Admins can manage health summary— ALL for {public}
Indexes:
system_health_summary_pkey
webhook_logs
| Column | Type | Nullable | Default |
|---|---|---|---|
id | uuid | No | gen_random_uuid() |
endpoint_name | text | No | |
event_type | text | No | |
payload | jsonb | No | |
response_status | int4 | Yes | |
response_body | text | Yes | |
success | bool | Yes | |
error_message | text | Yes | |
retry_count | int4 | Yes | 0 |
created_at | timestamptz | Yes | now() |
RLS Policies:
Service role can manage all webhook logs— ALL for {service_role}
Indexes:
idx_webhook_logs_createdidx_webhook_logs_failedwebhook_logs_pkey
webhook_endpoints
| Column | Type | Nullable | Default |
|---|---|---|---|
id | uuid | No | gen_random_uuid() |
name | text | No | |
url | text | No | |
secret_key | text | Yes | |
enabled | bool | Yes | true |
event_types | _text | Yes | '{}'::text[] |
headers | jsonb | Yes | '{}'::jsonb |
retry_count | int4 | Yes | 3 |
timeout_ms | int4 | Yes | 5000 |
created_at | timestamptz | Yes | now() |
updated_at | timestamptz | Yes | now() |
RLS Policies:
Service role can manage all webhook endpoints— ALL for {service_role}
Indexes:
webhook_endpoints_name_keywebhook_endpoints_pkey
webhook_events
Logs all incoming webhook events from external services
| Column | Type | Nullable | Default |
|---|---|---|---|
id | uuid | No | gen_random_uuid() |
integration_type | varchar(50) | No | |
event_type | varchar(100) | No | |
payload | jsonb | No | |
signature | varchar(255) | Yes | |
processed | bool | Yes | false |
processing_error | text | Yes | |
received_at | timestamptz | Yes | now() |
processed_at | timestamptz | Yes | |
idempotency_key | varchar(255) | Yes | |
created_at | timestamptz | Yes | now() |
RLS Policies:
Service role can manage all webhook events— ALL for {service_role}
Indexes:
idx_webhook_events_idempotencyidx_webhook_events_processedidx_webhook_events_typewebhook_events_idempotency_key_keywebhook_events_pkey
sentry_webhook_logs
| Column | Type | Nullable | Default |
|---|---|---|---|
id | uuid | No | gen_random_uuid() |
action | text | No | |
sentry_issue_id | text | Yes | |
sentry_project | text | Yes | |
processed | bool | No | false |
linear_issue_id | text | Yes | |
error_message | text | Yes | |
success | bool | Yes | |
details | jsonb | Yes | |
payload | jsonb | Yes | |
created_at | timestamptz | No | now() |
RLS Policies:
authenticated_read_sentry_logs— SELECT for {authenticated}service_role_full_access_sentry_logs— ALL for {service_role}
Indexes:
idx_sentry_webhook_logs_createdidx_sentry_webhook_logs_unprocessedsentry_webhook_logs_pkey
outbox_events
Transactional outbox for reliable event publishing (ARCH-003)
| Column | Type | Nullable | Default |
|---|---|---|---|
id | uuid | No | gen_random_uuid() |
aggregate_type | varchar(50) | No | |
aggregate_id | varchar(100) | No | |
event_type | varchar(100) | No | |
event_version | varchar(10) | Yes | '1.0'::character varying |
payload | jsonb | No | |
payload_hash | varchar(64) | Yes | |
causation_id | uuid | Yes | |
correlation_id | uuid | Yes | |
user_id | uuid | Yes | |
status | varchar(20) | No | 'pending'::character varying |
created_at | timestamptz | No | now() |
published_at | timestamptz | Yes | |
last_attempted_at | timestamptz | Yes | |
retry_count | int4 | No | 0 |
max_retries | int4 | No | 5 |
next_retry_at | timestamptz | Yes | |
last_error | text | Yes | |
error_details | jsonb | Yes | |
sequence_number | int8 | No | nextval('outbox_events_sequence_number_seq'::regclass) |
partition_key | varchar(100) | Yes |
RLS Policies:
Service role full access to outbox_events— ALL for {service_role}Users can view own outbox events— SELECT for {public}
Indexes:
idx_outbox_aggregateidx_outbox_correlationidx_outbox_events_pending_sequenceidx_outbox_next_retryidx_outbox_partition_keyidx_outbox_payload_hashidx_outbox_status_createdidx_outbox_user_idoutbox_events_pkey
