Audit Log
Track and review all CCO operations for compliance and security auditing.
Overview
CCO maintains a comprehensive audit trail of all operations including tasks executed, files modified, commands run, and system events. Audit logs are stored locally and can be exported for external analysis.
cco audit list
List audit log entries with optional filtering.
Parameters
| Parameter | Type | Description |
|---|---|---|
--since |
optional | Show entries since timestamp (ISO 8601 or relative) |
--until |
optional | Show entries until timestamp |
--operation |
optional | Filter by operation type (task, query, config) |
--repo |
optional | Filter by repository path |
--user |
optional | Filter by user who initiated |
--json |
optional | Output as JSON |
--limit |
default: 50 | Maximum number of entries to return |
Examples
bash
# List recent audit entries cco audit list # Last hour of entries cco audit list --since "1 hour ago" # Task operations only cco audit list --operation task # JSON output cco audit list --json --limit 100
cco audit export
Export audit logs to a file for external analysis or compliance reporting.
Parameters
| Parameter | Type | Description |
|---|---|---|
--output |
required | Output file path |
--format |
default: json | Export format: json, csv, or syslog |
--since |
optional | Export entries since timestamp |
--until |
optional | Export entries until timestamp |
Examples
bash
# Export to JSON cco audit export --output audit-2024.json # Export as CSV cco audit export --output audit-2024.csv --format csv # Export last 7 days cco audit export --output weekly-audit.json --since "7 days ago"
cco audit trace
Get detailed trace for a specific operation.
Parameters
| Parameter | Type | Description |
|---|---|---|
--id |
required | Audit entry ID to trace |
--json |
optional | Output as JSON |
Examples
bash
# Trace specific operation cco audit trace --id audit_20240115_143022 # JSON output cco audit trace --id audit_20240115_143022 --json