|
Report Name |
Report ID |
Control Support |
Data Source |
Log Sources |
|---|---|---|---|---|
|
CCF: Access Failure Summary |
2089 |
78, 120, 123, 133, 407, 409, 411, 430, 441, 443, 445, 446, 447, 448, 580, 582, 584, 585, 670, 816, 854, 1175, 1213, 1228, 1255, 1261, 1263, 1264, 1268, 1380, 1382, 1404, 1405, 1422, 1469, 1473, 1503, 1508, 1509, 1526, 1536, 1537 |
Platform Manager |
All Available Log Sources |
|
CCF: Access Success Summary |
2091 |
78, 120, 123, 133, 407, 409, 411, 430, 441, 443, 445, 446, 447, 448, 580, 582, 584, 585, 670, 816, 854, 1175, 1213, 1228, 1255, 1261, 1263, 1264, 1268, 1380, 1382, 1404, 1405, 1422, 1469, 1473, 1503, 1508, 1509, 1526, 1536, 1537 |
Platform Manager |
All Available Log Sources |
|
CCF: Account Deleted Summary |
2086 |
78, 120, 123, 407, 409, 411, 430, 441, 443, 445, 446, 447, 448, 580, 582, 585, 670, 816, 854, 1213, 1228, 1255, 1261, 1263, 1264, 1268, 1380, 1382, 1404, 1405, 1422, 1469, 1473, 1503, 1508, 1509, 1526, 1536, 1537 |
Platform Manager |
All Available Log Sources |
|
CCF: Account Disabled Summary |
2084 |
78, 120, 123, 407, 409, 411, 430, 431, 441, 443, 445, 446, 447, 448, 580, 582, 585, 670, 816, 854, 1213, 1228, 1255, 1261, 1263, 1264, 1268, 1380, 1382, 1404, 1405, 1422, 1469, 1473, 1503, 1508, 1509, 1526, 1536, 1537 |
LogMart |
All Available Log Sources |
|
CCF: Account Enabled Summary |
2085 |
78, 120, 123, 407, 409, 411, 431, 441, 443, 445, 446, 447, 448, 580, 582, 585, 670, 816, 854, 1213, 1228, 1255, 1261, 1263, 1264, 1268, 1380, 1382, 1405, 1422, 1469, 1473, 1503, 1508, 1509, 1526, 1536, 1537 |
Platform Manager |
All Available Log Sources |
|
CCF: Account Modification Summary |
2092 |
78, 120, 123, 133, 407, 409, 411, 430, 431, 441, 443, 445, 446, 447, 448, 580, 582, 585, 670, 816, 854, 1213, 1228, 1255, 1261, 1263, 1264, 1268, 1380, 1382, 1404, 1405, 1422, 1469, 1473, 1503, 1508, 1509, 1526, 1536, 1537 |
Platform Manager |
All Available Log Sources |
|
CCF: Applications Accessed By User Summary |
2063 |
78, 120, 123, 133, 407, 409, 411, 430, 441, 443, 445, 446, 447, 448, 580, 582, 584, 585, 670, 816, 854, 1175, 1213, 1228, 1255, 1261, 1263, 1264, 1268, 1380, 1382, 1402, 1404, 1405, 1422, 1469, 1473, 1503, 1508, 1509, 1526, 1536, 1537 |
Data Processor(s) |
All Available Log Sources |
|
CCF: Audit Log Summary |
2076 |
109, 120, 123, 133, 138, 342, 407, 415, 580, 582, 584, 585, 586, 670, 988, 1175, 1211, 1213, 1228, 1255, 1256, 1268, 1402, 1405, 1497, 1500, 1509, 1510, 1511, 1526, 1536, 1537 |
Platform Manager |
All Available Log Sources |
|
CCF: Auth Failure Summary |
2088 |
78, 120, 123, 133, 407, 409, 411, 430, 431, 441, 443, 445, 446, 447, 448, 580, 582, 584, 585, 670, 816, 854, 1175, 1213, 1228, 1255, 1261, 1263, 1264, 1268, 1380, 1382, 1404, 1405, 1422, 1469, 1473, 1503, 1508, 1509, 1526, 1536, 1537 |
