NCA OT: PCI DSS 4.0 – Reports and Reporting Packages
Summary Reports
Report Name | Report Description | Report ID | Data Source | Intelligent Indexing | Classifications | Log Sources |
|---|---|---|---|---|---|---|
CCF: Access Granted/Revoked Activity Summary | This report provides a summary of disabled/locked accounts by account. Direct: 10.2.2 Augment: 7.1.2.a, 7.1.2.b, 8.1.a, 8.1.1, 8.1.2, 8.1.3.a, 8.1.4, 8.1.6.a, 8.1.7, 8.2.5.a, 8.2.5.b, 8.5.c | 1854 | Data Processor(s) | No | Audit | Log Source List = CCF: All Log Sources |
CCF: Account Management Activity Summary | This report provides a summary of account management activity such as user account creation/deletion, user account name change, and password modified by log source entity. Direct: 10.2.2 Augment: 7.1.2.a, 7.1.2.b, 8.1.a, 8.1.1, 8.1.2, 8.1.3.a, 8.1.4, 8.2.5.a, 8.2.5.b, 8.5.c | 1855 | LogMart | No | Audit | Log Source List = CCF: Cardholder Data Systems, CCF: File Integrity Monitors, CCF: Network Security Systems, CCF: Physical Security Systems |
CCF: AIE Antivirus Activity Summary | This report provides a summary of antivirus activity by impacted application. Direct: 5.2.d Augment: 5.1, 5.2.b, 5.2.c | 1856 | Platform Manager | No | Operations | N/A |
CCF: AIE Backup Activity Summary | This report provides a summary of critical failures, errors, and information from backup software. Augment: 9.7.1, 12.10.5 | 1857 | Platform Manager | No | Operations | N/A |
CCF: AIE Database Authentication Summary | This report provides a summary of database authentication activity. Direct: 10.2.1, 10.2.4, 10.8.b, A3.3.1.b Augment: 8.7.a, 8.7.c, 8.7.d, 10.8.1.b, A1.1, A1.3, A3.3.1.a, A3.4.1, A3.5.1.a, A3.5.1.b | 1858 | Platform Manager | No | Audit | N/A |
CCF: AIE Denied CDE => Internet Comm Summary | This report provides a summary of denied communication from the cardholder data environment to the external internet. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.4 (PCI 3.1 - 1.3.5), 2.2.2.a, 2.2.2.b | 1859 | Platform Manager | No | Operations | N/A |
CCF: AIE Denied DMZ => Internal Comm Summary | This report provides a summary of denied communication from the demilitarized zone to the internal network. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.3 (PCI 3.1 - 1.3.4), 2.2.2.a, 2.2.2.b | 1860 | Platform Manager | No | Operations | N/A |
CCF: AIE Denied Inet => Intrn Comm Summary | This report provides a summary of denied communication from the external internet to all internal environments. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, 1.2.3.b, 1.3.1, 1.3.2, 2.2.2.a, 2.2.2.b | 1861 | Platform Manager | No | Operations | N/A |
CCF: AIE Denied Internet => CDE Comm Summary | This report provides a summary of denied communication from the external internet to the cardholder data environment. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.4 (PCI 3.1 - 1.3.5), 2.2.2.a, 2.2.2.b | 1862 | Platform Manager | No | Operations | N/A |
CCF: AIE Denied Internet => DMZ Comm Summary | This report provides a summary of denied communication from the external internet to the demilitarized zone. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.3 (PCI 3.1 - 1.3.4), 2.2.2.a, 2.2.2.b | 1863 | Platform Manager | No | Operations | N/A |
CCF: AIE Denied Intrn => Inet Comm Summary | This report provides a summary of denied communication from the internal environment to the external internet. Augment: 2.2.2.a, 2.2.2.b, 2.3.b, 4.1.c, 4.1.f | 1864 | Platform Manager | No | Operations | N/A |
CCF: AIE Denied Intrn => Intrn Comm Summary | This report provides a summary of denied communication from the internal environment to the internal environment. Augment: 2.2.2.a, 2.2.2.b, 2.3.b, 4.1.c, 4.1.f | 1865 | Platform Manager | No | Operations | N/A |
CCF: AIE Denied Test => Internal Comm Summary | This report provides a summary of denied communication from the test environment to other internal environments. Augment: 2.2.2.a, 2.2.2.b, 6.4.1.a, 6.4.1.b, 6.4.2 | 1866 | Platform Manager | No | Operations | N/A |
CCF: AIE Denied Test => Internet Comm Summary | This report provides a summary of denied communication from the test environment to the external internet. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, 2.2.2.a, 2.2.2.b, 6.4.1.a, 6.4.1.b, 6.4.2 | 1867 | Platform Manager | No | Operations | N/A |
CCF: AIE Denied Wireless => CDE Comm Summary | This report provides a summary of denied communication from the wireless environment to the internal card holder data environment. Augment: 2.2.2.a, 2.2.2.b | 1868 | Platform Manager | No | Operations | N/A |
