GRC Store

Search / finos-ccc/ccc.auditlog.cp / v2026.06-rc5

Release · v2026.06-rc5

FINOS-CCC/CCC.AuditLog.CP Capability Catalog

FINOS-CCC/CCC.AuditLog.CP

Capabilities for Audit Logging technologies, as defined by the FINOS Common Cloud Controls project.

Published by FINOS Common Cloud Controls

Install

OCI v1.1
$grcli unpack --repository finos-ccc/ccc.auditlog.cp --tag v2026.06-rc5
Coordinate
oci.grc.store/finos-ccc/ccc.auditlog.cp:v2026.06-rc5
Manifest digest
sha256:1815dbcf85a65b3330c4e05750c6519a96fa68deaf0811a2199d25dd12da1c4e

Provenance

1 layer
Digest Media type Size
4f9c1e0ce91d… application/vnd.gemara.artifact.v1+yaml 3.3 KiB
Bundle config blob 
{
  "bundle-version": "1.0",
  "gemara-version": "v1.2.0",
  "metadata": {
    "provenance": {
      "buildDefinition": {
        "buildType": "https://grc.store/grcli/buildtype/v0",
        "externalParameters": {
          "artifact": {
            "id": "CCC.AuditLog.CP",
            "type": "CapabilityCatalog"
          },
          "target": {
            "registry": "oci.grc.store",
            "repository": "finos-ccc/ccc.auditlog.cp",
            "tag": "v2026.06-rc5"
          }
        },
        "internalParameters": {
          "CI": "true",
          "GITHUB_ACTIONS": "true",
          "GITHUB_ACTOR": "eddie-knight",
          "GITHUB_REF": "refs/heads/main",
          "GITHUB_REPOSITORY": "eddie-knight/common-cloud-controls",
          "GITHUB_RUN_ATTEMPT": "1",
          "GITHUB_RUN_ID": "26771723499",
          "GITHUB_SHA": "a9503345caf59a144d8ab9b4bede212b393ca56a",
          "GITHUB_WORKFLOW": "Batch Release All Catalogs",
          "RUNNER_OS": "Linux"
        },
        "resolvedDependencies": [
          {
            "name": "artifacts/management/auditlog/capabilities.yaml",
            "uri": "file://artifacts/management/auditlog/capabilities.yaml",
            "digest": {
              "sha256": "4f9c1e0ce91df9160c5244f1f2c9ebeb0be2df1e69a73483368608a3832fec99"
            }
          },
          {
            "name": "source",
            "uri": "git+https://github.com/eddie-knight/common-cloud-controls@a9503345caf59a144d8ab9b4bede212b393ca56a",
            "digest": {
              "gitCommit": "a9503345caf59a144d8ab9b4bede212b393ca56a"
            }
          }
        ]
      },
      "runDetails": {
        "builder": {
          "id": "https://github.com/eddie-knight/common-cloud-controls/actions/runs/26771723499",
          "version": {
            "go": "go1.25.0",
            "go-arch": "amd64",
            "go-os": "linux",
            "grcli": "v0.2.2"
          }
        },
        "metadata": {
          "invocationId": "26771723499-1",
          "startedOn": "2026-06-01T17:48:06.434430505Z",
          "finishedOn": "2026-06-01T17:48:06.552119598Z"
        },
        "byproducts": [
          {
            "name": "capabilities.yaml",
            "digest": {
              "sha256": "4f9c1e0ce91df9160c5244f1f2c9ebeb0be2df1e69a73483368608a3832fec99"
            }
          }
        ]
      }
    }
  },
  "artifacts": [
    {
      "name": "capabilities.yaml",
      "type": "CapabilityCatalog",
      "id": "CCC.AuditLog.CP",
      "role": "artifact"
    }
  ]
}

CCC Audit Logging Capabilities

Capabilities for Audit Logging technologies, as defined by the FINOS Common Cloud Controls project.

ID
CCC.AuditLog.CP
Version
v2026.06-rc5
Gemara version
v1.2.0
Author
FINOS Common Cloud Controls

Observability

The Observability group covers entries related to logging, monitoring, metrics, alerting, and event publication. This includes audit trail integrity, enumeration detection, and protection against tampering or unauthorized access to operational telemetry.

  1. CCC.AuditLog.CP01 Default Retention Period

    Cloud providers support a default minimum retention of audit log data.

  2. CCC.AuditLog.CP02 Export

    Support for manual "one off" exporting or downloading of raw log events.

  3. CCC.AuditLog.CP03 Sink

    Ability to continually stream audit log data to a hosted storage bucket or data lake solution.

  4. CCC.AuditLog.CP04 Event Types

    Audit events are generated with different data types to provide specific fields for the system which generated the event, such as Management Event, Data Event and Policy Event.

  5. CCC.AuditLog.CP05 Time Search

    Ability to search for audit events across a specific time range.

  6. CCC.AuditLog.CP06 Filtering

    Ability to filter audit events based on specific attribute.

  7. CCC.AuditLog.CP07 Immutable Log Entries

    Audit Log events are immutable and cannot be altered or deleted once generated.

  8. CCC.AuditLog.CP08 External Sink

    Audit log events can be configured to be sent to a external SIEM or data analysis provider outside of the cloud platform.