outbox_dead_letters
Dead letter queue for events that failed after max retries
| Column | Type | Nullable | Default |
|---|---|---|---|
id | uuid | No | gen_random_uuid() |
original_event_id | uuid | No | |
aggregate_type | varchar(50) | No | |
aggregate_id | varchar(100) | No | |
event_type | varchar(100) | No | |
payload | jsonb | No | |
failed_at | timestamptz | No | now() |
retry_count | int4 | No | |
last_error | text | No | |
error_details | jsonb | Yes | |
status | varchar(20) | No | 'unresolved'::character varying |
resolved_at | timestamptz | Yes | |
resolved_by | varchar(100) | Yes | |
resolution_notes | text | Yes | |
created_at | timestamptz | No | now() |
RLS Policies:
Service role full access to outbox_dead_letters— ALL for {service_role}
Indexes:
idx_dead_letters_aggregateidx_dead_letters_event_typeidx_dead_letters_statusidx_outbox_dead_letters_original_event_idoutbox_dead_letters_pkey
outbox_metrics
Metrics tracking for outbox relay performance
| Column | Type | Nullable | Default |
|---|---|---|---|
id | uuid | No | gen_random_uuid() |
metric_type | varchar(50) | No | |
metric_value | numeric | No | |
event_type | varchar(100) | Yes | |
aggregate_type | varchar(50) | Yes | |
processing_time_ms | int4 | Yes | |
batch_size | int4 | Yes | |
recorded_at | timestamptz | No | now() |
metadata | jsonb | Yes |
RLS Policies:
Service role full access to outbox_metrics— ALL for {service_role}
Indexes:
idx_outbox_metrics_type_timeoutbox_metrics_pkey
analytics_events_y2025m12
| Column | Type | Nullable | Default |
|---|---|---|---|
id | uuid | No | gen_random_uuid() |
event_name | varchar | No | |
category | varchar | No | 'user_action'::character varying |
priority | varchar | No | 'medium'::character varying |
properties | jsonb | Yes | '{}'::jsonb |
timestamp | timestamptz | No | now() |
session_id | varchar | Yes | |
page_url | varchar | Yes | |
referrer | varchar | Yes | |
user_agent | varchar | Yes | |
user_id | uuid | Yes | |
client_id | varchar | Yes | |
environment | varchar | No | 'development'::character varying |
created_at | timestamptz | No | now() |
RLS Policies:
Service role can insert analytics events— INSERT for {public}Users can view own analytics events— SELECT for {public}
Indexes:
analytics_events_y2025m12_category_created_at_idxanalytics_events_y2025m12_event_name_created_at_idxanalytics_events_y2025m12_pkeyanalytics_events_y2025m12_user_id_created_at_idx
analytics_events_y2026m01
| Column | Type | Nullable | Default |
|---|---|---|---|
id | uuid | No | gen_random_uuid() |
event_name | varchar | No | |
category | varchar | No | 'user_action'::character varying |
priority | varchar | No | 'medium'::character varying |
properties | jsonb | Yes | '{}'::jsonb |
timestamp | timestamptz | No | now() |
session_id | varchar | Yes | |
page_url | varchar | Yes | |
referrer | varchar | Yes | |
user_agent | varchar | Yes | |
user_id | uuid | Yes | |
client_id | varchar | Yes | |
environment | varchar | No | 'development'::character varying |
created_at | timestamptz | No | now() |
RLS Policies:
Service role can insert analytics events— INSERT for {public}Users can view own analytics events— SELECT for {public}
Indexes:
analytics_events_y2026m01_category_created_at_idxanalytics_events_y2026m01_event_name_created_at_idxanalytics_events_y2026m01_pkeyanalytics_events_y2026m01_user_id_created_at_idx
analytics_events_y2026m02
| Column | Type | Nullable | Default |
|---|---|---|---|
id | uuid | No | gen_random_uuid() |
event_name | varchar | No | |
category | varchar | No | 'user_action'::character varying |
priority | varchar | No | 'medium'::character varying |
properties | jsonb | Yes | '{}'::jsonb |
timestamp | timestamptz | No | now() |
session_id | varchar | Yes | |
page_url | varchar | Yes | |
referrer | varchar | Yes | |
user_agent | varchar | Yes | |
user_id | uuid | Yes | |