CCF: AIE FIM Activity Summary | This report provides a summary of file integrity monitoring activity such as adds, deletes, modifies, group changes, owner changes, and permissions. Direct: 10.5.5, 11.5.a, 11.5.b Augment: 3.6.7.a, 10.2.7, A1.2.b, A1.2.c, A3.2.5.b | 1869 | Platform Manager | No | Security | N/A |
CCF: AIE FIM Critical/Error/Info Summary | This report provides a summary of critical failures, errors, and information from file integrity monitoring software. Augment: 12.10.5 | 1870 | Platform Manager | No | Operations | N/A |
CCF: AIE Firewall Policy Synch Summary | This report provides a summary of firewall policy synchronization activity. Augment: 1.2.2.a, 1.2.2.b | 1871 | Platform Manager | No | Operations | N/A |
CCF: AIE Host Firewall Activity Summary | This report provides a summary of the occurrence of host firewall activity. Augment: 1.4.a | 1872 | Platform Manager | No | Operations | N/A |
CCF: AIE Invalid Account Usage Summary | This report provides a summary of authentication successes and failures from unauthorized accounts such as default account, disabled accounts, and terminated accounts. Direct: 2.1.a, 2.1.b, 10.2.1, 10.2.2, 10.2.4, 10.8.b, A3.3.1.b Augment: 8.1.3.a, 8.1.4, 8.2.5.a, 8.2.5.b, 8.5.c, 10.8.1.b, A1.1, A1.3, A3.3.1.a, A3.4.1, A3.5.1.a, A3.5.1.b | 1873 | Platform Manager | No | Audit | N/A |
CCF: AIE Invalid CDE => Internet Comm Summary | This report provides a summary of un-allowed communication from the cardholder data environment to the external internet. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.4 (PCI 3.1 - 1.3.5), 2.2.2.a, 2.2.2.b | 1874 | Platform Manager | No | Operations | N/A |
CCF: AIE Invalid DMZ => Internal Comm Summary | This report provides a summary of un-allowed communication from the demilitarized zone to the internal network. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.3 (PCI 3.1 - 1.3.4), 2.2.2.a, 2.2.2.b | 1875 | Platform Manager | No | Operations | N/A |
CCF: AIE Invalid Inet => Intrn Comm Summary | This report provides a summary of un-allowed communication from the external internet to all internal environment. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, 1.2.3.b, 1.3.1, 1.3.2, 2.2.2.a, 2.2.2.b | 1876 | Platform Manager | No | Operations | N/A |
CCF: AIE Invalid Internet => CDE Comm Summary | This report provides a summary of un-allowed communication from the external internet to the cardholder data environment. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.4 (PCI 3.1 - 1.3.5), 2.2.2.a, 2.2.2.b | 1877 | Platform Manager | No | Operations | N/A |
CCF: AIE Invalid Internet => DMZ Comm Summary | This report provides a summary of un-allowed communication from the external internet to the demilitarized zone. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.3 (PCI 3.1 - 1.3.4), 2.2.2.a, 2.2.2.b | 1878 | Platform Manager | No | Operations | N/A |
CCF: AIE Invalid Intrn => Inet Comm Summary | This report provides a summary of un-allowed communication from the internal environment to the external internet. Augment: 2.2.2.a, 2.2.2.b, 2.3.b, 4.1.c, 4.1.f | 1879 | Platform Manager | No | Operations | N/A |
CCF: AIE Invalid Intrn => Intrn Comm Summary | This report provides a summary of un-allowed communication from the internal environment to the internal environment. Augment: 2.2.2.a, 2.2.2.b, 2.3.b, 4.1.c, 4.1.f | 1880 | Platform Manager | No | Operations | N/A |
CCF: AIE Invalid Test => Internal Comm Summary | This report provides a summary of un-allowed communication from the test environment to other internal environments. Augment: 2.2.2.a, 2.2.2.b, 6.4.1.a, 6.4.1.b, 6.4.2 | 1881 | Platform Manager | No | Operations | N/A |
CCF: AIE Invalid Test => Internet Comm Summary | This report provides a summary of un-allowed communication from the test environment to the external internet. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, 2.2.2.a, 2.2.2.b, 6.4.1.a, 6.4.1.b, 6.4.2 | 1882 | Platform Manager | No | Operations | N/A |
CCF: AIE Invalid Wireless => CDE Comm Summary | This report provides a summary of un-allowed communication from the wireless environment to the internal card holder data environment. Augment: 2.2.2.a, 2.2.2.b | 1883 | Platform Manager | No | Operations | N/A |
CCF: AIE Physical Security Auth Summary | This report provides a summary of physical access authentication success and failure activity. Augment: 8.1.3.b,9.1, 9.1.1.a, 9.1.2, 9.3.c | 1884 | Platform Manager | No | Audit | N/A |
CCF: AIE Priv Access Granted/Revoked Summary | This report provides a summary of privileged user access granted & revoked by log source entity. Direct: 10.1, 10.2.2, 10.2.5.a, 10.2.5.b, 10.2.5.c Augment: 7.1.1, 7.1.2.a, 7.1.2.b, 8.1.a, 8.1.1, 8.1.2, 8.1.3.a, 8.1.4, 8.1.6.a, 8.1.7, 8.2.5.a, 8.2.5.b, 8.5.c | 1885 | Platform Manager | No | Audit | N/A |
