ASD – Reports and Reporting Packages
| Report Name | Report ID | Control Support | Data Source | Log Sources |
|---|---|---|---|---|
| CCF: Access Failure Summary | 2089 | 78, 120, 123, 133, 407, 409, 411, 430, 441, 443, 445, 446, 447, 448, 580, 582, 584, 585, 670, 816, 854, 1175, 1213, 1228, 1255, 1261, 1263, 1264, 1268, 1380, 1382, 1404, 1405, 1422, 1469, 1473, 1503, 1508, 1509, 1526, 1536, 1537 | Platform Manager | All Available Log Sources |
| CCF: Access Success Summary | 2091 | 78, 120, 123, 133, 407, 409, 411, 430, 441, 443, 445, 446, 447, 448, 580, 582, 584, 585, 670, 816, 854, 1175, 1213, 1228, 1255, 1261, 1263, 1264, 1268, 1380, 1382, 1404, 1405, 1422, 1469, 1473, 1503, 1508, 1509, 1526, 1536, 1537 | Platform Manager | All Available Log Sources |
| CCF: Account Deleted Summary | 2086 | 78, 120, 123, 407, 409, 411, 430, 441, 443, 445, 446, 447, 448, 580, 582, 585, 670, 816, 854, 1213, 1228, 1255, 1261, 1263, 1264, 1268, 1380, 1382, 1404, 1405, 1422, 1469, 1473, 1503, 1508, 1509, 1526, 1536, 1537 | Platform Manager | All Available Log Sources |
| CCF: Account Disabled Summary | 2084 | 78, 120, 123, 407, 409, 411, 430, 431, 441, 443, 445, 446, 447, 448, 580, 582, 585, 670, 816, 854, 1213, 1228, 1255, 1261, 1263, 1264, 1268, 1380, 1382, 1404, 1405, 1422, 1469, 1473, 1503, 1508, 1509, 1526, 1536, 1537 | LogMart | All Available Log Sources |
| CCF: Account Enabled Summary | 2085 | 78, 120, 123, 407, 409, 411, 431, 441, 443, 445, 446, 447, 448, 580, 582, 585, 670, 816, 854, 1213, 1228, 1255, 1261, 1263, 1264, 1268, 1380, 1382, 1405, 1422, 1469, 1473, 1503, 1508, 1509, 1526, 1536, 1537 | Platform Manager | All Available Log Sources |
| CCF: Account Modification Summary | 2092 | 78, 120, 123, 133, 407, 409, 411, 430, 431, 441, 443, 445, 446, 447, 448, 580, 582, 585, 670, 816, 854, 1213, 1228, 1255, 1261, 1263, 1264, 1268, 1380, 1382, 1404, 1405, 1422, 1469, 1473, 1503, 1508, 1509, 1526, 1536, 1537 | Platform Manager | All Available Log Sources |
| CCF: Applications Accessed By User Summary | 2063 | 78, 120, 123, 133, 407, 409, 411, 430, 441, 443, 445, 446, 447, 448, 580, 582, 584, 585, 670, 816, 854, 1175, 1213, 1228, 1255, 1261, 1263, 1264, 1268, 1380, 1382, 1402, 1404, 1405, 1422, 1469, 1473, 1503, 1508, 1509, 1526, 1536, 1537 | Data Processor(s) | All Available Log Sources |
| CCF: Audit Log Summary | 2076 | 109, 120, 123, 133, 138, 342, 407, 415, 580, 582, 584, 585, 586, 670, 988, 1175, 1211, 1213, 1228, 1255, 1256, 1268, 1402, 1405, 1497, 1500, 1509, 1510, 1511, 1526, 1536, 1537 | Platform Manager | All Available Log Sources |
| CCF: Auth Failure Summary | 2088 | 78, 120, 123, 133, 407, 409, 411, 430, 431, 441, 443, 445, 446, 447, 448, 580, 582, 584, 585, 670, 816, 854, 1175, 1213, 1228, 1255, 1261, 1263, 1264, 1268, 1380, 1382, 1404, 1405, 1422, 1469, 1473, 1503, 1508, 1509, 1526, 1536, 1537 | Platform Manager | All Available Log Sources |
| CCF: Auth Success Summary | 2090 | 78, 120, 123, 133, 407, 409, 411, 430, 441, 443, 445, 446, 447, 448, 580, 582, 584, 585, 670, 816, 854, 1175, 1213, 1228, 1255, 1261, 1263, 1264, 1268, 1380, 1382, 1404, 1405, 1422, 1469, 1473, 1503, 1508, 1509, 1526, 1536, 1537 | Platform Manager | All Available Log Sources |
| CCF: Backup Activity Summary | 2062 | 120, 123, 138, 407, 580, 582, 585, 670, 859, 991, 1213, 1228, 1405, 1510, 1511, 1514, 1526, 1536, 1537 | Data Processor(s) | All Available Log Sources |
| CCF: Compromises Detected Summary | 2064 | 120, 123, 407, 580, 582, 585, 670, 940, 1144, 1213, 1228, 1405, 1472, 1494, 1495, 1496, 1526, 1536, 1537 | LogMart | All Available Log Sources |
