@axova/shared 1.0.0

package/src/schemas/store/store-audit-schema.ts

@@ -0,0 +1,1257 @@
+import { createId } from "@paralleldrive/cuid2";
+import { relations } from "drizzle-orm";
+import {
+	boolean,
+	index,
+	integer,
+	jsonb,
+	pgTable,
+	real,
+	text,
+	timestamp,
+	varchar,
+} from "drizzle-orm/pg-core";
+
+// =====================================================
+// STORE AUDIT LOGS - COMPREHENSIVE TRACKING SYSTEM
+// =====================================================
+
+/**
+ * Primary Store Audit Logs Table
+ * Immutable, append-only design for complete store operation tracking
+ * Optimized for high-volume insertions with comprehensive indexing
+ */
+export const storeAuditLogs = pgTable(
+	"store_audit_logs",
+	{
+		// Primary Identification
+		id: text("id")
+			.primaryKey()
+			.$defaultFn(() => createId()),
+
+		// Store Context - Core Business Entity
+		storeId: text("store_id").notNull(),
+		storeName: varchar("store_name", { length: 255 }),
+		storeSubdomain: varchar("store_subdomain", { length: 63 }),
+		storeUrl: varchar("store_url", { length: 255 }),
+
+		// Event Classification - Enhanced Categorization
+		eventType: varchar("event_type", { length: 30 })
+			.notNull()
+			.$type<
+				| "CREATE"
+				| "READ"
+				| "UPDATE"
+				| "DELETE"
+				| "UPLOAD"
+				| "DOWNLOAD"
+				| "EXPORT"
+				| "IMPORT"
+				| "LOGIN"
+				| "LOGOUT"
+				| "ACCESS"
+				| "PERMISSION_CHANGE"
+				| "SYSTEM_ACTION"
+				| "COMPLIANCE_ACTION"
+				| "SECURITY_EVENT"
+				| "CONFIGURATION_CHANGE"
+				| "BULK_OPERATION"
+			>(),
+
+		eventCategory: varchar("event_category", { length: 30 })
+			.notNull()
+			.$type<
+				| "USER_ACTION"
+				| "ADMIN_ACTION"
+				| "SYSTEM_ACTION"
+				| "DATA_ACTION"
+				| "CONTENT_ACTION"
+				| "SECURITY_ACTION"
+				| "COMPLIANCE_ACTION"
+				| "BUSINESS_ACTION"
+				| "INTEGRATION_ACTION"
+				| "NOTIFICATION_ACTION"
+				| "ANALYTICS_ACTION"
+				| "MAINTENANCE_ACTION"
+			>(),
+
+		// Action Details - Comprehensive Operation Tracking
+		action: varchar("action", { length: 100 }).notNull(),
+		actionDescription: text("action_description"),
+
+		// Resource Information - What Was Affected
+		resource: varchar("resource", { length: 100 }).notNull(),
+		resourceId: text("resource_id").notNull(),
+		resourceType: varchar("resource_type", { length: 30 }).$type<
+			| "STORE"
+			| "PRODUCT"
+			| "ORDER"
+			| "USER"
+			| "BLOG"
+			| "CONTACT"
+			| "BUSINESS_DETAILS"
+			| "SOCIAL_PROFILE"
+			| "FILE"
+			| "MEDIA"
+			| "ANALYTICS"
+			| "CONFIGURATION"
+			| "INTEGRATION"
+			| "NOTIFICATION"
+			| "PAYMENT"
+			| "SHIPPING"
+			| "INVENTORY"
+			| "PROMOTION"
+			| "REVIEW"
+			| "CATEGORY"
+			| "ATTRIBUTE"
+			| "THEME"
+			| "PLUGIN"
+			| "WEBHOOK"
+		>(),
+
+		resourceName: varchar("resource_name", { length: 255 }),
+		parentResourceId: text("parent_resource_id"),
+		parentResourceType: varchar("parent_resource_type", { length: 30 }),
+
+		// Actor Information - Who Performed the Action
+		performedBy: text("performed_by").notNull(),
+		performedByType: varchar("performed_by_type", { length: 20 })
+			.notNull()
+			.$type<
+				| "USER"
+				| "ADMIN"
+				| "STORE_OWNER"
+				| "STORE_MANAGER"
+				| "STORE_EMPLOYEE"
+				| "CUSTOMER"
+				| "SYSTEM"
+				| "SERVICE"
+				| "AI"
+				| "AUTOMATION"
+				| "WEBHOOK"
+				| "CRON_JOB"
+				| "ANONYMOUS"
+				| "API_CLIENT"
+				| "INTEGRATION"
+			>(),
+
+		performedByName: varchar("performed_by_name", { length: 255 }),
+		performedByEmail: varchar("performed_by_email", { length: 320 }),
+
+		// User Role and Permissions Context
+		userRole: varchar("user_role", { length: 50 }).$type<
+			| "SUPER_ADMIN"
+			| "STORE_OWNER"
+			| "STORE_ADMIN"
+			| "STORE_MANAGER"
+			| "STORE_EMPLOYEE"
+			| "CONTENT_CREATOR"
+			| "CUSTOMER_SERVICE"
+			| "VIEWER"
+			| "CUSTOMER"
+			| "GUEST"
+		>(),
+
+		userPermissions: jsonb("user_permissions").$type<string[]>().default([]),
+
+		// Session and Request Context
+		sessionId: text("session_id"),
+		requestId: text("request_id"),
+		correlationId: text("correlation_id"),
+		traceId: text("trace_id"),
+		spanId: text("span_id"),
+
+		// Network and Client Information
+		ipAddress: varchar("ip_address", { length: 45 }), // IPv6 support
+		userAgent: text("user_agent"),
+
+		clientType: varchar("client_type", { length: 30 }).$type<
+			| "WEB_BROWSER"
+			| "MOBILE_APP"
+			| "DESKTOP_APP"
