🔒 title: Audit vs Diagnostic Logs description: Understand the difference between compliance audit records and troubleshooting diagnostics.
👁️ Audit vs Diagnostic Logs
Control Core intentionally separates audit and diagnostic data so each can be governed correctly.
🔒 Audit Logs (Compliance Record)
Audit logs answer who did what, when, and with what outcome.
- Immutable event history for user/admin/system actions
- Used for compliance controls, investigations, and evidence
- Includes policy change traceability (version and commit context when available)
📌 Diagnostic Logs (Behavior Trace)
Diagnostic logs answer how the system behaved during a request/incident.
- High-fidelity operational and policy-evaluation context
- Used for debugging, performance tuning, and PBAC root-cause analysis
- Shared as secure packages or via approved external connectors (for example, Grafana/Splunk)
📌 Data Handling Expectations
- Treat audit logs as long-lived compliance evidence.
- Treat diagnostics as scoped troubleshooting artifacts with bounded retention.
- Apply redaction/masking policies consistently before sharing with support.