GRC Store

Search / finos-ccc/ccc.auditlog.cp / v2026.06-rc3

Release · v2026.06-rc3

FINOS-CCC/CCC.AuditLog.CP Capability Catalog

FINOS-CCC/CCC.AuditLog.CP

Capabilities for Audit Logging technologies, as defined by the FINOS Common Cloud Controls project.

Published by FINOS Common Cloud Controls

Install

OCI v1.1
$grcli unpack --repository finos-ccc/ccc.auditlog.cp --tag v2026.06-rc3
Coordinate
oci.grc.store/finos-ccc/ccc.auditlog.cp:v2026.06-rc3
Manifest digest
sha256:b171e7b27a691e6e96205972e96fc9b846a0a51b0060a5398a6413959f5c651d

Provenance

1 layer
Digest Media type Size
b9344fd491ef… application/vnd.gemara.artifact.v1+yaml 3.3 KiB
Bundle config blob 
{
  "bundle-version": "1.0",
  "gemara-version": "v1.2.0",
  "metadata": {
    "provenance": {
      "buildDefinition": {
        "buildType": "https://grc.store/grcli/buildtype/v0",
        "externalParameters": {
          "artifact": {
            "id": "CCC.AuditLog.CP",
            "type": "CapabilityCatalog"
          },
          "target": {
            "registry": "oci.grc.store",
            "repository": "finos-ccc/ccc.auditlog.cp",
            "tag": "v2026.06-rc3"
          }
        },
        "internalParameters": {
          "CI": "true",
          "GITHUB_ACTIONS": "true",
          "GITHUB_ACTOR": "eddie-knight",
          "GITHUB_REF": "refs/heads/main",
          "GITHUB_REPOSITORY": "eddie-knight/common-cloud-controls",
          "GITHUB_RUN_ATTEMPT": "2",
          "GITHUB_RUN_ID": "26768391088",
          "GITHUB_SHA": "24594e28430c12318cacffe7fdda6a3ea272d975",
          "GITHUB_WORKFLOW": "Batch Release All Catalogs",
          "RUNNER_OS": "Linux"
        },
        "resolvedDependencies": [
          {
            "name": "artifacts/management/auditlog/capabilities.yaml",
            "uri": "file://artifacts/management/auditlog/capabilities.yaml",
            "digest": {
              "sha256": "b9344fd491ef84b73fa8a428af65c40e5f79968ae2d824e5e714462744709e1b"
            }
          },
          {
            "name": "source",
            "uri": "git+https://github.com/eddie-knight/common-cloud-controls@24594e28430c12318cacffe7fdda6a3ea272d975",
            "digest": {
              "gitCommit": "24594e28430c12318cacffe7fdda6a3ea272d975"
            }
          }
        ]
      },
      "runDetails": {
        "builder": {
          "id": "https://github.com/eddie-knight/common-cloud-controls/actions/runs/26768391088",
          "version": {
            "go": "go1.25.0",
            "go-arch": "amd64",
            "go-os": "linux",
            "grcli": "v0.2.2"
          }
        },
        "metadata": {
          "invocationId": "26768391088-2",
          "startedOn": "2026-06-01T16:44:49.999538644Z",
          "finishedOn": "2026-06-01T16:44:50.099716136Z"
        },
        "byproducts": [
          {
            "name": "capabilities.yaml",
            "digest": {
              "sha256": "b9344fd491ef84b73fa8a428af65c40e5f79968ae2d824e5e714462744709e1b"
            }
          }
        ]
      }
    }
  },
  "artifacts": [
    {
      "name": "capabilities.yaml",
      "type": "CapabilityCatalog",
      "id": "CCC.AuditLog.CP",
      "role": "artifact"
    }
  ]
}

CCC Audit Logging Capabilities

Capabilities for Audit Logging technologies, as defined by the FINOS Common Cloud Controls project.

ID
CCC.AuditLog.CP
Version
v2026.06-rc3
Gemara version
v1.2.0
Author
FINOS Common Cloud Controls

Observability

The Observability group covers entries related to logging, monitoring, metrics, alerting, and event publication. This includes audit trail integrity, enumeration detection, and protection against tampering or unauthorized access to operational telemetry.

  1. CCC.AuditLog.CP01 Default Retention Period

    Cloud providers support a default minimum retention of audit log data.

  2. CCC.AuditLog.CP02 Export

    Support for manual "one off" exporting or downloading of raw log events.

  3. CCC.AuditLog.CP03 Sink

    Ability to continually stream audit log data to a hosted storage bucket or data lake solution.

  4. CCC.AuditLog.CP04 Event Types

    Audit events are generated with different data types to provide specific fields for the system which generated the event, such as Management Event, Data Event and Policy Event.

  5. CCC.AuditLog.CP05 Time Search

    Ability to search for audit events across a specific time range.

  6. CCC.AuditLog.CP06 Filtering

    Ability to filter audit events based on specific attribute.

  7. CCC.AuditLog.CP07 Immutable Log Entries

    Audit Log events are immutable and cannot be altered or deleted once generated.

  8. CCC.AuditLog.CP08 External Sink

    Audit log events can be configured to be sent to a external SIEM or data analysis provider outside of the cloud platform.