client_id | varchar | Yes | |
environment | varchar | No | 'development'::character varying |
created_at | timestamptz | No | now() |
RLS Policies:
Service role can insert analytics events— INSERT for {public}Users can view own analytics events— SELECT for {public}
Indexes:
analytics_events_y2026m02_category_created_at_idxanalytics_events_y2026m02_event_name_created_at_idxanalytics_events_y2026m02_pkeyanalytics_events_y2026m02_user_id_created_at_idx
analytics_events_y2026m03
| Column | Type | Nullable | Default |
|---|---|---|---|
id | uuid | No | gen_random_uuid() |
event_name | varchar | No | |
category | varchar | No | 'user_action'::character varying |
priority | varchar | No | 'medium'::character varying |
properties | jsonb | Yes | '{}'::jsonb |
timestamp | timestamptz | No | now() |
session_id | varchar | Yes | |
page_url | varchar | Yes | |
referrer | varchar | Yes | |
user_agent | varchar | Yes | |
user_id | uuid | Yes | |
client_id | varchar | Yes | |
environment | varchar | No | 'development'::character varying |
created_at | timestamptz | No | now() |
RLS Policies:
Service role can insert analytics events— INSERT for {public}Users can view own analytics events— SELECT for {public}
Indexes:
analytics_events_y2026m03_category_created_at_idxanalytics_events_y2026m03_event_name_created_at_idxanalytics_events_y2026m03_pkeyanalytics_events_y2026m03_user_id_created_at_idx
analytics_events_y2026m04
| Column | Type | Nullable | Default |
|---|---|---|---|
id | uuid | No | gen_random_uuid() |
event_name | varchar | No | |
category | varchar | No | 'user_action'::character varying |
priority | varchar | No | 'medium'::character varying |
properties | jsonb | Yes | '{}'::jsonb |
timestamp | timestamptz | No | now() |
session_id | varchar | Yes | |
page_url | varchar | Yes | |
referrer | varchar | Yes | |
user_agent | varchar | Yes | |
user_id | uuid | Yes | |
client_id | varchar | Yes | |
environment | varchar | No | 'development'::character varying |
created_at | timestamptz | No | now() |
RLS Policies:
Service role can insert analytics events— INSERT for {public}Users can view own analytics events— SELECT for {public}
Indexes:
analytics_events_y2026m04_category_created_at_idxanalytics_events_y2026m04_event_name_created_at_idxanalytics_events_y2026m04_pkeyanalytics_events_y2026m04_user_id_created_at_idx
analytics_events_y2026m05
| Column | Type | Nullable | Default |
|---|---|---|---|
id | uuid | No | gen_random_uuid() |
event_name | varchar | No | |
category | varchar | No | 'user_action'::character varying |
priority | varchar | No | 'medium'::character varying |
properties | jsonb | Yes | '{}'::jsonb |
timestamp | timestamptz | No | now() |
session_id | varchar | Yes | |
page_url | varchar | Yes | |
referrer | varchar | Yes | |
user_agent | varchar | Yes | |
user_id | uuid | Yes | |
client_id | varchar | Yes | |
environment | varchar | No | 'development'::character varying |
created_at | timestamptz | No | now() |
RLS Policies:
Service role can insert analytics events— INSERT for {public}Users can view own analytics events— SELECT for {public}
Indexes:
analytics_events_y2026m05_category_created_at_idxanalytics_events_y2026m05_event_name_created_at_idxanalytics_events_y2026m05_pkeyanalytics_events_y2026m05_user_id_created_at_idx
analytics_events_y2026m06
| Column | Type | Nullable | Default |
|---|---|---|---|
id | uuid | No | gen_random_uuid() |
event_name | varchar | No | |
category | varchar | No | 'user_action'::character varying |
priority | varchar | No | 'medium'::character varying |
properties | jsonb | Yes | '{}'::jsonb |
timestamp | timestamptz | No | now() |
session_id | varchar | Yes | |
page_url | varchar | Yes | |
referrer | varchar | Yes | |
user_agent | varchar | Yes | |
user_id | uuid | Yes | |
client_id | varchar | Yes | |
environment | varchar | No | 'development'::character varying |