+			| "API_CLIENT"
+			| "ADMIN_PANEL"
+			| "POS_SYSTEM"
+			| "MOBILE_POS"
+			| "WEBHOOK"
+			| "CRON_JOB"
+			| "SYSTEM_SERVICE"
+			| "INTEGRATION"
+			| "BOT"
+			| "UNKNOWN"
+		>(),
+
+		clientId: text("client_id"),
+		clientVersion: varchar("client_version", { length: 50 }),
+		clientPlatform: varchar("client_platform", { length: 50 }),
+
+		// Device Information
+		deviceInfo: jsonb("device_info").$type<{
+			type?: "desktop" | "mobile" | "tablet" | "tv" | "watch" | "embedded";
+			os?: string;
+			osVersion?: string;
+			browser?: string;
+			browserVersion?: string;
+			vendor?: string;
+			model?: string;
+			screenResolution?: string;
+			language?: string;
+			timezone?: string;
+		}>(),
+
+		// Geographic Information
+		location: jsonb("location").$type<{
+			country?: string;
+			countryCode?: string;
+			region?: string;
+			regionCode?: string;
+			city?: string;
+			postalCode?: string;
+			coordinates?: { lat: number; lng: number };
+			timezone?: string;
+			isp?: string;
+			organization?: string;
+		}>(),
+
+		// HTTP Context
+		httpMethod: varchar("http_method", { length: 10 }),
+		httpPath: text("http_path"),
+		httpQuery: text("http_query"),
+		httpHeaders: jsonb("http_headers").$type<Record<string, string>>(),
+		httpStatusCode: integer("http_status_code"),
+		httpResponseSize: integer("http_response_size"),
+
+		// Data Changes and Content
+		changes: jsonb("changes").$type<{
+			before?: Record<string, unknown>;
+			after?: Record<string, unknown>;
+			fields?: string[];
+			summary?: string;
+			changeCount?: number;
+			significantChanges?: string[];
+		}>(),
+
+		// Request/Response Data (Sanitized)
+		requestData: jsonb("request_data").$type<Record<string, unknown>>(),
+		responseData: jsonb("response_data").$type<Record<string, unknown>>(),
+
+		// Business Context and Metadata
+		businessContext: jsonb("business_context").$type<{
+			department?: string;
+			project?: string;
+			feature?: string;
+			campaign?: string;
+			businessUnit?: string;
+			costCenter?: string;
+			workflowId?: string;
+			workflowStep?: string;
+			processName?: string;
+			businessImpact?: string;
+			revenueImpact?: number;
+			customerImpact?: string;
+		}>(),
+
+		// Enhanced Metadata
+		metadata: jsonb("metadata").$type<{
+			// Technical Metadata
+			version?: string;
+			environment?: "DEVELOPMENT" | "STAGING" | "PRODUCTION" | "TESTING";
+			buildVersion?: string;
+			deploymentId?: string;
+
+			// Feature Flags and Experiments
+			featureFlags?: Record<string, boolean>;
+			experiments?: Record<string, string>;
+			abTestVariant?: string;
+
+			// Business Tags and Categories
+			tags?: string[];
+			categories?: string[];
+			priority?: "LOW" | "MEDIUM" | "HIGH" | "CRITICAL";
+			severity?: "INFO" | "WARNING" | "ERROR" | "CRITICAL";
+
+			// Content and Media
+			contentType?: string;
+			fileSize?: number;
+			dimensions?: { width: number; height: number };
+			duration?: number;
+			format?: string;
+
+			// E-commerce Specific
+			orderValue?: number;
+			productCount?: number;
+			customerSegment?: string;
+			paymentMethod?: string;
+			shippingMethod?: string;
+
+			// Marketing and Analytics
+			source?: string;
+			medium?: string;
+			campaign?: string;
+			referrer?: string;
+			utmParameters?: Record<string, string>;
+
+			// Custom Fields
+			customFields?: Record<string, unknown>;
+		}>(),
+
+		// Performance Metrics
+		duration: integer("duration"), // milliseconds
+		responseTime: integer("response_time"), // milliseconds
+		processingTime: integer("processing_time"), // milliseconds
+		databaseTime: integer("database_time"), // milliseconds
+		cacheHitRate: real("cache_hit_rate"), // percentage
+		memoryUsage: integer("memory_usage"), // bytes
+		cpuUsage: real("cpu_usage"), // percentage
+
+		// Operation Success and Error Information
+		success: boolean("success").notNull().default(true),
+		errorCode: varchar("error_code", { length: 100 }),
+		errorMessage: text("error_message"),
+		errorType: varchar("error_type", { length: 50 }).$type<
+			| "VALIDATION_ERROR"
+			| "AUTHENTICATION_ERROR"
+			| "AUTHORIZATION_ERROR"
+			| "NOT_FOUND_ERROR"
+			| "CONFLICT_ERROR"
+			| "RATE_LIMIT_ERROR"
+			| "TIMEOUT_ERROR"
+			| "NETWORK_ERROR"
+			| "DATABASE_ERROR"
+			| "EXTERNAL_SERVICE_ERROR"
+			| "BUSINESS_LOGIC_ERROR"
+			| "SYSTEM_ERROR"
+			| "UNKNOWN_ERROR"
+		>(),
+		errorDetails: jsonb("error_details").$type<Record<string, unknown>>(),
