The following table provides a listing of all reports included in this compliance package. For each report, the targeted data source, the required classifications, and the required Log Source Lists are provided. If you are unable to implement the Data Management Settings as described in Appendix A, refer to this table to understand which reports will be impacted. Lastly, this table indicates the Intelligent Indexing-capable objects and their recommended settings.
Reports with a data source of “Log Manager” will not populate in a fully collectionoptimized deployment. For additional details, contact LogRhythm Support.
|
Report ID |
Intelligent Indexing |
Report Name |
Data Source |
Required Classifications |
Required Log Source Lists |
|---|---|---|---|---|---|
|
548 |
No |
DoDI 8500.2: Account Management Activity |
Log Mart |
Account Created, Account Deleted, Account Modified |
DoDI 8500.2: Network Access Control Systems, DoDI 8500.2: Production Servers, DoDI 8500.2: Wireless Access Points, DoDI 8500.2: Workstations |
|
549 |
N/A |
DoDI 8500.2: Alarm And Response Activity |
Event Manager |
N/A |
DoDI 8500.2: Data Loss Prevention Systems, DoDI 8500.2: File Integrity Monitoring Systems, DoDI 8500.2: Network Access Control Systems, DoDI 8500.2: Production Servers, DoDI 8500.2: Remote Access Systems, DoDI 8500.2: Security Systems, DoDI 8500.2: Wireless Access Points, DoDI 8500.2: Workstations |
|
550 |
No |
DoDI 8500.2: Anti-Virus Signature Update Report |
Log Mart |
N/A |
DoDI 8500.2: Production Servers, DoDI 8500.2: Security Systems, DoDI 8500.2: Workstations |
|
551 |
No |
DoDI 8500.2: File Integrity Monitor Log Detail |
Log Manager |
N/A |
N/A |
|
552 |
No |
DoDI 8500.2: File Integrity Monitor Log Detail |
Log Manager |
N/A |
DoDI 8500.2: File Integrity Monitoring Systems |
|
553 |
No |
DoDI 8500.2: File Integrity Monitor Summary |
Log Manager |
N/A |
DoDI 8500.2: File Integrity Monitoring Systems |
|
554 |
Yes |
DoDI 8500.2: Host Access Granted And Revoked |
Log Manager |
Access Granted, Access Revoked |
DoDI 8500.2: Network Access Control Systems, DoDI 8500.2: Production Servers, DoDI 8500.2: Workstations |
|
555 |
No |
DoDI 8500.2: Network Connection Summary |
Log Manager |
Network Allow, Network Deny, Network Traffic |
DoDI 8500.2: Network Access Control Systems |
|
556 |
No |
DoDI 8500.2: Object Access Summary |
Log Manager |
Access Success |
DoDI 8500.2: Production Servers |
|
557 |
No |
DoDI 8500.2: Suspicious Activity By User |
Log Mart |
Suspicious |
DoDI 8500.2: Data Loss Prevention Systems, DoDI 8500.2: File Integrity Monitoring Systems, DoDI 8500.2: Network Access Control Systems, DoDI 8500.2: Production Servers, DoDI 8500.2: Remote Access Systems, DoDI 8500.2: Security Systems, DoDI 8500.2: Wireless Access Points, DoDI 8500.2: Workstations |
|
558 |
Yes |
DoDI 8500.2: System Startup And Shutdown |
Log Manager |
N/A |
DoDI 8500.2: Network Access Control Systems, DoDI 8500.2: Production Servers, DoDI 8500.2: Remote Access Systems, DoDI 8500.2: Security Systems, DoDI 8500.2: Wireless Access Points, DoDI 8500.2: Workstations |
|
559 |
N/A |
DoDI 8500.2: Usage Auditing Event Detail |
Event Manager |
N/A |
DoDI 8500.2: Data Loss Prevention Systems, DoDI 8500.2: File Integrity Monitoring Systems, DoDI 8500.2: Network Access Control Systems, DoDI 8500.2: Production Servers, DoDI 8500.2: Remote Access Systems, DoDI 8500.2: Security Systems, DoDI 8500.2: Wireless Access Points, DoDI 8500.2: Workstations |
|
560 |
N/A |
DoDI 8500.2: Usage Auditing Event Detail |
Event Manager |
N/A |
DoDI 8500.2: Data Loss Prevention Systems, DoDI 8500.2: File Integrity Monitoring Systems, DoDI 8500.2: Network Access Control Systems, DoDI 8500.2: Production Servers, DoDI 8500.2: Remote Access Systems, DoDI 8500.2: Security Systems, DoDI 8500.2: Wireless Access Points, DoDI 8500.2: Workstations |
|
561 |
Yes |
DoDI 8500.2: User Authentication Summary |
Log Manager |
Authentication Failure, Authentication Success |
DoDI 8500.2: Network Access Control Systems, DoDI 8500.2: Production Servers, DoDI 8500.2: Remote Access Systems, DoDI 8500.2: Wireless Access Points, DoDI 8500.2: Workstations |
|
562 |
No |
DoDI 8500.2: Vulnerabilities Detected |
Log Mart |
Vulnerability |
DoDI 8500.2: Security Systems |
|
563 |
No |
DoDI 8500.2: Configuration Change Summary |
Log Mart |
Configuration |
DoDI 8500.2: Network Access Control Systems, DoDI 8500.2: Production Servers, DoDI 8500.2: Remote Access Systems, DoDI 8500.2: Security Systems, DoDI 8500.2: Wireless Access Points, DoDI 8500.2: Workstations |
|
564 |
Yes |
DoDI 8500.2: Door Access Summary |
Log Manager |
N/A |
DoDI 8500.2: Security Systems |
|
565 |
Yes |
DoDI 8500.2: Host Remote Access Summary |
Log Manager |
N/A |
DoDI 8500.2: Network Access Control Systems, DoDI 8500.2: Remote Access Systems |
|
566 |
N/A |
DoDI 8500.2: Archived Log Rate Analysis |
Event Manager |
N/A |
N/A |
|
567 |
No |
DoDI 8500.2: Patches Applied |
Log Mart |
N/A |
DoDI 8500.2: Production Servers, DoDI 8500.2: Security Systems, DoDI 8500.2: Workstations, DoDI 8500.2: Networking And Communications |
|
568 |
No |
DoDI 8500.2: Wireless Access Points |
Log Mart |
N/A |
DoDI 8500.2: Security Systems |
|
569 |
Yes |
DoDI 8500.2: Backup Status |
Log Manager |
N/A |
DoDI 8500.2: Production Servers, DoDI 8500.2: Workstations |