CCF: AIE Remote Session Timeout Summary | This report provides a summary of remote session timeout activity. Augment: 12.3.8.b | 1886 | Platform Manager | No | Audit | N/A |
CCF: AIE Vendor Account Enabled Rule Summary | This report provides a summary of vendor account management activity. Augment: 8.1.a, 8.1.1, 8.1.2, 8.1.3.a, 8.1.4, 8.1.5.a, 8.1.5.b, 8.1.6.b, 8.2.5.a, 8.2.5.b, 8.5.c, 12.3.9 | 1887 | Platform Manager | No | Audit | N/A |
CCF: AIE Vendor Authentication Summary | This report provides a summary of vendor account activity. Direct: 10.2.1, 10.2.4, 10.8.b, A3.3.1.b Augment: 8.1.5.a, 8.1.5.b, 8.1.6.b, 10.8.1.b, 12.3.9, A1.1, A1.3, A3.3.1.a, A3.4.1, A3.5.1.a, A3.5.1.b | 1888 | Platform Manager | No | Audit | N/A |
CCF: Antivirus Activity Summary | This report provides a summary of antivirus activity by impacted application. Direct: 5.2.d Augment: 5.1, 5.2.b, 5.2.c | 1889 | Data Processor(s) | No | Operations | Log Source List = CCF: Network Security Systems |
CCF: Audit Log Summary | This report provides a summary of audit log clearing or write failures. Augment: 10.2.6 | 1890 | LogMart | No | Audit | Log Source List = CCF: All Log Sources |
CCF: Backup Activity Summary | This report provides a summary of critical failures, errors, and information from backup software. Augment: 9.7.1, 12.10.5 | 1891 | Data Processor(s) | No | Operations | Log Source List = CCF: All Log Sources |
CCF: Configuration/Policy Change Summary | This report provides a summary of the occurrence of configuration or policy changes. Direct: 6.2.b, 10.2.2, 10.4.1.a Augment: 12.11.a, A3.2.5.b, 1.1.1.a, 8.1.6.a, 8.1.6.b | 1892 | LogMart | No | Audit | Log Source List = CCF: All Log Sources |
CCF: Database Access Failure Summary | This report provides summary information around database account access failures. Direct: 10.2.1, 10.2.4, 10.8.b, A3.3.1.b Augment: 8.7.a, 8.7.c, 8.7.d, 10.8.1.b, A1.1, A1.3, A3.3.1.a, A3.4.1, A3.5.1.a, A3.5.1.b | 1893 | Data Processor(s) | No | Audit | Log Source List = CCF: Database Systems |
CCF: Database Access Granted/Revoked Summary | This report provides summary information around user access granted and revoked within the defined database environment(s). Augment: 8.1.a, 8.1.1, 8.1.2, 8.1.3.a, 8.1.4, 8.1.6.a, 8.1.7, 8.2.5.a, 8.2.5.b, 8.5.c, 8.7.a, 8.7.c, 8.7.d | 1894 | Platform Manager | No | Audit | Log Source List = CCF: Database Systems |
CCF: Database Account Management Summary | This report provides a summary of access modifications to accounts within the database environment. Augment: 8.1.a, 8.1.1, 8.1.2, 8.1.3.a, 8.1.4, 8.2.5.a, 8.2.5.b, 8.5.c, 8.7.a, 8.7.c, 8.7.d | 1895 | LogMart | No | Audit | Log Source List = CCF: Database Systems |
CCF: Database Authentication Activity Summary | This report provides a summary of database authentication activity. Direct: 10.2.1, 10.2.4, 10.8.b, A3.3.1.b Augment: 8.7.a, 8.7.c, 8.7.d, 10.8.1.b, A1.1, A1.3, A3.3.1.a, A3.4.1, A3.5.1.a, A3.5.1.b | 1896 | Data Processor(s) | No | Audit | Log Source List = CCF: Database Systems |
CCF: Denied CDE => Internet Comm Summary | This report provides a summary of denied communication from the cardholder data environment to the external internet. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.4 (PCI 3.1 - 1.3.5), 2.2.2.a, 2.2.2.b | 1897 | Data Processor(s) | No | Operations | Log Source List = CCF: Network Security Systems |
CCF: Denied DMZ => Internal Comm Summary | This report provides a summary of denied communication from the demilitarized zone to the internal network. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.3 (PCI 3.1 - 1.3.4), 2.2.2.a, 2.2.2.b | 1898 | Data Processor(s) | No | Operations | Log Source List = CCF: Network Security Systems |
CCF: Denied Inet => Intrn Comm Summary | This report provides a summary of denied communication from the external internet to all internal environments. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, 1.2.3.b, 1.3.1, 1.3.2, 2.2.2.a, 2.2.2.b | 1899 | Data Processor(s) | No | Operations | Log Source List = CCF: Network Security Systems |
CCF: Denied Internet => CDE Comm Summary | This report provides a summary of denied communication from the external internet to the cardholder data environment. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.4 (PCI 3.1 - 1.3.5), 2.2.2.a, 2.2.2.b | 1900 | Data Processor(s) | No | Operations | Log Source List = CCF: Network Security Systems |
CCF: Denied Internet => DMZ Comm Summary | This report provides a summary of denied communication from the external internet to the demilitarized zone. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.3 (PCI 3.1 - 1.3.4), 2.2.2.a, 2.2.2.b | 1901 | Data Processor(s) | No | Operations | Log Source List = CCF: Network Security Systems |