+		stackTrace: text("stack_trace"),
+
+		// Recovery and Retry Information
+		retryCount: integer("retry_count").default(0),
+		recoveryAction: varchar("recovery_action", { length: 100 }),
+		fallbackUsed: boolean("fallback_used").default(false),
+
+		// Security and Compliance
+		sensitiveData: boolean("sensitive_data").notNull().default(false),
+		piiInvolved: boolean("pii_involved").notNull().default(false),
+		complianceRelevant: boolean("compliance_relevant").notNull().default(false),
+
+		dataClassification: varchar("data_classification", { length: 20 })
+			.$type<"PUBLIC" | "INTERNAL" | "CONFIDENTIAL" | "RESTRICTED">()
+			.default("INTERNAL"),
+
+		// Risk Assessment
+		riskLevel: varchar("risk_level", { length: 20 })
+			.$type<"NONE" | "LOW" | "MEDIUM" | "HIGH" | "CRITICAL">()
+			.default("LOW"),
+
+		securityImpact: varchar("security_impact", { length: 20 })
+			.$type<"NONE" | "LOW" | "MEDIUM" | "HIGH" | "CRITICAL">()
+			.default("NONE"),
+
+		privacyImpact: varchar("privacy_impact", { length: 20 })
+			.$type<"NONE" | "LOW" | "MEDIUM" | "HIGH" | "CRITICAL">()
+			.default("NONE"),
+
+		// Threat Detection
+		threatIndicators: jsonb("threat_indicators")
+			.$type<
+				Array<{
+					type: string;
+					severity: "LOW" | "MEDIUM" | "HIGH" | "CRITICAL";
+					description: string;
+					confidence: number;
+				}>
+			>()
+			.default([]),
+
+		anomalyScore: real("anomaly_score"), // 0-1 scale
+		fraudScore: real("fraud_score"), // 0-1 scale
+
+		// Compliance Framework Tracking
+		complianceFrameworks: jsonb("compliance_frameworks")
+			.$type<
+				Array<{
+					framework:
+						| "GDPR"
+						| "CCPA"
+						| "COPPA"
+						| "PCI_DSS"
+						| "SOX"
+						| "HIPAA"
+						| "ISO27001";
+					requirement: string;
+					status: "COMPLIANT" | "NON_COMPLIANT" | "PARTIAL" | "NOT_APPLICABLE";
+				}>
+			>()
+			.default([]),
+
+		// Data Lifecycle
+		retentionPeriod: integer("retention_period"), // days
+		archiveDate: timestamp("archive_date", { withTimezone: true }),
+		purgeDate: timestamp("purge_date", { withTimezone: true }),
+
+		// Workflow and Process Tracking
+		workflowId: text("workflow_id"),
+		workflowStep: varchar("workflow_step", { length: 100 }),
+		workflowStatus: varchar("workflow_status", { length: 30 }).$type<
+			| "INITIATED"
+			| "IN_PROGRESS"
+			| "COMPLETED"
+			| "FAILED"
+			| "CANCELLED"
+			| "SUSPENDED"
+		>(),
+		parentEventId: text("parent_event_id"),
+		childEventIds: jsonb("child_event_ids").$type<string[]>().default([]),
+
+		// Batch and Bulk Operations
+		batchId: text("batch_id"),
+		batchSize: integer("batch_size"),
+		batchIndex: integer("batch_index"),
+		isBulkOperation: boolean("is_bulk_operation").default(false),
+
+		// Integration and External Systems
+		externalSystemId: text("external_system_id"),
+		externalSystemName: varchar("external_system_name", { length: 100 }),
+		externalEventId: text("external_event_id"),
+		syncStatus: varchar("sync_status", { length: 20 }).$type<
+			"PENDING" | "SYNCED" | "FAILED" | "PARTIAL" | "CONFLICT"
+		>(),
+
+		// Notification and Alerting
+		alertLevel: varchar("alert_level", { length: 20 })
+			.$type<"NONE" | "INFO" | "WARNING" | "ERROR" | "CRITICAL">()
+			.default("NONE"),
+
+		notificationsSent: jsonb("notifications_sent")
+			.$type<
+				Array<{
+					type: string;
+					recipient: string;
+					channel: "EMAIL" | "SMS" | "PUSH" | "WEBHOOK" | "SLACK";
+					status: "SENT" | "FAILED" | "PENDING";
+					sentAt: string;
+				}>
+			>()
+			.default([]),
+
+		// Data Integrity and Verification
+		checksum: varchar("checksum", { length: 64 }), // SHA-256
+		signature: text("signature"), // Digital signature for critical events
+		verified: boolean("verified").default(false),
+
+		// Immutable Timestamp - Core Audit Requirement
+		timestamp: timestamp("timestamp", { withTimezone: true })
+			.defaultNow()
+			.notNull(),
+
+		// Processing Timestamps
+		processedAt: timestamp("processed_at", { withTimezone: true }),
+		indexedAt: timestamp("indexed_at", { withTimezone: true }),
+
+		// Export and Reporting
+		exportedAt: timestamp("exported_at", { withTimezone: true }),
+		reportingPeriod: varchar("reporting_period", { length: 20 }),
+
+		// System Information
+		serviceVersion: varchar("service_version", { length: 50 }),
+		nodeId: varchar("node_id", { length: 100 }),
+		instanceId: varchar("instance_id", { length: 100 }),
