gravitational · Joerger · Feb 9, 2024 · Jan 24, 2024
diff --git a/lib/usagereporter/teleport/audit.go b/lib/usagereporter/teleport/audit.go
@@ -234,6 +234,13 @@ func ConvertAuditEvent(event apievents.AuditEvent) Anonymizable {
 			Days:      e.Days,
 			IsSuccess: e.Status.Success,
 		}
+	case *apievents.ValidateMFAAuthResponse:
+		return &MFAAuthenticationEvent{
+			UserName:          e.User,
+			DeviceId:          e.MFADevice.DeviceID,
+			DeviceType:        e.MFADevice.DeviceType,
+			MfaChallengeScope: e.ChallengeScope,
+		}
 	}
 
 	return nil

diff --git a/lib/usagereporter/teleport/types.go b/lib/usagereporter/teleport/types.go
@@ -1013,6 +1013,23 @@ func (e *DiscoveryFetchEvent) Anonymize(a utils.Anonymizer) prehogv1a.SubmitEven
 	}
 }
 
+// MFAAuthenticationEvent is emitted when a user performs MFA authentication.
+type MFAAuthenticationEvent prehogv1a.MFAAuthenticationEvent
+
+// Anonymize anonymizes the event.
+func (e *MFAAuthenticationEvent) Anonymize(a utils.Anonymizer) prehogv1a.SubmitEventRequest {
+	return prehogv1a.SubmitEventRequest{
+		Event: &prehogv1a.SubmitEventRequest_MfaAuthenticationEvent{
+			MfaAuthenticationEvent: &prehogv1a.MFAAuthenticationEvent{
+				UserName:          a.AnonymizeString(e.UserName),
+				DeviceId:          a.AnonymizeString(e.DeviceId),
+				DeviceType:        e.DeviceType,
+				MfaChallengeScope: e.MfaChallengeScope,
+			},
+		},
+	}
+}
+
 // ConvertUsageEvent converts a usage event from an API object into an
 // anonymizable event. All events that can be submitted externally via the Auth
 // API need to be defined here.