CCF: Denied Intrn => Inet Comm Summary | This report provides a summary of denied communication from the internal environment to the external internet. Augment: 2.2.2.a, 2.2.2.b, 2.3.b, 4.1.c, 4.1.f | 1902 | Data Processor(s) | No | Operations | Log Source List = CCF: Network Security Systems |
CCF: Denied Intrn => Intrn Comm Summary | This report provides a summary of denied communication from the internal environment to the internal environment. Augment: 2.2.2.a, 2.2.2.b, 2.3.b, 4.1.c, 4.1.f | 1903 | Data Processor(s) | No | Operations | Log Source List = CCF: Network Security Systems |
CCF: Denied Test => Internal Comm Summary | This report provides a summary of denied communication from the test environment to other internal environments. Augment: 2.2.2.a, 2.2.2.b, 6.4.1.a, 6.4.1.b, 6.4.2 | 1904 | Data Processor(s) | No | Operations | Log Source List = CCF: Network Security Systems |
CCF: Denied Test => Internet Comm Summary | This report provides a summary of denied communication from the test environment to the external internet. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, 2.2.2.a, 2.2.2.b, 6.4.1.a, 6.4.1.b, 6.4.2 | 1905 | Data Processor(s) | No | Operations | Log Source List = CCF: Network Security Systems |
CCF: Denied Wireless => CDE Comm Summary | This report provides a summary of denied communication from the wireless environment to the internal card holder data environment. Augment: 2.2.2.a, 2.2.2.b | 1906 | Data Processor(s) | No | Operations | Log Source List = CCF: Network Security Systems |
CCF: Early TLS/SSL Version Summary | Provides a summary of early TLS/SSL occurrences grouped by oHost. This report provides supplemental support for PCI-DSS controls that are oriented toward the evaluation of TLS and SSL security. Augment: 2.2.3.a, 2.2.3.b, 2.3.e, 4.1.g, 4.1.h, A2.1, A2.2, A2.3 | 1907 | Data Processor(s) | No | Audit | N/A |
CCF: FIM Activity Summary | This report provides a summary of file integrity monitoring activity such as adds, deletes, modifies, group changes, owner changes, and permissions. Direct: 10.5.5, 11.5.a, 11.5.b Augment: 3.6.7.a, 10.2.7, A1.2.b, A1.2.c, A3.2.5.b | 1908 | Data Processor(s) | No | Security | Log Source List = CCF: File Integrity Monitors |
CCF: FIM Critical/Error/Information Summary | This report provides a summary of critical failures, errors, and information from file integrity monitoring software. Augment: 12.10.5 | 1909 | Platform Manager | No | Operations | Log Source List = CCF: File Integrity Monitors |
CCF: Firewall Policy Synch Activity Summary | This report provides a summary of firewall policy synchronization activity. Augment: 1.2.2.a, 1.2.2.b | 1910 | Data Processor(s) | No | Operations | Log Source List = CCF: Network Security Systems |
CCF: Host Firewall Activity Summary | This report provides a summary of the occurrence of host firewall activity. Augment: 1.4.a | 1911 | LogMart | No | Operations | Log Source List = CCF: All Log Sources |
CCF: Invalid Account Usage Summary | This report provides a summary of authentication successes and failures from unauthorized accounts such as default account, disabled accounts, and terminated accounts. Direct: 2.1.a, 2.1.b, 10.2.1, 10.2.2, 10.2.4, 10.8.b, A3.3.1.b Augment: 8.1.3.a, 8.1. | 1912 | Data Processor(s) | No | Audit | Log Source List = CCF: All Log Sources |
CCF: Invalid CDE => Internet Comm Summary | This report provides a summary of un-allowed communication from the cardholder data environment to the external internet. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.4 (PCI 3.1 - 1.3.5), 2.2.2.a, 2.2.2.b | 1913 | Data Processor(s) | No | Operations | Log Source List = CCF: Network Security Systems |
CCF: Invalid DMZ => Internal Comm Summary | This report provides a summary of un-allowed communication from the demilitarized zone to the internal network. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.3 (PCI 3.1 - 1.3.4), 2.2.2.a, 2.2.2.b | 1914 | Data Processor(s) | No | Operations | Log Source List = CCF: Network Security Systems |
CCF: Invalid Inet => Intrn Comm Summary | This report provides a summary of un-allowed communication from the external internet to all internal environments. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, 1.2.3.b, 1.3.1, 1.3.2, 2.2.2.a, 2.2.2.b | 1915 | Data Processor(s) | No | Operations | Log Source List = CCF: Network Security Systems |
CCF: Invalid Internet => CDE Comm Summary | This report provides a summary of un-allowed communication from the external internet to the cardholder data environment. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.4 (PCI 3.1 - 1.3.5), 2.2.2.a, 2.2.2.b | 1916 | Data Processor(s) | No | Operations | Log Source List = CCF: Network Security Systems |