+	},
+	(table) => ({
+		// === PRIMARY PERFORMANCE INDEXES ===
+
+		// Core timestamp index - most important for audit queries
+		timestampIndex: index("idx_store_audit_timestamp").on(table.timestamp),
+
+		// Store-centric indexes for business queries
+		storeIdIndex: index("idx_store_audit_store_id").on(table.storeId),
+		storeTimestampIndex: index("idx_store_audit_store_timestamp").on(
+			table.storeId,
+			table.timestamp,
+		),
+
+		// Event classification indexes
+		eventTypeIndex: index("idx_store_audit_event_type").on(
+			table.eventType,
+			table.eventCategory,
+		),
+		actionIndex: index("idx_store_audit_action").on(table.action),
+
+		// Resource tracking indexes
+		resourceIndex: index("idx_store_audit_resource").on(
+			table.resource,
+			table.resourceId,
+		),
+		resourceTypeIndex: index("idx_store_audit_resource_type").on(
+			table.resourceType,
+			table.timestamp,
+		),
+
+		// Actor and user tracking
+		performedByIndex: index("idx_store_audit_performed_by").on(
+			table.performedBy,
+			table.performedByType,
+		),
+		userRoleIndex: index("idx_store_audit_user_role").on(
+			table.userRole,
+			table.timestamp,
+		),
+
+		// === SECURITY AND COMPLIANCE INDEXES ===
+
+		// Security monitoring
+		securityIndex: index("idx_store_audit_security").on(
+			table.riskLevel,
+			table.securityImpact,
+			table.timestamp,
+		),
+		threatIndex: index("idx_store_audit_threats").on(
+			table.anomalyScore,
+			table.fraudScore,
+			table.timestamp,
+		),
+
+		// Compliance tracking
+		complianceIndex: index("idx_store_audit_compliance").on(
+			table.complianceRelevant,
+			table.piiInvolved,
+			table.sensitiveData,
+		),
+		dataClassificationIndex: index("idx_store_audit_data_classification").on(
+			table.dataClassification,
+			table.timestamp,
+		),
+
+		// === OPERATIONAL INDEXES ===
+
+		// Error and success tracking
+		errorIndex: index("idx_store_audit_errors").on(
+			table.success,
+			table.errorCode,
+			table.timestamp,
+		),
+		errorTypeIndex: index("idx_store_audit_error_type").on(
+			table.errorType,
+			table.timestamp,
+		),
+
+		// Performance monitoring
+		performanceIndex: index("idx_store_audit_performance").on(
+			table.duration,
+			table.responseTime,
+			table.timestamp,
+		),
+
+		// Session and correlation tracking
+		sessionIndex: index("idx_store_audit_session").on(
+			table.sessionId,
+			table.timestamp,
+		),
+		correlationIndex: index("idx_store_audit_correlation").on(
+			table.correlationId,
+		),
+		requestIndex: index("idx_store_audit_request").on(table.requestId),
+
+		// === BUSINESS INTELLIGENCE INDEXES ===
+
+		// Client and device analytics
+		clientTypeIndex: index("idx_store_audit_client_type").on(
+			table.clientType,
+			table.timestamp,
+		),
+		userAgentIndex: index("idx_store_audit_user_agent").on(table.userAgent),
+
+		// Geographic analytics
+		locationIndex: index("idx_store_audit_location").on(
+			table.ipAddress,
+			table.timestamp,
+		),
+
+		// HTTP tracking
+		httpMethodIndex: index("idx_store_audit_http_method").on(
+			table.httpMethod,
+			table.httpStatusCode,
+		),
+
+		// === WORKFLOW AND PROCESS INDEXES ===
+
+		// Workflow tracking
+		workflowIndex: index("idx_store_audit_workflow").on(
+			table.workflowId,
+			table.workflowStep,
+			table.timestamp,
+		),
+		parentEventIndex: index("idx_store_audit_parent_event").on(
+			table.parentEventId,
+		),
+
+		// Batch operations
+		batchIndex: index("idx_store_audit_batch").on(
+			table.batchId,
+			table.batchIndex,
+		),
+		bulkOperationIndex: index("idx_store_audit_bulk").on(
+			table.isBulkOperation,
+			table.timestamp,
+		),
+
+		// === INTEGRATION INDEXES ===
+
+		// External system tracking
+		externalSystemIndex: index("idx_store_audit_external_system").on(
+			table.externalSystemId,
+			table.syncStatus,
+		),
+
+		// Notification tracking
+		alertLevelIndex: index("idx_store_audit_alert_level").on(
+			table.alertLevel,
+			table.timestamp,
+		),
+
+		// === COMPOSITE BUSINESS INDEXES ===
+
+		// Store activity analysis
+		storeActivityIndex: index("idx_store_audit_store_activity").on(
+			table.storeId,
+			table.eventType,
+			table.success,
+			table.timestamp,
+		),
+
+		// User activity patterns
+		userActivityIndex: index("idx_store_audit_user_activity").on(
+			table.performedBy,
+			table.storeId,
+			table.timestamp,
+		),
+
+		// Security events by store
