import { n as EventPayload, r as EventSubscriber$1, t as AutotelEventContext$1 } from "./event-subscriber-base-DOVIZK7N.cjs"; import { EventAttributes } from "autotel/event-subscriber"; import { SecuritySeverity } from "autotel/security-schema"; //#region src/security.d.ts type SecurityAlertSeverity = SecuritySeverity; /** Normalized alert passed to handlers and POSTed to webhooks. */ interface SecurityAlert { /** Full event name, e.g. `security.auth.login.failed`. */ event: string; severity: SecurityAlertSeverity; category?: string; outcome?: string; reason?: string; /** Remaining event attributes (severity/category/outcome/reason lifted out). */ attributes?: EventAttributes; /** ISO 8601. */ timestamp: string; /** Trace correlation, when the Events pipeline includes it. */ trace?: AutotelEventContext$1; } interface SecuritySubscriberConfig { /** POST alerts as JSON to this URL. Required unless `handler` is set. */ webhookUrl?: string; /** Extra headers for the webhook request (e.g. auth). */ headers?: Record; /** Custom destination — takes precedence over `webhookUrl`. */ handler?: (alert: SecurityAlert) => void | Promise; /** Forward events at or above this severity. Default `warning`. */ minSeverity?: SecurityAlertSeverity; /** * Events are recognized as security events when their name starts with * this prefix. Default `security.`. */ eventPrefix?: string; /** Extra predicate applied after the prefix/severity gates. */ filter?: (payload: EventPayload) => boolean; /** Enable/disable subscriber. Default true. */ enabled?: boolean; /** Webhook delivery attempts including the first. Default 3. */ maxRetries?: number; /** Webhook request timeout in milliseconds. Default 30_000. */ timeoutMs?: number; /** Base webhook retry backoff; doubles per attempt. Default 1000. */ retryDelayMs?: number; } declare class SecuritySubscriber extends EventSubscriber$1 { readonly name = "SecuritySubscriber"; readonly version = "1.0.0"; private config; private readonly httpClient; constructor(config: SecuritySubscriberConfig); protected sendToDestination(payload: EventPayload): Promise; private toAlert; } //#endregion export { SecurityAlert, SecurityAlertSeverity, SecuritySubscriber, SecuritySubscriberConfig }; //# sourceMappingURL=security.d.cts.map