Skip to main content
Skip table of contents

GDPR – Investigations

The Intelligent Indexing settings are recommendations. The default configuration is No.

Investigation Name

Investigation Description

Investigation ID

Directly Meet Requirements

Data Source

Intelligent Indexing

Classifications

Log Sources

CCF: Applications Accessed By User Inv

This investigation provides information about user accessed applications.
Augment: Article 17, Article 18, Article 21, Article 24, Article 25, Article 32, Article 35, Article 40, Article 44, Article 45, Article 46, Article 47, Article 90

689

N/A

Data Processor(s)

No

Audit

GDPR: All Log Sources

CCF: Backup Activity Inv

This report provides a summary of activity from backup events.
Augment: Article 22, Article 24, Article 25, Article 32, Article 35, Article 40, Article 44, Article 45, Article 46, Article 47, Article 90

688

N/A

Data Processor(s)

No

Operations

GDPR: All Log Sources

CCF: Compromises Detected Inv

This investigation provides a summary of detected compromises of security by Entity and Impacted Host.
Augment: Article 22, Article 24, Article 25, Article 32, Article 33, Article 34, Article 35, Article 46, Article 47, Article 90

690

N/A

Log Mart

Yes

Security

GDPR: All Log Sources

CCF: Config/Policy Change Inv

This investigation provides a summary of the occurrence of configuration or policy changes across critical and production environments (entity structure).
Augment: Article 22, Article 24, Article 25, Article 32, Article 35, Article 46, Article 47, Article 90

675

N/A

Data Processor(s)

No

Audit

GDPR: All Log Sources

CCF: Critical Environment Error Inv

This investigation provides summary details around critical or error messages received from critical servers or systems (entity structure) to support change management procedures.
Augment: Article 22, Article 24, Article 25, Article 32, Article 33, Article 34, Article 35, Article 46, Article 47, Article 90

676

N/A

Platform Manager

Yes

Operations

GDPR: All Log Sources

CCF: GeoIP Inv

This report summarizes GeoIP activity that is associated with AI Engine GeoIP rules, in the CCF compliance automation suite.
Augment: Article 17, Article 18, Article 21, Article 35, Article 40, Article 44, Article 45, Article 46, Article 47, Article 90

696

N/A

Platform Manager

Yes

Security

GDPR: All Log Sources

CCF: Host Access Granted And Revoked Inv

This investigation details all access granted and revoked for production systems.
Augment: Article 18, Article 21, Article 22, Article 24, Article 25, Article 32, Article 33, Article 34, Article 35, Article 40, Article 44, Article 45, Article 46, Article 47, Article 90

691

N/A

Data Processor(s)

Yes

Audit

GDPR: All Log Sources

CCF: LogRhythm Data Loss Defender Log Inv

This investigation provides summary information on data generated by the LogRhythm Data Loss Defender.  Data is grouped by Entity, Impacted Host, Common Event, and Object with a count of how many times that condition has been experienced within the investigating period.
Augment: Article 17, Article 18, Article 21, Article 22, Article 24, Article 25, Article 32, Article 33, Article 34, Article 35, Article 40, Article 44, Article 45, Article 46, Article 47, Article 90

692

N/A

Data Processor(s)

Yes

Audit

GDPR: All Log Sources

CCF: Malware Detected Inv

This investigation provides a summary of malware activity by entity and impacted host within the organization's critical and production environments (entity structure).
Augment: Article 22, Article 24, Article 25, Article 32, Article 33, Article 34, Article 35, Article 46, Article 47, Article 90

677

N/A

Platform Manager

Yes

Security

GDPR: All Log Sources

CCF: Object Access Inv

This investigation summarizes object access by Impacted Host.
Augment: Article 17, Article 18, Article 21, Article 22, Article 24, Article 25, Article 32, Article 33, Article 34, Article 35, Article 40, Article 44, Article 45, Article 46, Article 47, Article 90

693

N/A

Data Processor(s)

No

Audit

GDPR: All Log Sources

CCF: Patch Activity Inv

This investigation provides a summary of applied patches grouped by Origin Host. It can demonstrate that all system components have the latest security patches installed.
Augment: Article 22, Article 24, Article 25, Article 32, Article 35, Article 46, Article 47, Article 90

678

N/A

Data Processor(s)