| CCF: Config/Policy Change Summary | 2049 | 115, 120, 123, 298, 300, 407, 580, 582, 585, 670, 940, 1144, 1211, 1213, 1228, 1405, 1472, 1494, 1495, 1496, 1497, 1500, 1526, 1536, 1537 | LogMart | All Available Log Sources |
| CCF: Critical Environment Error Summary | 2050 | 120, 123, 133, 138, 342, 407, 580, 582, 585, 586, 670, 1213, 1228, 1255, 1256, 1405, 1510, 1511, 1526, 1536, 1537 | Platform Manager | All Available Log Sources |
| CCF: GeoIP Summary | 2069 | 78, 120, 123, 138, 157, 407, 409, 411, 414, 415, 420, 441, 443, 445, 446, 447, 448, 553, 555, 580, 582, 584, 585, 586, 670, 816, 854, 975, 1175, 1213, 1228, 1255, 1256, 1261, 1262, 1263, 1264, 1268, 1380, 1382, 1403, 1405, 1422, 1469, 1473, 1503, 1508, 1509, 1510, 1511, 1526, 1536, 1537, 1538 | Platform Manager | All Available Log Sources |
| CCF: Host Access Granted And Revoked Detail | 2065 | 78, 120, 123, 407, 409, 411, 414, 430, 441, 443, 445, 446, 447, 448, 580, 582, 584, 585, 670, 816, 854, 1213, 1228, 1255, 1261, 1262, 1263, 1264, 1268, 1380, 1382, 1402, 1404, 1405, 1422, 1469, 1473, 1503, 1508, 1509, 1526, 1536, 1537 | Data Processor(s) | All Available Log Sources |
| CCF: LogRhythm Data Loss Defender Log Summary | 2066 | 120, 123, 133, 138, 311, 313, 342, 407, 580, 582, 585, 586, 670, 859, 991, 1069, 1213, 1228, 1255, 1256, 1402, 1405, 1503, 1510, 1511, 1514, 1526, 1536, 1537 | LogMart | All Available Log Sources |
| CCF: Malware Detected Summary | 2051 | 120, 123, 407, 580, 582, 585, 670, 940, 1144, 1213, 1228, 1405, 1472, 1494, 1495, 1496, 1526, 1536, 1537 | Platform Manager | All Available Log Sources |
| CCF: Object Access Summary | 2067 | 120, 123, 133, 138, 342, 407, 580, 582, 585, 586, 670, 1213, 1228, 1255, 1256, 1402, 1405, 1503, 1510, 1511, 1526, 1536, 1537 | Data Processor(s) | All Available Log Sources |
| CCF: Patch Activity Summary | 2052 | 115, 120, 123, 298, 300, 407, 580, 582, 585, 670, 940, 1144, 1211, 1213, 1228, 1405, 1472, 1494, 1495, 1496, 1497, 1500, 1526, 1536, 1537 | Data Processor(s) | All Available Log Sources |
| CCF: Physical Access Summary | 2053 | 120, 123, 407, 580, 582, 585, 670, 1053, 1074, 1213, 1228, 1296, 1405, 1526, 1536, 1537 | Platform Manager | All Available Log Sources |
| CCF: Priv Account Management Activity Summary | 2080 | 78, 120, 123, 407, 409, 411, 441, 443, 445, 446, 447, 448, 580, 582, 585, 670, 816, 854, 1053, 1074, 1175, 1213, 1228, 1255, 1261, 1263, 1264, 1268, 1380, 1382, 1402, 1405, 1422, 1469, 1473, 1503, 1508, 1509, 1526, 1536, 1537 | Data Processor(s) | All Available Log Sources |
| CCF: Priv Authentication Activity Summary | 2079 | 78, 120, 123, 407, 409, 411, 441, 443, 445, 446, 447, 448, 580, 582, 584, 585, 670, 816, 854, 1053, 1074, 1175, 1213, 1228, 1255, 1261, 1263, 1264, 1268, 1380, 1382, 1402, 1405, 1422, 1469, 1473, 1503, 1508, 1509, 1526, 1536, 1537 | Platform Manager | All Available Log Sources |
| CCF: Rogue Access Point Summary | 2054 | 120, 123, 157, 407, 580, 582, 585, 670, 1139, 1213, 1228, 1301, 1405, 1526, 1536, 1537 | Platform Manager | All Available Log Sources |
| CCF: Signature Activity Summary | 2055 | 120, 123, 407, 580, 582, 585, 670, 1213, 1228, 1405, 1526, 1536, 1537 | LogMart | All Available Log Sources |
| CCF: Social Media Summary | 2070 | 120, 123, 407, 409, 411, 441, 443, 445, 446, 447, 448, 580, 582, 585, 670, 816, 1175, 1213, 1228, 1255, 1261, 1263, 1264, 1268, 1380, 1382, 1405, 1422, 1469, 1473, 1503, 1508, 1509, 1526, 1536, 1537 | Platform Manager | All Available Log Sources |
| CCF: Suspected Wireless Attack Summary | 2056 | 120, 123, 157, 407, 580, 582, 585, 670, 940, 1144, 1213, 1228, 1405, 1472, 1494, 1495, 1496, 1526, 1536, 1537 | Platform Manager | All Available Log Sources |
