-- Immutable audit trail of privileged actions (config changes, logins,
-- threshold edits) for compliance and forensics.
CREATE TABLE IF NOT EXISTS `audit_logs` (
    `id`         BIGINT UNSIGNED NOT NULL AUTO_INCREMENT,
    `user_id`    BIGINT UNSIGNED NULL,
    `action`     VARCHAR(100)    NOT NULL,
    `entity`     VARCHAR(60)     NULL,
    `entity_id`  VARCHAR(60)     NULL,
    `ip`         VARCHAR(45)     NULL,
    `meta`       JSON            NULL,
    `created_at` DATETIME        NOT NULL DEFAULT CURRENT_TIMESTAMP,
    PRIMARY KEY (`id`),
    KEY `idx_audit_user` (`user_id`),
    KEY `idx_audit_action` (`action`),
    KEY `idx_audit_created` (`created_at`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