+		storeSecurityIndex: index("idx_store_audit_store_security").on(
+			table.storeId,
+			table.riskLevel,
+			table.securityImpact,
+			table.timestamp,
+		),
+
+		// Resource changes by store
+		storeResourceIndex: index("idx_store_audit_store_resource").on(
+			table.storeId,
+			table.resourceType,
+			table.eventType,
+			table.timestamp,
+		),
+
+		// Error patterns by store
+		storeErrorIndex: index("idx_store_audit_store_errors").on(
+			table.storeId,
+			table.success,
+			table.errorType,
+			table.timestamp,
+		),
+
+		// === DATA LIFECYCLE INDEXES ===
+
+		// Retention and archival
+		retentionIndex: index("idx_store_audit_retention").on(
+			table.retentionPeriod,
+			table.timestamp,
+		),
+		archiveIndex: index("idx_store_audit_archive").on(table.archiveDate),
+		purgeIndex: index("idx_store_audit_purge").on(table.purgeDate),
+
+		// Data integrity
+		checksumIndex: index("idx_store_audit_checksum").on(table.checksum),
+		verificationIndex: index("idx_store_audit_verified").on(
+			table.verified,
+			table.timestamp,
+		),
+
+		// === REPORTING INDEXES ===
+
+		// Note: Time-based reporting indexes with date_trunc functions
+		// can be added manually after table creation if needed for advanced analytics
+	}),
+);
+
+// =====================================================
+// STORE AUDIT AGGREGATIONS - PERFORMANCE OPTIMIZATION
+// =====================================================
+
+/**
+ * Pre-computed Store Audit Aggregations
+ * For high-performance analytics and reporting
+ */
+export const storeAuditAggregations = pgTable(
+	"store_audit_aggregations",
+	{
+		id: text("id")
+			.primaryKey()
+			.$defaultFn(() => createId()),
+
+		// Aggregation Dimensions
+		storeId: text("store_id").notNull(),
+		aggregationType: varchar("aggregation_type", { length: 20 })
+			.notNull()
+			.$type<
+				"HOURLY" | "DAILY" | "WEEKLY" | "MONTHLY" | "QUARTERLY" | "YEARLY"
+			>(),
+
+		aggregationDate: timestamp("aggregation_date", {
+			withTimezone: true,
+		}).notNull(),
+		periodStart: timestamp("period_start", { withTimezone: true }).notNull(),
+		periodEnd: timestamp("period_end", { withTimezone: true }).notNull(),
+
+		// Dimensional Breakdowns
+		eventType: varchar("event_type", { length: 30 }),
+		eventCategory: varchar("event_category", { length: 30 }),
+		resourceType: varchar("resource_type", { length: 30 }),
+		performedByType: varchar("performed_by_type", { length: 20 }),
+		clientType: varchar("client_type", { length: 30 }),
+		userRole: varchar("user_role", { length: 50 }),
+
+		// Core Activity Metrics
+		totalEvents: integer("total_events").notNull().default(0),
+		successfulEvents: integer("successful_events").notNull().default(0),
+		failedEvents: integer("failed_events").notNull().default(0),
+		uniqueUsers: integer("unique_users").notNull().default(0),
+		uniqueResources: integer("unique_resources").notNull().default(0),
+		uniqueIPs: integer("unique_ips").notNull().default(0),
+		uniqueSessions: integer("unique_sessions").notNull().default(0),
+
+		// Performance Metrics
+		avgDuration: real("avg_duration"),
+		maxDuration: integer("max_duration"),
+		minDuration: integer("min_duration"),
+		p95Duration: integer("p95_duration"),
+		p99Duration: integer("p99_duration"),
+
+		avgResponseTime: real("avg_response_time"),
+		maxResponseTime: integer("max_response_time"),
+		p95ResponseTime: integer("p95_response_time"),
+
+		totalDataTransferred: integer("total_data_transferred"),
+		avgMemoryUsage: real("avg_memory_usage"),
+		maxMemoryUsage: integer("max_memory_usage"),
+		avgCpuUsage: real("avg_cpu_usage"),
+
+		// Security and Risk Metrics
+		securityEvents: integer("security_events").notNull().default(0),
+		highRiskEvents: integer("high_risk_events").notNull().default(0),
+		criticalEvents: integer("critical_events").notNull().default(0),
+		anomalousEvents: integer("anomalous_events").notNull().default(0),
+		fraudulentEvents: integer("fraudulent_events").notNull().default(0),
+
+		avgAnomalyScore: real("avg_anomaly_score"),
+		maxAnomalyScore: real("max_anomaly_score"),
+		avgFraudScore: real("avg_fraud_score"),
+		maxFraudScore: real("max_fraud_score"),
+
+		// Compliance Metrics
+		complianceEvents: integer("compliance_events").notNull().default(0),
+		piiEvents: integer("pii_events").notNull().default(0),
+		sensitiveDataEvents: integer("sensitive_data_events").notNull().default(0),