CCF: Invalid Internet => DMZ Comm Summary | This report provides a summary of un-allowed communication from the external internet to the demilitarized zone. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.3 (PCI 3.1 - 1.3.4), 2.2.2.a, 2.2.2.b | 1917 | Data Processor(s) | No | Operations | Log Source List = CCF: Network Security Systems |
CCF: Invalid Intrn => Inet Comm Summary | This report provides a summary of un-allowed communication from the internal environment to the external internet. Augment: 2.2.2.a, 2.2.2.b, 2.3.b, 4.1.c, 4.1.f | 1918 | Data Processor(s) | No | Operations | Log Source List = CCF: Network Security Systems |
CCF: Invalid Intrn => Intrn Comm Summary | This report provides a summary of un-allowed communication from the internal environment to the internal environment. Augment: 2.2.2.a, 2.2.2.b, 2.3.b, 4.1.c, 4.1.f | 1919 | Data Processor(s) | No | Operations | Log Source List = CCF: Network Security Systems |
CCF: Invalid Test => Internal Comm Summary | This report provides a summary of un-allowed communication from the test environment to other internal environments. Augment: 2.2.2.a, 2.2.2.b, 6.4.1.a, 6.4.1.b, 6.4.2 | 1920 | Data Processor(s) | No | Operations | Log Source List = CCF: Network Security Systems |
CCF: Invalid Test => Internet Comm Summary | This report provides a summary of un-allowed communication from the test environment to the external internet. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, 2.2.2.a, 2.2.2.b, 6.4.1.a, 6.4.1.b, 6.4.2 | 1921 | Data Processor(s) | No | Operations | Log Source List = CCF: Network Security Systems |
CCF: Invalid Wireless => CDE Comm Summary | This report provides a summary of un-allowed communication from the wireless environment to the internal card holder data environment. Augment: 2.2.2.a, 2.2.2.b | 1922 | Data Processor(s) | No | Operations | Log Source List = CCF: Network Security Systems |
CCF: Log Volume Summary | This report provides a summary of log management statistics by log source. Direct: 10.5.4, 10.7.b, 10.7.c | 1923 | Platform Manager | No | Log Management | N/A |
CCF: Non-Encrypted Protocol Summary | This report provides a summary of unencrypted applications. Direct: 1.1.6.b Augment: 1.1.6.a, 2.3.b, 4.1.c, 4.1.f, 6.5.4, A2.3 | 1924 | Platform Manager | No | Log Management | N/A |
CCF: Object Creation/Disposal Activity Summary | This report provides a summary of object creations, deletions, and removals. Augment: 10.2.7 | 1925 | Data Processor(s) | No | Operations | Log Source List = CCF: All Log Sources |
CCF: Patch Update Failure Summary | This report provides summary information around patch failure log messages received across Critical and Production environments. Direct: 6.2.b Augment: 12.11.a, A3.2.5.b | 1926 | Data Processor(s) | No | Audit | Log Source List = CCF: Cardholder Data Systems |
CCF: LogRhythm Usage Auditing Summary | This report provides a summary of usage by user. Augment: 10.2.3, 10.6.1.a, 10.6.1.b, 10.6.2.a | 1927 | Platform Manager | No | Operations | N/A |
CCF: Physical Security Auth Activity Summary | This report provides a summary of physical access authentication success and failure activity. Augment: 8.1.3.b,9.1, 9.1.1.a, 9.1.2, 9.3.c | 1928 | Data Processor(s) | No | Audit | Log Source List = CCF: Physical Security Systems |
CCF: Priv Access Granted/Revoked Summary | This report provides a summary of privileged user access granted & revoked by log source entity. Direct: 10.2.2, 10.2.5.a, 10.2.5.b, 10.2.5.c Augment: 10.8.1.b, A1.1, A1.3, A3.3.1.a, A3.4.1, A3.5.1.a, A3.5.1.b | 1929 | Data Processor(s) | No | Audit | Log Source List = CCF: All Log Sources |
CCF: Priv Account Management Activity Summary | This report provides a summary of access modification to privileged accounts (list). Direct: 10.1, 10.2.2, 10.2.5.a, 10.2.5.b, 10.2.5.c Augment: 7.1.2.a, 7.1.2.b, 8.1.a, 8.1.1, 8.1.2, 8.1.3.a, 8.1.4, 8.2.5.a, 8.2.5.b, 8.5.c | 1930 | Data Processor(s) | No | Audit | Log Source List = CCF: All Log Sources |
CCF: Priv Authentication Activity Summary | This report provides a summary of privileged user authentication successes and failures by impacted host. Direct: 10.1, 10.2.1, 10.2.2, 10.2.4, 10.2.5.a, 10.2.5.b, 10.2.5.c, 10.8.b, A3.3.1.b Augment: 7.1.1, 10.8.1.b, A1.1, A1.3, A3.3.1.a, A3.4.1, A3.5.1.a, A3.5.1.b | 1931 | LogMart | No | Audit | Log Source List = CCF: All Log Sources |
CCF: Remote Session Timeout Activity Summary | This report provides a summary of remote session timeout activity. Augment: 12.3.8.b | 1932 | Data Processor(s) | No | Operations | Log Source List = CCF: Network Security Systems |