created_at | timestamptz | No | now() |
RLS Policies:
Service role can insert analytics events— INSERT for {public}Users can view own analytics events— SELECT for {public}
Indexes:
analytics_events_y2026m06_category_created_at_idxanalytics_events_y2026m06_event_name_created_at_idxanalytics_events_y2026m06_pkeyanalytics_events_y2026m06_user_id_created_at_idx
sync_operations
Tracks bidirectional synchronization between Linear and other tools
| Column | Type | Nullable | Default |
|---|---|---|---|
id | uuid | No | gen_random_uuid() |
user_id | uuid | No | |
source_integration | varchar(50) | No | |
target_integration | varchar(50) | No | |
operation_type | varchar(50) | No | |
source_entity_id | varchar(255) | Yes | |
target_entity_id | varchar(255) | Yes | |
entity_type | varchar(50) | Yes | |
status | varchar(20) | Yes | 'pending'::character varying |
retry_count | int4 | Yes | 0 |
error_message | text | Yes | |
metadata | jsonb | Yes | '{}'::jsonb |
created_at | timestamptz | Yes | now() |
completed_at | timestamptz | Yes |
RLS Policies:
Service role can manage all sync operations— ALL for {service_role}Users can view their own sync operations— SELECT for {public}
Indexes:
idx_sync_operations_entitiesidx_sync_operations_statusidx_sync_operations_user_idsync_operations_pkey
service_config
Stores service-level configuration data (admin access only)
| Column | Type | Nullable | Default |
|---|---|---|---|
id | uuid | No | gen_random_uuid() |
service_name | text | No | |
config_data | jsonb | Yes | '{}'::jsonb |
enabled | bool | Yes | true |
created_at | timestamptz | No | now() |
updated_at | timestamptz | No | now() |
RLS Policies:
Admins can create service config— INSERT for {public}Admins can delete service config— DELETE for {public}Admins can update service config— UPDATE for {public}Admins can view service config— SELECT for {public}
Indexes:
service_config_pkeyservice_config_service_name_key
migrations
| Column | Type | Nullable | Default |
|---|---|---|---|
id | uuid | No | |
version | varchar(50) | No | |
name | varchar(200) | No | |
description | text | Yes | |
up_sql | text | No | |
down_sql | text | Yes | |
status | varchar(20) | Yes | |
executed_at | timestamp | Yes | |
execution_time_ms | int4 | Yes | |
rolled_back_at | timestamp | Yes | |
dependencies | json | Yes | |
error_message | text | Yes | |
retry_count | int4 | Yes | |
checksum | varchar(64) | Yes | |
author | varchar(100) | Yes | |
tags | json | Yes | |
created_at | timestamp | No | |
updated_at | timestamp | Yes |
RLS Policies:
migrations_service_all— ALL for {public}
Indexes:
idx_migration_executedidx_migration_status_versionix_migrations_statusix_migrations_versionmigrations_pkey
helpdesk_tickets
User account administration requests handled by the helpdesk agent
| Column | Type | Nullable | Default |
|---|---|---|---|
id | uuid | No | gen_random_uuid() |
ticket_number | int4 | No | nextval('helpdesk_tickets_ticket_number_seq'::regclass) |
user_id | uuid | Yes | |
user_email | varchar(255) | No | |
issue_type | text | No | |
title | text | No | |
description | text | Yes | |
status | text | No | 'open'::text |
priority | text | No | 'medium'::text |
requires_approval | bool | No | false |
approval_id | uuid | Yes | |
approval_status | text | Yes | |
approved_by | text | Yes | |
approved_at | timestamptz | Yes | |
source | text | No | |
source_id | text | Yes | |
slack_thread_ts | text | Yes | |
linear_issue_id | text | Yes | |
resolution_summary | text | Yes | |
resolved_by | text | Yes | |
resolved_at | timestamptz | Yes | |
created_at | timestamptz | No | now() |
updated_at | timestamptz | No | now() |
RLS Policies:
Service role full access on helpdesk_tickets— ALL for {service_role}Users can view own helpdesk tickets— SELECT for {authenticated}
Indexes:
helpdesk_tickets_pkeyhelpdesk_tickets_status_idxhelpdesk_tickets_ticket_number_keyhelpdesk_tickets_user_idx