+		complianceViolations: integer("compliance_violations").notNull().default(0),
+
+		// Business Metrics
+		businessCriticalEvents: integer("business_critical_events")
+			.notNull()
+			.default(0),
+		revenueImpactEvents: integer("revenue_impact_events").notNull().default(0),
+		customerImpactEvents: integer("customer_impact_events")
+			.notNull()
+			.default(0),
+
+		// Error Analysis
+		errorBreakdown: jsonb("error_breakdown")
+			.$type<Record<string, number>>()
+			.default({}),
+
+		topErrors: jsonb("top_errors")
+			.$type<
+				Array<{
+					errorCode: string;
+					errorType: string;
+					count: number;
+					percentage: number;
+					firstOccurrence: string;
+					lastOccurrence: string;
+				}>
+			>()
+			.default([]),
+
+		// User Behavior Analytics
+		topUsers: jsonb("top_users")
+			.$type<
+				Array<{
+					userId: string;
+					userName?: string;
+					eventCount: number;
+					lastActivity: string;
+					riskScore: number;
+				}>
+			>()
+			.default([]),
+
+		// Resource Activity
+		topResources: jsonb("top_resources")
+			.$type<
+				Array<{
+					resourceType: string;
+					resourceId: string;
+					eventCount: number;
+					operations: Record<string, number>;
+				}>
+			>()
+			.default([]),
+
+		// Geographic Distribution
+		topCountries: jsonb("top_countries")
+			.$type<
+				Array<{
+					country: string;
+					countryCode: string;
+					count: number;
+					percentage: number;
+				}>
+			>()
+			.default([]),
+
+		topCities: jsonb("top_cities")
+			.$type<
+				Array<{
+					city: string;
+					country: string;
+					count: number;
+					percentage: number;
+				}>
+			>()
+			.default([]),
+
+		// Technology Analytics
+		deviceBreakdown: jsonb("device_breakdown")
+			.$type<{
+				desktop?: number;
+				mobile?: number;
+				tablet?: number;
+				other?: number;
+			}>()
+			.default({}),
+
+		browserBreakdown: jsonb("browser_breakdown")
+			.$type<Record<string, number>>()
+			.default({}),
+
+		osBreakdown: jsonb("os_breakdown")
+			.$type<Record<string, number>>()
+			.default({}),
+
+		// Traffic Patterns
+		hourlyDistribution: jsonb("hourly_distribution")
+			.$type<Record<string, number>>()
+			.default({}),
+
+		peakHour: integer("peak_hour"),
+		peakHourEvents: integer("peak_hour_events"),
+
+		// Growth and Trends
+		periodOverPeriodGrowth: real("period_over_period_growth"),
+		trendDirection: varchar("trend_direction", { length: 10 }).$type<
+			"UP" | "DOWN" | "STABLE" | "VOLATILE"
+		>(),
+
+		createdAt: timestamp("created_at", { withTimezone: true })
+			.defaultNow()
+			.notNull(),
+		updatedAt: timestamp("updated_at", { withTimezone: true })
+			.defaultNow()
+			.notNull(),
+	},
+	(table) => ({
+		// Primary aggregation indexes
+		storeAggregationIndex: index("idx_store_audit_agg_store").on(
+			table.storeId,
+			table.aggregationType,
+			table.aggregationDate,
+		),
+
+		aggregationDateIndex: index("idx_store_audit_agg_date").on(
+			table.aggregationDate,
+			table.aggregationType,
+		),
+
+		// Dimensional analysis indexes
+		eventTypeAggIndex: index("idx_store_audit_agg_event_type").on(
+			table.eventType,
+			table.aggregationDate,
+		),
+
+		// Performance monitoring
+		performanceAggIndex: index("idx_store_audit_agg_performance").on(
+			table.avgDuration,
+			table.p95Duration,
+			table.aggregationDate,
+		),
+
+		// Security analytics
+		securityAggIndex: index("idx_store_audit_agg_security").on(
+			table.securityEvents,
+			table.highRiskEvents,
+			table.aggregationDate,
+		),
+	}),
+);
+
+// =====================================================
+// STORE AUDIT TRAILS - BUSINESS PROCESS TRACKING
+// =====================================================
+
+/**
+ * Store-Specific Audit Trails
+ * For tracking complex business processes and workflows
+ */
+export const storeAuditTrails = pgTable(
+	"store_audit_trails",
+	{
+		id: text("id")
+			.primaryKey()
+			.$defaultFn(() => createId()),
+
+		// Store Context
+		storeId: text("store_id").notNull(),
+
+		// Trail Information
+		trailName: varchar("trail_name", { length: 100 }).notNull(),
+		trailType: varchar("trail_type", { length: 30 })
+			.notNull()
+			.$type<
+				| "STORE_SETUP"
+				| "PRODUCT_LIFECYCLE"
+				| "ORDER_PROCESSING"
+				| "CUSTOMER_JOURNEY"
+				| "CONTENT_CREATION"
+				| "PAYMENT_PROCESSING"
+				| "INVENTORY_MANAGEMENT"
+				| "MARKETING_CAMPAIGN"
+				| "COMPLIANCE_AUDIT"
+				| "SECURITY_INVESTIGATION"