Platform Manager |
All Available Log Sources |
|
CCF: Auth Success Summary |
2090 |
78, 120, 123, 133, 407, 409, 411, 430, 441, 443, 445, 446, 447, 448, 580, 582, 584, 585, 670, 816, 854, 1175, 1213, 1228, 1255, 1261, 1263, 1264, 1268, 1380, 1382, 1404, 1405, 1422, 1469, 1473, 1503, 1508, 1509, 1526, 1536, 1537 |
Platform Manager |
All Available Log Sources |
|
CCF: Backup Activity Summary |
2062 |
120, 123, 138, 407, 580, 582, 585, 670, 859, 991, 1213, 1228, 1405, 1510, 1511, 1514, 1526, 1536, 1537 |
Data Processor(s) |
All Available Log Sources |
|
CCF: Compromises Detected Summary |
2064 |
120, 123, 407, 580, 582, 585, 670, 940, 1144, 1213, 1228, 1405, 1472, 1494, 1495, 1496, 1526, 1536, 1537 |
LogMart |
All Available Log Sources |
|
CCF: Config/Policy Change Summary |
2049 |
115, 120, 123, 298, 300, 407, 580, 582, 585, 670, 940, 1144, 1211, 1213, 1228, 1405, 1472, 1494, 1495, 1496, 1497, 1500, 1526, 1536, 1537 |
LogMart |
All Available Log Sources |
|
CCF: Critical Environment Error Summary |
2050 |
120, 123, 133, 138, 342, 407, 580, 582, 585, 586, 670, 1213, 1228, 1255, 1256, 1405, 1510, 1511, 1526, 1536, 1537 |
Platform Manager |
All Available Log Sources |
|
CCF: GeoIP Summary |
2069 |
78, 120, 123, 138, 157, 407, 409, 411, 414, 415, 420, 441, 443, 445, 446, 447, 448, 553, 555, 580, 582, 584, 585, 586, 670, 816, 854, 975, 1175, 1213, 1228, 1255, 1256, 1261, 1262, 1263, 1264, 1268, 1380, 1382, 1403, 1405, 1422, 1469, 1473, 1503, 1508, 1509, 1510, 1511, 1526, 1536, 1537, 1538 |
Platform Manager |
All Available Log Sources |
|
CCF: Host Access Granted And Revoked Detail |
2065 |
78, 120, 123, 407, 409, 411, 414, 430, 441, 443, 445, 446, 447, 448, 580, 582, 584, 585, 670, 816, 854, 1213, 1228, 1255, 1261, 1262, 1263, 1264, 1268, 1380, 1382, 1402, 1404, 1405, 1422, 1469, 1473, 1503, 1508, 1509, 1526, 1536, 1537 |
Data Processor(s) |
All Available Log Sources |
|
CCF: LogRhythm Data Loss Defender Log Summary |
2066 |
120, 123, 133, 138, 311, 313, 342, 407, 580, 582, 585, 586, 670, 859, 991, 1069, 1213, 1228, 1255, 1256, 1402, 1405, 1503, 1510, 1511, 1514, 1526, 1536, 1537 |
LogMart |
All Available Log Sources |
|
CCF: Malware Detected Summary |
2051 |
120, 123, 407, 580, 582, 585, 670, 940, 1144, 1213, 1228, 1405, 1472, 1494, 1495, 1496, 1526, 1536, 1537 |
Platform Manager |
All Available Log Sources |
|
CCF: Object Access Summary |
2067 |
120, 123, 133, 138, 342, 407, 580, 582, 585, 586, 670, 1213, 1228, 1255, 1256, 1402, 1405, 1503, 1510, 1511, 1526, 1536, 1537 |
Data Processor(s) |
All Available Log Sources |
|
CCF: Patch Activity Summary |
2052 |