CCF: Rogue WAP Summary | This report provides a summary of detected rogue access points. Augment: 11.1.b, 11.1.d, 12.10.5 | 1933 | LogMart | No | Security | Log Source List = CCF: All Log Sources |
CCF: Security Event by Impacted App Summary | This report provides a summary of security activity such as attacks, compromises, denial of service, malware, misuse, reconnaissance, and suspicious activity. Augment: 11.4.a, 11.4.b, 11.4.c, 12.10.5 | 1934 | LogMart | No | Security | Log Source List = CCF: Network Security Systems |
CCF: Security Event by Impacted Host Summary | This report provides a summary of security activity like attacks, compromises, denial of service, malware, misuse, reconnaissance, and suspicious activity. Augment: 11.4.a, 11.4.b, 11.4.c, 12.10.5 | 1935 | LogMart | No | Security | Log Source List = CCF: Network Security Systems |
CCF: Security Event by Log Source Ent Summary | This report provides a summary of security activity like attacks, compromises, denial of service, malware, misuse, reconnaissance, and suspicious activity. Augment: 11.4.a, 11.4.b, 11.4.c, 12.10.5 | 1936 | LogMart | No | Security | Log Source List = CCF: Network Security Systems |
CCF: Security Event by Origin Host Summary | This report provides a summary of security activity like attacks, compromises, denial of service, malware, misuse, reconnaissance, and suspicious activity. Augment: 11.4.a, 11.4.b, 11.4.c, 12.10.5 | 1937 | LogMart | No | Security | Log Source List = CCF: Network Security Systems |
CCF: Signature Update Activity Summary | This report provides details on signature update activity. Direct: 5.2.d, 6.2.b Augment: 5.2.b, 5.2.c, 11.4.a, 11.4.b, 11.4.c, 12.11.a, A3.2.5.b | 1938 | LogMart | No | Operations | Log Source List = CCF: Network Security Systems |
CCF: Software Update Activity Summary | This report provides details of software update activity. Direct: 6.2.b Augment: 12.11.a, A3.2.5.b | 1939 | LogMart | No | Operations | Log Source List = CCF: All Log Sources |
CCF: Time Sync Errors Summary | This report provides a summary of time sync errors occurring within in-scope environment. Augment: 10.4.2.b | 1940 | Platform Manager | No | Operations | Log Source List = CCF: All Log Sources |
CCF: TLS/SSL Summary | Provides a summary of TLS/SSL activity grouped by oHost. This report provides supplemental support for PCI-DSS controls that oriented toward the evaluation of TLS and SSL security. Augment: 2.2.3.a, 2.2.3.b, 2.3.e, 4.1.g, 4.1.h, A2.1, A2.2, A2.3 | 1941 | Data Processor(s) | No | Audit | N/A |
CCF: Top Attackers Summary | This report provides a summary of top attackers by origin host. Augment: 11.4.a, 11.4.b, 11.4.c, 12.10.5 | 1942 | Data Processor(s) | No | Security | Log Source List = CCF: Network Security Systems |
CCF: Top Suspicious Users Summary | This report provides a summary of top suspicious users by origin login. Augment: 11.4.a, 11.4.b, 11.4.c, 12.10.5 | 1943 | Data Processor(s) | No | Security | Log Source List = CCF: Network Security Systems |
CCF: Top Targeted Applications Summary | This report provides a summary of top targeted applications by impacted application. Augment: 11.4.a, 11.4.b, 11.4.c, 12.10.5 | 1944 | Data Processor(s) | No | Security | Log Source List = CCF: Network Security Systems |
CCF: Top Targeted Hosts Summary | This report provides a summary of top targeted hosts by impacted host. Augment: 11.4.a, 11.4.b, 11.4.c, 12.10.5 | 1945 | Data Processor(s) | No | Security | Log Source List = CCF: Network Security Systems |
CCF: User Priv Escalation (SU & SUDO) | This report provides summary information specific to a user privilege level status on a Linux environment. This report is specific to Linux based on a search for the MPE rule of SU Session Opened (flat file, SUDO log, or syslog). Direct: 10.2.5.a, 10.2.5.b, 10.2.5.c | 1946 | Data Processor(s) | No | Audit | Log Source List = CCF: All Log Sources |
CCF: User Priv Escalation (Windows) | This report provides summary information around changes in privilege level status of a user on a critical server or workstation, specific to Windows based on event ID, security metadata field of 2. This type of log is generated when a new process is created on a Windows machine and the token type is recorded in the object metadata field. Audit privilege use and audit process tracking must be enabled on the Windows machine being audited. Direct: 10.2.5.a, 10.2.5.b, 10.2.5.c | 1947 | Data Processor(s) | No | Audit | Log Source List = CCF: All Log Sources |
CCF: Vendor Access Failure Summary | This report provides summary information around vendor account access failures. Direct: 10.2.1, 10.2.4, 10.8.b, A3.3.1.b Augment: 8.1.5.a, 8.1.5.b, 8.1.6.b, 10.8.1.b, 12.3.9, A1.1, A1.3, A3.3.1.a, A3.4.1, A3.5.1.a, A3.5.1.b | 1948 | Data Processor(s) | No | Audit | Log Source List = CCF: All Log Sources |
