Gitlab hero border pattern left svg Gitlab hero border pattern right svg

SYS.1.06 - Log Reconciliation: CMDB Control Guidance

SYS.1.06 - Log Reconciliation: CMDB

Control Statement

GitLab reconciles the established device inventory against the enterprise log repository quarterly; devices which do not forward log data are remediated.


This control is a partner control to CON.1.04 (Configuration Check Reconciliation: CMDB). The purpose of this control is to validate that all devices in the device inventory have corresponding logs. This control is simply a validation of both logging configurations and the GitLab device inventory.


This control applies to all production and enduser endpoints. A production endpoint is one used to host and its subdomains. An enduser endpoint refers to team member laptops.



Security configurations for endpoints can be collected using, for example, endpoint management tools such as Fleetsmith.

Additional control information and project tracking

Non-public information relating to this security control as well as links to the work associated with various phases of project work can be found in the control issue.

Examples of evidence an auditor might request to satisfy this control:

Policy Reference

Framework Mapping