+				| "DATA_MIGRATION"
+				| "INTEGRATION_SETUP"
+				| "BUSINESS_WORKFLOW"
+				| "SYSTEM_MAINTENANCE"
+			>(),
+
+		trailDescription: text("trail_description"),
+
+		// Subject/Target Information
+		subjectType: varchar("subject_type", { length: 30 }).$type<
+			| "STORE"
+			| "USER"
+			| "PRODUCT"
+			| "ORDER"
+			| "CUSTOMER"
+			| "CAMPAIGN"
+			| "INTEGRATION"
+			| "PROCESS"
+		>(),
+
+		subjectId: text("subject_id").notNull(),
+		subjectName: varchar("subject_name", { length: 255 }),
+
+		// Trail Status and Lifecycle
+		status: varchar("status", { length: 20 })
+			.notNull()
+			.default("ACTIVE")
+			.$type<
+				| "PENDING"
+				| "ACTIVE"
+				| "COMPLETED"
+				| "FAILED"
+				| "SUSPENDED"
+				| "CANCELLED"
+				| "ARCHIVED"
+			>(),
+
+		// Timeline
+		startedAt: timestamp("started_at", { withTimezone: true }).notNull(),
+		completedAt: timestamp("completed_at", { withTimezone: true }),
+		estimatedCompletionAt: timestamp("estimated_completion_at", {
+			withTimezone: true,
+		}),
+
+		// Ownership and Responsibility
+		ownerId: text("owner_id"),
+		ownerName: varchar("owner_name", { length: 255 }),
+		ownerType: varchar("owner_type", { length: 20 }).$type<
+			"USER" | "SYSTEM" | "INTEGRATION" | "AUTOMATION"
+		>(),
+
+		assignedTo: text("assigned_to"),
+		department: varchar("department", { length: 100 }),
+
+		// Configuration and Settings
+		configuration: jsonb("configuration").$type<Record<string, unknown>>(),
+
+		// Purpose and Business Context
+		purpose: varchar("purpose", { length: 200 }),
+		businessJustification: text("business_justification"),
+		expectedOutcome: text("expected_outcome"),
+		actualOutcome: text("actual_outcome"),
+
+		// Compliance and Governance
+		complianceRequirements: jsonb("compliance_requirements")
+			.$type<
+				Array<{
+					framework: string;
+					requirement: string;
+					status: "MET" | "NOT_MET" | "PARTIAL" | "PENDING";
+				}>
+			>()
+			.default([]),
+
+		approvalRequired: boolean("approval_required").default(false),
+		approvedBy: text("approved_by"),
+		approvedAt: timestamp("approved_at", { withTimezone: true }),
+
+		// Risk Assessment
+		riskLevel: varchar("risk_level", { length: 20 })
+			.$type<"LOW" | "MEDIUM" | "HIGH" | "CRITICAL">()
+			.default("LOW"),
+
+		riskFactors: jsonb("risk_factors")
+			.$type<
+				Array<{
+					factor: string;
+					impact: "LOW" | "MEDIUM" | "HIGH";
+					likelihood: "LOW" | "MEDIUM" | "HIGH";
+					mitigation: string;
+				}>
+			>()
+			.default([]),
+
+		// Metrics and KPIs
+		kpis: jsonb("kpis")
+			.$type<
+				Record<
+					string,
+					{
+						target: number;
+						actual?: number;
+						unit: string;
+						status: "ON_TRACK" | "AT_RISK" | "BEHIND" | "EXCEEDED";
+					}
+				>
+			>()
+			.default({}),
+
+		// Progress Tracking
+		progress: integer("progress").default(0), // 0-100 percentage
+		milestones: jsonb("milestones")
+			.$type<
+				Array<{
+					name: string;
+					description: string;
+					targetDate: string;
+					completedAt?: string;
+					status: "PENDING" | "IN_PROGRESS" | "COMPLETED" | "SKIPPED";
+				}>
+			>()
+			.default([]),
+
+		// Event Statistics
+		totalEvents: integer("total_events").notNull().default(0),
+		successfulEvents: integer("successful_events").notNull().default(0),
+		failedEvents: integer("failed_events").notNull().default(0),
+
+		// Activity Tracking
+		lastActivityAt: timestamp("last_activity_at", { withTimezone: true }),
+		lastEventId: text("last_event_id"),
+
+		// Alerting and Monitoring
+		alertingEnabled: boolean("alerting_enabled").notNull().default(true),
+		alertThresholds: jsonb("alert_thresholds")
+			.$type<{
+				errorRate?: number;
+				duration?: number;
+				inactivity?: number;
+			}>()
+			.default({}),
+
+		// Data Retention
+		retentionPeriod: integer("retention_period").default(2555), // days
+
+		// Integration and External Systems
+		externalTrailId: text("external_trail_id"),
+		externalSystemName: varchar("external_system_name", { length: 100 }),
+
+		// Audit Information
+		createdAt: timestamp("created_at", { withTimezone: true })
+			.defaultNow()
+			.notNull(),
+		updatedAt: timestamp("updated_at", { withTimezone: true })
+			.defaultNow()
+			.notNull(),
+		createdBy: text("created_by"),
+		lastModifiedBy: text("last_modified_by"),
+	},
+	(table) => ({
+		// Primary business indexes
+		storeTrailsIndex: index("idx_store_audit_trails_store").on(