CCF: Vendor Access Granted/Revoked Summary | This report provides summary information around user access granted and revoked for defined vendor accounts (list). Augment: 8.1.a, 8.1.1, 8.1.2, 8.1.3.a, 8.1.4, 8.1.5.a, 8.1.5.b, 8.1.6.a, 8.1.6.b, 8.1.7, 8.2.5.a, 8.2.5.b, 8.5.c, 12.3.9 | 1949 | Platform Manager | No | Audit | Log Source List = CCF: All Log Sources |
CCF: Vendor Account Management Summary | This report provides a summary of vendor account management activity. Augment: 8.1.a, 8.1.1, 8.1.2, 8.1.3.a, 8.1.4, 8.1.5.a, 8.1.5.b, 8.1.6.b, 8.2.5.a, 8.2.5.b, 8.5.c, 12.3.9 | 1950 | Data Processor(s) | No | Audit | Log Source List = CCF: All Log Sources |
CCF: Vendor Authentication Summary | This report provides a summary of vendor account activity. Direct: 10.2.1, 10.2.4, 10.8.b, A3.3.1.b Augment: 8.1.5.a, 8.1.5.b, 8.1.6.b, 10.8.1.b, 12.3.9, A1.1, A1.3, A3.3.1.a, A3.4.1, A3.5.1.a, A3.5.1.b | 1951 | Data Processor(s) | No | Audit | Log Source List = CCF: All Log Sources |
Detail Reports
Report Name | Report Description | Report ID | Data Source | Intelligent Indexing | Classifications | Log Sources |
|---|---|---|---|---|---|---|
CCF: Access Failure Detail | This report provides detail of access failures across the environment that are not vendor or privileged in nature. Direct: 10.2.1, 10.2.4, 10.8.b, A3.3.1.b Augment: 10.8.1.b, A1.1, A1.3, A3.3.1.a, A3.4.1, A3.5.1.a, A3.5.1.b | 1952 | Platform Manager | No | Audit | Log Source List = CCF: Cardholder Data Systems, CCF: Database Systems, CCF: File Integrity Monitors, CCF: Network Security Systems, CCF: Physical Security Systems |
CCF: Access Granted/Revoked Activity Details | This report provides details of disabled/locked accounts by account. Direct: 10.2.2 Augment: 7.1.2.a, 7.1.2.b, 8.1.a, 8.1.1, 8.1.2, 8.1.3.a, 8.1.4, 8.1.6.a, 8.1.7, 8.2.5.a, 8.2.5.b, 8.5.c | 1953 | Data Processor(s) | No | Audit | Log Source List = CCF: All Log Sources |
CCF: Account Management Activity Details | This report provides details of account management activity such as user account creation/deletion, user account name change, and password modified by log source entity. Direct: 10.2.2 Augment: 7.1.2.a, 7.1.2.b, 8.1.a, 8.1.1, 8.1.2, 8.1.3.a, 8.1.4, 8.2.5.a, 8.2.5.b, 8.5.c | 1954 | Platform Manager | No | Audit | Log Source List = CCF: Cardholder Data Systems, CCF: File Integrity Monitors, CCF: Network Security Systems, CCF: Physical Security Systems |
CCF: AIE Access Granted/Revoked Details | This report provides details of disabled/locked accounts by account. Direct: 10.2.2 Augment: 7.1.2.a, 7.1.2.b, 8.1.a, 8.1.1, 8.1.2, 8.1.3.a, 8.1.4, 8.1.6.a, 8.1.7, 8.2.5.a, 8.2.5.b, 8.5.c | 1955 | Platform Manager | No | Audit | N/A |
CCF: AIE Antivirus Activity Details | This report provides details of antivirus activity by impacted application. Direct: 5.2.d Augment: 5.1, 5.2.b, 5.2.c | 1956 | Platform Manager | No | Operations | N/A |
CCF: AIE Backup Activity Details | This report provides details of critical failures, errors, and information from backup software. Augment: 9.7.1, 12.10.5 | 1957 | Platform Manager | No | Operations | N/A |
CCF: AIE Database Authentication Details | This report provides details of database authentication activity. Direct: 10.2.1, 10.2.4, 10.8.b, A3.3.1.b Augment: 8.7.a, 8.7.c, 8.7.d, 10.8.1.b, A1.1, A1.3, A3.3.1.a, A3.4.1, A3.5.1.a, A3.5.1.b | 1958 | Platform Manager | No | Audit | N/A |
CCF: AIE Denied CDE => Internet Comm Details | This report provides details of denied communication from the cardholder data environment to the external internet. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.4 (PCI 3.1 - 1.3.5), 2.2.2.a, 2.2.2.b | 1959 | Platform Manager | No | Operations | N/A |
CCF: AIE Denied DMZ => Internal Comm Details | This report provides details of denied communication from the demilitarized zone to the internal network. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.3 (PCI 3.1 - 1.3.4), 2.2.2.a, 2.2.2.b | 1960 | Platform Manager | No | Operations | N/A |
CCF: AIE Denied Inet => Intrn Comm Details | This report provides details of denied communication from the external internet to all internal environments. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, 1.2.3.b, 1.3.1, 1.3.2, 2.2.2.a, 2.2.2.b | 1961 | Platform Manager | No | Operations | N/A |
CCF: AIE Denied Internet => CDE Comm Details | This report provides details of denied communication from the external internet to the cardholder data environment. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.4 (PCI 3.1 - 1.3.5), 2.2.2.a, 2.2.2.b | 1962 | Platform Manager | No | Operations | N/A |
