GRC Store

Search / finos-ccc/ccc.auditlog.cp / v2026.06-rc4

Release · v2026.06-rc4

FINOS-CCC/CCC.AuditLog.CP Capability Catalog

FINOS-CCC/CCC.AuditLog.CP

Capabilities for Audit Logging technologies, as defined by the FINOS Common Cloud Controls project.

Published by FINOS Common Cloud Controls

Install

OCI v1.1
$grcli unpack --repository finos-ccc/ccc.auditlog.cp --tag v2026.06-rc4
Coordinate
oci.grc.store/finos-ccc/ccc.auditlog.cp:v2026.06-rc4
Manifest digest
sha256:d8d16293cec52204b330b09d0ddd004cf60c62f1781e5fd204c474fe096d2b1b

Provenance

1 layer
Digest Media type Size
e43298efd4fd… application/vnd.gemara.artifact.v1+yaml 3.3 KiB
Bundle config blob 
{
  "bundle-version": "1.0",
  "gemara-version": "v1.2.0",
  "metadata": {
    "provenance": {
      "buildDefinition": {
        "buildType": "https://grc.store/grcli/buildtype/v0",
        "externalParameters": {
          "artifact": {
            "id": "CCC.AuditLog.CP",
            "type": "CapabilityCatalog"
          },
          "target": {
            "registry": "oci.grc.store",
            "repository": "finos-ccc/ccc.auditlog.cp",
            "tag": "v2026.06-rc4"
          }
        },
        "internalParameters": {
          "CI": "true",
          "GITHUB_ACTIONS": "true",
          "GITHUB_ACTOR": "eddie-knight",
          "GITHUB_REF": "refs/heads/main",
          "GITHUB_REPOSITORY": "eddie-knight/common-cloud-controls",
          "GITHUB_RUN_ATTEMPT": "1",
          "GITHUB_RUN_ID": "26770748733",
          "GITHUB_SHA": "2b6dab4c1307a0ac67d90c99829f6c1825154c84",
          "GITHUB_WORKFLOW": "Batch Release All Catalogs",
          "RUNNER_OS": "Linux"
        },
        "resolvedDependencies": [
          {
            "name": "artifacts/management/auditlog/capabilities.yaml",
            "uri": "file://artifacts/management/auditlog/capabilities.yaml",
            "digest": {
              "sha256": "e43298efd4fddbaa6c1a979709320a5ffad9e3ae6f4ea67d3c8b0f888773a5b1"
            }
          },
          {
            "name": "source",
            "uri": "git+https://github.com/eddie-knight/common-cloud-controls@2b6dab4c1307a0ac67d90c99829f6c1825154c84",
            "digest": {
              "gitCommit": "2b6dab4c1307a0ac67d90c99829f6c1825154c84"
            }
          }
        ]
      },
      "runDetails": {
        "builder": {
          "id": "https://github.com/eddie-knight/common-cloud-controls/actions/runs/26770748733",
          "version": {
            "go": "go1.25.0",
            "go-arch": "amd64",
            "go-os": "linux",
            "grcli": "v0.2.2"
          }
        },
        "metadata": {
          "invocationId": "26770748733-1",
          "startedOn": "2026-06-01T17:29:32.225549301Z",
          "finishedOn": "2026-06-01T17:29:32.448818398Z"
        },
        "byproducts": [
          {
            "name": "capabilities.yaml",
            "digest": {
              "sha256": "e43298efd4fddbaa6c1a979709320a5ffad9e3ae6f4ea67d3c8b0f888773a5b1"
            }
          }
        ]
      }
    }
  },
  "artifacts": [
    {
      "name": "capabilities.yaml",
      "type": "CapabilityCatalog",
      "id": "CCC.AuditLog.CP",
      "role": "artifact"
    }
  ]
}

CCC Audit Logging Capabilities

Capabilities for Audit Logging technologies, as defined by the FINOS Common Cloud Controls project.

ID
CCC.AuditLog.CP
Version
v2026.06-rc4
Gemara version
v1.2.0
Author
FINOS Common Cloud Controls

Observability

The Observability group covers entries related to logging, monitoring, metrics, alerting, and event publication. This includes audit trail integrity, enumeration detection, and protection against tampering or unauthorized access to operational telemetry.

  1. CCC.AuditLog.CP01 Default Retention Period

    Cloud providers support a default minimum retention of audit log data.

  2. CCC.AuditLog.CP02 Export

    Support for manual "one off" exporting or downloading of raw log events.

  3. CCC.AuditLog.CP03 Sink

    Ability to continually stream audit log data to a hosted storage bucket or data lake solution.

  4. CCC.AuditLog.CP04 Event Types

    Audit events are generated with different data types to provide specific fields for the system which generated the event, such as Management Event, Data Event and Policy Event.

  5. CCC.AuditLog.CP05 Time Search

    Ability to search for audit events across a specific time range.

  6. CCC.AuditLog.CP06 Filtering

    Ability to filter audit events based on specific attribute.

  7. CCC.AuditLog.CP07 Immutable Log Entries

    Audit Log events are immutable and cannot be altered or deleted once generated.

  8. CCC.AuditLog.CP08 External Sink

    Audit log events can be configured to be sent to a external SIEM or data analysis provider outside of the cloud platform.