generated from coulomb/repo-seed
Complete WP-0006 through WP-0009: registry expansion, catalog, graph, tests
Some checks failed
ci / validate-registry (push) Has been cancelled
Some checks failed
ci / validate-registry (push) Has been cancelled
Register six new capabilities (12 total), add searchable catalog UI and graph explorer, introduce pytest suite with CI fail-on-warnings, and close gap analysis priorities 13 and 16. WP-0010 remains backlog for network federation.
This commit is contained in:
80
registry/capabilities/capability.audit.event-retain.md
Normal file
80
registry/capabilities/capability.audit.event-retain.md
Normal file
@@ -0,0 +1,80 @@
|
||||
---
|
||||
id: capability.audit.event-retain
|
||||
name: Audit Event Retention
|
||||
summary: Collect, normalize, retain, and search audit events with integrity evidence across tenants.
|
||||
owner: audit-core
|
||||
status: draft
|
||||
domain: helix_forge
|
||||
tags: [audit, retention, compliance]
|
||||
|
||||
maturity:
|
||||
discovery:
|
||||
current: D4
|
||||
target: D6
|
||||
confidence: medium
|
||||
rationale: audit-core INTENT defines full audit fabric scope and integration boundaries.
|
||||
availability:
|
||||
current: A2
|
||||
target: A5
|
||||
confidence: low
|
||||
rationale: Core modules exist; deployable service packaging in progress.
|
||||
|
||||
external_evidence:
|
||||
completeness:
|
||||
level: C2
|
||||
name: Partial
|
||||
confidence: low
|
||||
basis: scope_vs_intent_and_consumer_expectations
|
||||
satisfied_expectations:
|
||||
- retention and integrity goals documented
|
||||
broken_expectations:
|
||||
- federation with all platform runtimes not proven in registry
|
||||
out_of_scope_expectations:
|
||||
- application business audit semantics ownership
|
||||
reliability:
|
||||
level: R1
|
||||
confidence: low
|
||||
basis: consumer_quality_signals
|
||||
known_reliability_risks:
|
||||
- multi-tenant isolation not evidenced here
|
||||
|
||||
discovery:
|
||||
intent: >
|
||||
Provide independent audit fabric for collecting, retaining, searching, and
|
||||
proving integrity of audit events.
|
||||
includes:
|
||||
- audit ingestion
|
||||
- retention policy
|
||||
- search and export
|
||||
- tamper evidence
|
||||
excludes:
|
||||
- generating domain business events
|
||||
use_cases: []
|
||||
|
||||
availability:
|
||||
current_level: A2
|
||||
target_level: A5
|
||||
current_artifacts:
|
||||
- audit-core/
|
||||
consumption_modes:
|
||||
- source module
|
||||
|
||||
relations:
|
||||
depends_on: []
|
||||
related_to:
|
||||
- capability.activity.event-coordinate
|
||||
- capability.statehub.progress-log
|
||||
|
||||
consumer_guidance:
|
||||
recommended_for:
|
||||
- planning audit retention independent of a single product
|
||||
not_recommended_for:
|
||||
- replacing application-level logging only
|
||||
known_limitations:
|
||||
- consumer evidence not yet collected in registry
|
||||
---
|
||||
|
||||
# Audit Event Retention
|
||||
|
||||
Audit Core provides the retention and integrity layer for audit events across
|
||||
the platform.
|
||||
Reference in New Issue
Block a user