No

Security

GDPR: All Log Sources

CCF: Physical Access Inv

This investigation summarizes physical door access/authentication success and failures within the organization's physical security perimeter.
Augment: Article 22, Article 24, Article 25, Article 32, Article 35, Article 46, Article 47, Article 90

679

N/A

Platform Manager

No

Audit

GDPR: All Log Sources

CCF: Rogue Access Point Inv

This investigation provides a summary of all detected rogue wireless access points by Impacted Host across critical, production, and online banking environments (entity structure).
Augment: Article 22, Article 24, Article 25, Article 32, Article 33, Article 34, Article 35, Article 46, Article 47, Article 90

680

N/A

Platform Manager

Yes

Security

GDPR: All Log Sources

CCF: Signature Activity Inv

This investigation provides summary information on signature update activity across critical and production environments (entity structure).
Augment: Article 22, Article 24, Article 25, Article 32, Article 35, Article 46, Article 47, Article 90

681

N/A

Log Mart

No

Operations

GDPR: All Log Sources

CCF: Social Media Inv

Summarizes the top URLs related to Social Media activity.
Augment: Article 17, Article 18, Article 35, Article 40, Article 44, Article 45, Article 46, Article 47, Article 90

695

N/A

Platform Manager

No

Audit

GDPR: All Log Sources

CCF: Suspected Wireless Attack Inv

This investigation provides summary information on suspected wireless attacks at the internal boundary including the type if attack and impacted (targeted) host and application (if applicable).  To supplement this Summary investigation consider running an Investigation to capture further information. This is based on Critical and Production environments (can be defined with entity structure).
Augment: Article 22, Article 24, Article 25, Article 32, Article 33, Article 34, Article 35, Article 46, Article 47, Article 90

682

N/A

Platform Manager

Yes

Security

GDPR: All Log Sources

CCF: Suspicious Users Inv

This investigation lists all users generating suspicious activity ordered by the number of events detected highest to lowest.
Augment: Article 18, Article 21, Article 22, Article 24, Article 25, Article 32, Article 33, Article 34, Article 35, Article 46, Article 47, Article 90

685

N/A

Data Processor(s)

Yes

Security

GDPR: All Log Sources

CCF: Time Sync Error Inv

This investigation provides a summary of time sync errors occurring within critical and production environments (can be defined with entity structure).
Augment: Article 22, Article 24, Article 25, Article 32, Article 33, Article 34, Article 35, Article 46, Article 47, Article 90

683

N/A

Platform Manager

Yes

Operations

GDPR: All Log Sources

CCF: Unknown User Account Inv

This investigation provides detail of activity from unknown user accounts, based off of CCF user lists.
Augment: Article 17, Article 18, Article 21, Article 22, Article 24, Article 25, Article 32, Article 33, Article 34, Article 35, Article 40, Article 44, Article 45, Article 46, Article 47, Article 90

697

N/A

Data Processor(s)

Yes

Security

GDPR: All Log Sources

CCF: Use Of Non-Encrypted Protocols Inv

This investigation lists any use of non-encrypted protocols.
Augment: Article 22, Article 24, Article 25, Article 32, Article 33, Article 34, Article 35, Article 40, Article 44, Article 45, Article 46, Article 47, Article 90

686

N/A

Log Mart

Yes

Audit

GDPR: All Log Sources

CCF: User Misuse Inv

This investigation summarizes detected misuse by user.
Augment: Article 18, Article 22, Article 24, Article 25, Article 32, Article 33, Article 34, Article 35, Article 40, Article 44, Article 45, Article 46, Article 47, Article 90

687

N/A

Platform Manager

Yes

Security

GDPR: All Log Sources

CCF: User Object Access Inv

This investigation summarizes successful object access activity by user.
Augment: Article 17, Article 18, Article 21, Article 22, Article 24, Article 25, Article 32, Article 33, Article 34, Article 35, Article 40, Article 44, Article 45, Article 46, Article 47, Article 90

694

N/A

Data Processor(s)

No

Audit

GDPR: All Log Sources

CCF: Vulnerability Detected Inv

This investigation provides a summary of potential vulnerabilities detected across the critical and production environments (can be defined with entity structure).
Augment: Article 22, Article 24, Article 25, Article 32, Article 33, Article 34, Article 35, Article 46, Article 47, Article 90

684

N/A

Platform Manager

Yes

Security

GDPR: All Log Sources

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close