Review audit log configuration and ensure that all audit log types are being generated and replicated to configured sinks
Management / Auditlog / Controls / DEV
Enable And Validate All Audit Log Types
CCC.AuditLog.CN02 · Observability
Related Capabilities
| ID | Title | Description |
|---|---|---|
| CCC.Core.CP11 | Backup | The service can generate copies of its data or configurations in the form of automated backups, snapshot-based backups, or incremental backups. |
| CCC.Core.CP18 | Resource Versioning | The service automatically assigns versions to child resources which can be used to preserve, retrieve, and restore past iterations. |
Related Threats
| ID | Title | Description |
|---|---|---|
| CCC.Core.TH06 | Data is Lost or Corrupted | Services that rely on accurate data are susceptible to disruption in the event of data loss or corruption. Any actions that lead to the unintended deletion, alteration, or limited access to data can impact the availability of the service and the system it is part of. |
Assessment Requirements
| ID | Text | Applicability |
|---|---|---|
| CCC.AuditLog.CN02.AR01 | When a manual action is performed to generate each audit log type, then the corresponding audit log type MUST be generated and recorded. | tlp-red, tlp-amber |