| CCF: Term Account Activity Summary | 2087 | 78, 120, 123, 407, 409, 411, 430, 441, 443, 445, 446, 447, 448, 580, 582, 584, 585, 670, 816, 854, 1213, 1228, 1255, 1261, 1263, 1264, 1268, 1380, 1382, 1404, 1405, 1422, 1469, 1473, 1503, 1508, 1509, 1526, 1536, 1537 | Data Processor(s) | All Available Log Sources |
| CCF: Time Sync Error Summary | 2057 | 109, 120, 123, 133, 138, 342, 407, 415, 580, 582, 584, 585, 586, 670, 859, 988, 991, 1175, 1211, 1213, 1228, 1255, 1256, 1268, 1402, 1405, 1497, 1500, 1509, 1510, 1511, 1514, 1526, 1536, 1537 | Platform Manager | All Available Log Sources |
| CCF: Top Suspicious Users | 2059 | 78, 120, 123, 138, 407, 409, 411, 441, 443, 445, 446, 447, 448, 580, 582, 584, 585, 586, 670, 816, 854, 940, 1144, 1213, 1228, 1255, 1261, 1263, 1264, 1268, 1380, 1382, 1405, 1422, 1469, 1472, 1473, 1494, 1495, 1496, 1503, 1508, 1509, 1510, 1511, 1526, 1536, 1537 | Data Processor(s) | All Available Log Sources |
| CCF: Unknown User Account Detail | 2071 | 78, 120, 123, 407, 409, 411, 414, 430, 441, 443, 445, 446, 447, 448, 580, 582, 584, 585, 670, 816, 854, 940, 1144, 1213, 1228, 1255, 1261, 1262, 1263, 1264, 1268, 1380, 1382, 1402, 1404, 1405, 1422, 1469, 1472, 1473, 1494, 1495, 1496, 1503, 1508, 1509, 1526, 1536, 1537 | Data Processor(s) | All Available Log Sources |
| CCF: Use Of Non-Encrypted Protocols Summary | 2060 | 120, 123, 157, 407, 580, 582, 585, 670, 1139, 1213, 1228, 1277, 1402, 1405, 1526, 1536, 1537 | LogMart | All Available Log Sources |
| CCF: User Misuse Summary | 2061 | 120, 123, 407, 409, 411, 441, 443, 445, 446, 447, 448, 580, 582, 584, 585, 670, 816, 1175, 1213, 1228, 1255, 1261, 1263, 1264, 1268, 1380, 1382, 1404, 1405, 1422, 1469, 1473, 1503, 1508, 1509, 1526, 1536, 1537 | Platform Manager | All Available Log Sources |
| CCF: User Object Access Summary | 2068 | 78, 120, 123, 133, 138, 342, 407, 409, 411, 430, 441, 443, 445, 446, 447, 448, 580, 582, 585, 586, 670, 816, 854, 1175, 1213, 1228, 1255, 1256, 1261, 1263, 1264, 1268, 1380, 1382, 1402, 1404, 1405, 1422, 1469, 1473, 1503, 1508, 1509, 1510, 1511, 1526, 1536, 1537 | Data Processor(s) | All Available Log Sources |
| CCF: User Priv Escalation (SU & SUDO) Summary | 2078 | 120, 123, 407, 409, 411, 441, 443, 445, 446, 447, 448, 580, 582, 585, 670, 816, 1213, 1228, 1255, 1261, 1263, 1264, 1268, 1380, 1382, 1405, 1422, 1469, 1473, 1503, 1508, 1509, 1526, 1536, 1537 | Data Processor(s) | All Available Log Sources |
| CCF: User Priv Escalation (Windows) Summary | 2077 | 120, 123, 407, 409, 411, 441, 443, 445, 446, 447, 448, 580, 582, 585, 670, 816, 1213, 1228, 1255, 1261, 1263, 1264, 1268, 1380, 1382, 1405, 1422, 1469, 1473, 1503, 1508, 1509, 1526, 1536, 1537 | Data Processor(s) | All Available Log Sources |
| CCF: Vulnerability Detected Summary | 2058 | 120, 123, 407, 580, 582, 585, 670, 940, 1144, 1213, 1228, 1405, 1472, 1494, 1495, 1496, 1526, 1536, 1537 | Platform Manager | All Available Log Sources |
Report Package Name | Report Package ID | Description |
|---|---|---|
| CCF: Daily IT Operations Reporting Package | 89 | This Reporting Package is a template to deliver pertinent content for IT Operations on a daily basis. |
| CCF: Daily IT Security Reporting Package | 90 | This Reporting Package is a template to deliver pertinent content for IT Security on a daily basis. |
| CCF: Executive Reporting Package | 87 | This reporting package is a template to deliver pertinent content for Executives on a monthly basis. |
| CCF: Weekly Audit Reporting Package | 88 | This Reporting Package is a template to deliver pertinent content for Internal and/or External Audit groups on a weekly basis |