115, 120, 123, 298, 300, 407, 580, 582, 585, 670, 940, 1144, 1211, 1213, 1228, 1405, 1472, 1494, 1495, 1496, 1497, 1500, 1526, 1536, 1537 |
Data Processor(s) |
All Available Log Sources |
|
CCF: Physical Access Summary |
2053 |
120, 123, 407, 580, 582, 585, 670, 1053, 1074, 1213, 1228, 1296, 1405, 1526, 1536, 1537 |
Platform Manager |
All Available Log Sources |
|
CCF: Priv Account Management Activity Summary |
2080 |
78, 120, 123, 407, 409, 411, 441, 443, 445, 446, 447, 448, 580, 582, 585, 670, 816, 854, 1053, 1074, 1175, 1213, 1228, 1255, 1261, 1263, 1264, 1268, 1380, 1382, 1402, 1405, 1422, 1469, 1473, 1503, 1508, 1509, 1526, 1536, 1537 |
Data Processor(s) |
All Available Log Sources |
|
CCF: Priv Authentication Activity Summary |
2079 |
78, 120, 123, 407, 409, 411, 441, 443, 445, 446, 447, 448, 580, 582, 584, 585, 670, 816, 854, 1053, 1074, 1175, 1213, 1228, 1255, 1261, 1263, 1264, 1268, 1380, 1382, 1402, 1405, 1422, 1469, 1473, 1503, 1508, 1509, 1526, 1536, 1537 |
Platform Manager |
All Available Log Sources |
|
CCF: Rogue Access Point Summary |
2054 |
120, 123, 157, 407, 580, 582, 585, 670, 1139, 1213, 1228, 1301, 1405, 1526, 1536, 1537 |
Platform Manager |
All Available Log Sources |
|
CCF: Signature Activity Summary |
2055 |
120, 123, 407, 580, 582, 585, 670, 1213, 1228, 1405, 1526, 1536, 1537 |
LogMart |
All Available Log Sources |
|
CCF: Social Media Summary |
2070 |
120, 123, 407, 409, 411, 441, 443, 445, 446, 447, 448, 580, 582, 585, 670, 816, 1175, 1213, 1228, 1255, 1261, 1263, 1264, 1268, 1380, 1382, 1405, 1422, 1469, 1473, 1503, 1508, 1509, 1526, 1536, 1537 |
Platform Manager |
All Available Log Sources |
|
CCF: Suspected Wireless Attack Summary |
2056 |
120, 123, 157, 407, 580, 582, 585, 670, 940, 1144, 1213, 1228, 1405, 1472, 1494, 1495, 1496, 1526, 1536, 1537 |
Platform Manager |
All Available Log Sources |
|
CCF: Term Account Activity Summary |
2087 |
78, 120, 123, 407, 409, 411, 430, 441, 443, 445, 446, 447, 448, 580, 582, 584, 585, 670, 816, 854, 1213, 1228, 1255, 1261, 1263, 1264, 1268, 1380, 1382, 1404, 1405, 1422, 1469, 1473, 1503, 1508, 1509, 1526, 1536, 1537 |
Data Processor(s) |
All Available Log Sources |
|
CCF: Time Sync Error Summary |
2057 |
109, 120, 123, 133, 138, 342, 407, 415, 580, 582, 584, 585, 586, 670, 859, 988, 991, 1175, 1211, 1213, 1228, 1255, 1256, 1268, 1402, 1405, 1497, 1500, 1509, 1510, 1511, 1514, 1526, 1536, 1537 |
Platform Manager |
All Available Log Sources |
|
CCF: Top Suspicious Users |
2059 |
78, 120, 123, 138, 407, 409, 411, 441, 443, 445, 446, 447, 448, 580, 582, 584, 585, 586, 670, 816, 854, 940, 1144, 1213, 1228, 1255, 1261, 1263, 1264, 1268, 1380, 1382, 1405, 1422, 1469, 1472, 1473, 1494, 1495, 1496, 1503, 1508, 1509, 1510, 1511, 1526, 1536, 1537 |
Data Processor(s) |