+			table.storeId,
+			table.status,
+		),
+
+		trailTypeIndex: index("idx_store_audit_trails_type").on(
+			table.trailType,
+			table.status,
+		),
+
+		subjectIndex: index("idx_store_audit_trails_subject").on(
+			table.subjectType,
+			table.subjectId,
+		),
+
+		// Status and timeline tracking
+		statusIndex: index("idx_store_audit_trails_status").on(
+			table.status,
+			table.startedAt,
+		),
+
+		timelineIndex: index("idx_store_audit_trails_timeline").on(
+			table.startedAt,
+			table.completedAt,
+		),
+
+		// Ownership and responsibility
+		ownerIndex: index("idx_store_audit_trails_owner").on(
+			table.ownerId,
+			table.status,
+		),
+
+		// Activity monitoring
+		activityIndex: index("idx_store_audit_trails_activity").on(
+			table.lastActivityAt,
+			table.status,
+		),
+
+		// Risk and compliance
+		riskIndex: index("idx_store_audit_trails_risk").on(
+			table.riskLevel,
+			table.storeId,
+		),
+	}),
+);
+
+// =====================================================
+// STORE AUDIT RELATIONSHIPS
+// =====================================================
+
+/**
+ * Define relationships between audit tables and core store entities
+ */
+export const storeAuditRelations = relations(
+	storeAuditLogs,
+	({ one, many }) => ({
+		// Link to trails (when workflowId is present)
+		trail: one(storeAuditTrails, {
+			fields: [storeAuditLogs.workflowId],
+			references: [storeAuditTrails.id],
+		}),
+
+		// Parent-child event relationships
+		parentEvent: one(storeAuditLogs, {
+			fields: [storeAuditLogs.parentEventId],
+			references: [storeAuditLogs.id],
+			relationName: "childEvents",
+		}),
+
+		childEvents: many(storeAuditLogs, {
+			relationName: "childEvents",
+		}),
+	}),
+);
+
+// Note: Aggregation and Trail tables are independent analytics/workflow tables
+// They don't have direct foreign key relations to the main audit logs
+// Relations can be established at query time using storeId and timestamps
+
+// =====================================================
+// TYPE EXPORTS
+// =====================================================
+
+// Table Types
+export type StoreAuditLog = typeof storeAuditLogs.$inferSelect;
+export type NewStoreAuditLog = typeof storeAuditLogs.$inferInsert;
+
+export type StoreAuditAggregation = typeof storeAuditAggregations.$inferSelect;
+export type NewStoreAuditAggregation =
+	typeof storeAuditAggregations.$inferInsert;
+
+export type StoreAuditTrail = typeof storeAuditTrails.$inferSelect;
+export type NewStoreAuditTrail = typeof storeAuditTrails.$inferInsert;
+
+// Utility Types for Business Logic
+export type StoreAuditEventType = StoreAuditLog["eventType"];
+export type StoreAuditEventCategory = StoreAuditLog["eventCategory"];
+export type StoreAuditResourceType = StoreAuditLog["resourceType"];
+export type StoreAuditRiskLevel = StoreAuditLog["riskLevel"];
+export type StoreAuditUserRole = StoreAuditLog["userRole"];
+export type StoreAuditClientType = StoreAuditLog["clientType"];
+
+// Complex Type Helpers
+export type StoreAuditChanges = NonNullable<StoreAuditLog["changes"]>;
+export type StoreAuditMetadata = NonNullable<StoreAuditLog["metadata"]>;
+export type StoreAuditLocation = NonNullable<StoreAuditLog["location"]>;
+export type StoreAuditDeviceInfo = NonNullable<StoreAuditLog["deviceInfo"]>;
+export type StoreAuditBusinessContext = NonNullable<
+	StoreAuditLog["businessContext"]
+>;
+
+// =====================================================
+// SCHEMA VALIDATION AND BUSINESS RULES
+// =====================================================
+
+/**
+ * Business rules and constraints for store audit logging
+ */
+export const STORE_AUDIT_BUSINESS_RULES = {
+	// Retention periods by event type (in days)
+	RETENTION_PERIODS: {
+		SECURITY_EVENT: 2555, // 7 years
+		COMPLIANCE_ACTION: 2555,
+		DELETE: 2555,
+		FINANCIAL: 2555,
+		STANDARD: 1095, // 3 years
+		SYSTEM_ACTION: 365, // 1 year
+	},
+
+	// Risk level escalation rules
+	RISK_ESCALATION: {
+		CRITICAL: {
+			immediateFlush: true,
+			alertRequired: true,
+			approvalRequired: true,
+		},
+		HIGH: {
+			immediateFlush: true,
+			alertRequired: true,
+		},
+		MEDIUM: {
+			batchFlush: true,
+		},
+		LOW: {
+			batchFlush: true,
+		},
+	},
+
+	// Compliance framework mappings
+	COMPLIANCE_MAPPINGS: {
+		PII_ACCESS: ["GDPR", "CCPA"],
+		FINANCIAL_DATA: ["PCI_DSS", "SOX"],
+		HEALTH_DATA: ["HIPAA"],
+		ALL_DATA: ["ISO27001"],
+	},
+} as const;