All Available Log Sources |
|
CCF: Unknown User Account Detail |
2071 |
78, 120, 123, 407, 409, 411, 414, 430, 441, 443, 445, 446, 447, 448, 580, 582, 584, 585, 670, 816, 854, 940, 1144, 1213, 1228, 1255, 1261, 1262, 1263, 1264, 1268, 1380, 1382, 1402, 1404, 1405, 1422, 1469, 1472, 1473, 1494, 1495, 1496, 1503, 1508, 1509, 1526, 1536, 1537 |
Data Processor(s) |
All Available Log Sources |
|
CCF: Use Of Non-Encrypted Protocols Summary |
2060 |
120, 123, 157, 407, 580, 582, 585, 670, 1139, 1213, 1228, 1277, 1402, 1405, 1526, 1536, 1537 |
LogMart |
All Available Log Sources |
|
CCF: User Misuse Summary |
2061 |
120, 123, 407, 409, 411, 441, 443, 445, 446, 447, 448, 580, 582, 584, 585, 670, 816, 1175, 1213, 1228, 1255, 1261, 1263, 1264, 1268, 1380, 1382, 1404, 1405, 1422, 1469, 1473, 1503, 1508, 1509, 1526, 1536, 1537 |
Platform Manager |
All Available Log Sources |
|
CCF: User Object Access Summary |
2068 |
78, 120, 123, 133, 138, 342, 407, 409, 411, 430, 441, 443, 445, 446, 447, 448, 580, 582, 585, 586, 670, 816, 854, 1175, 1213, 1228, 1255, 1256, 1261, 1263, 1264, 1268, 1380, 1382, 1402, 1404, 1405, 1422, 1469, 1473, 1503, 1508, 1509, 1510, 1511, 1526, 1536, 1537 |
Data Processor(s) |
All Available Log Sources |
|
CCF: User Priv Escalation (SU & SUDO) Summary |
2078 |
120, 123, 407, 409, 411, 441, 443, 445, 446, 447, 448, 580, 582, 585, 670, 816, 1213, 1228, 1255, 1261, 1263, 1264, 1268, 1380, 1382, 1405, 1422, 1469, 1473, 1503, 1508, 1509, 1526, 1536, 1537 |
Data Processor(s) |
All Available Log Sources |
|
CCF: User Priv Escalation (Windows) Summary |
2077 |
120, 123, 407, 409, 411, 441, 443, 445, 446, 447, 448, 580, 582, 585, 670, 816, 1213, 1228, 1255, 1261, 1263, 1264, 1268, 1380, 1382, 1405, 1422, 1469, 1473, 1503, 1508, 1509, 1526, 1536, 1537 |
Data Processor(s) |
All Available Log Sources |
|
CCF: Vulnerability Detected Summary |
2058 |
120, 123, 407, 580, 582, 585, 670, 940, 1144, 1213, 1228, 1405, 1472, 1494, 1495, 1496, 1526, 1536, 1537 |
Platform Manager |
All Available Log Sources |
|
Report Package Name |
Report Package ID |
Description |
|---|---|---|
|
CCF: Daily IT Operations Reporting Package |
89 |
This Reporting Package is a template to deliver pertinent content for IT Operations on a daily basis. |
|
CCF: Daily IT Security Reporting Package |
90 |
This Reporting Package is a template to deliver pertinent content for IT Security on a daily basis. |
|
CCF: Executive Reporting Package |
87 |
This reporting package is a template to deliver pertinent content for Executives on a monthly basis. |
|
CCF: Weekly Audit Reporting Package |
88 |
This Reporting Package is a template to deliver pertinent content for Internal and/or External Audit groups on a weekly basis |