CCF: AIE Denied Internet => DMZ Comm Details | This report provides details of denied communication from the external internet to the demilitarized zone. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.3 (PCI 3.1 - 1.3.4), 2.2.2.a, 2.2.2.b | 1963 | Platform Manager | No | Operations | N/A |
CCF: AIE Denied Intrn => Inet Comm Details | This report provides details of denied communication from the internal environment to the external internet. Augment: 2.2.2.a, 2.2.2.b, 2.3.b, 4.1.c, 4.1.f | 1964 | Platform Manager | No | Operations | N/A |
CCF: AIE Denied Intrn => Intrn Comm Details | This report provides details of denied communication from the internal environment to the internal environment. Augment: 2.2.2.a, 2.2.2.b, 2.3.b, 4.1.c, 4.1.f | 1965 | Platform Manager | No | Operations | N/A |
CCF: AIE Denied Test => Internal Comm Details | This report provides details of denied communication from the test environment to other internal environments. Augment: 2.2.2.a, 2.2.2.b, 6.4.1.a, 6.4.1.b, 6.4.2 | 1966 | Platform Manager | No | Operations | N/A |
CCF: AIE Denied Test => Internet Comm Details | This report provides details of denied communication from the test environment to the external internet. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, 2.2.2.a, 2.2.2.b, 6.4.1.a, 6.4.1.b, 6.4.2 | 1967 | Platform Manager | No | Operations | N/A |
CCF: AIE Denied Wireless => CDE Comm Details | This report provides details of denied communication from the wireless environment to the internal card holder data environment. Augment: 2.2.2.a, 2.2.2.b | 1968 | Platform Manager | No | Operations | N/A |
CCF: AIE FIM Activity Details | This report provides details of file integrity monitoring activity like adds, deletes, modifies, group changes, owner changes, and permissions. Direct: 10.5.5, 11.5.a, 11.5.b Augment: 3.6.7.a, 10.2.7, A1.2.b, A1.2.c, A3.2.5.b | 1969 | Platform Manager | No | Security | N/A |
CCF: AIE FIM Critical/Error/Info Details | This report provides details of critical failures, errors, and information from file integrity monitoring software. Augment: 12.10.5 | 1970 | Platform Manager | No | Operations | N/A |
CCF: AIE Firewall Policy Synch Details | This report provides details of firewall policy synchronization activity. Augment: 1.2.2.a, 1.2.2.b | 1971 | Platform Manager | No | Operations | N/A |
CCF: AIE Host Firewall Activity Details | This report provides details of the occurrence of host firewall activity. Augment: 1.4.a | 1972 | Platform Manager | No | Operations | N/A |
CCF: AIE Invalid Account Usage Details | This report provides details of authentication successes and failures from unauthorized accounts such as default account, disabled accounts, and terminated accounts. Direct: 2.1.a, 2.1.b, 10.2.1, 10.2.2, 10.2.4, 10.8.b, A3.3.1.b Augment: 8.1.3.a, 8.1.4, 8.2.5.a, 8.2.5.b, 8.5.c, 10.8.1.b, A1.1, A1.3, A3.3.1.a, A3.4.1, A3.5.1.a, A3.5.1.b | 1973 | Platform Manager | No | Audit | N/A |
CCF: AIE Invalid CDE => Internet Comm Details | This report provides details of un-allowed communication from the cardholder data environment to the external internet. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.4 (PCI 3.1 - 1.3.5), 2.2.2.a, 2.2.2.b | 1974 | Platform Manager | No | Operations | N/A |
CCF: AIE Invalid DMZ => Internal Comm Details | This report provides details of un-allowed communication from the demilitarized zone to the internal network. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.3 (PCI 3.1 - 1.3.4), 2.2.2.a, 2.2.2.b | 1975 | Platform Manager | No | Operations | N/A |
CCF: AIE Invalid Inet => Intrn Comm Details | This report provides details of un-allowed communication from the external internet to all internal environment. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, 1.2.3.b, 1.3.1, 1.3.2, 2.2.2.a, 2.2.2.b | 1976 | Platform Manager | No | Operations | N/A |
CCF: AIE Invalid Internet => CDE Comm Details | This report provides details of un-allowed communication from the external internet to the cardholder data environment. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.4 (PCI 3.1 - 1.3.5), 2.2.2.a, 2.2.2.b | 1977 | Platform Manager | No | Operations | N/A |
CCF: AIE Invalid Internet => DMZ Comm Details | This report provides details of un-allowed communication from the external internet to the demilitarized zone. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.3 (PCI 3.1 - 1.3.4), 2.2.2.a, 2.2.2.b | 1978 | Platform Manager | No | Operations | N/A |
CCF: AIE Invalid Intrn => Inet Comm Details | This report provides details of un-allowed communication from the internal environment to the external internet. Augment: 2.2.2.a, 2.2.2.b, 2.3.b, 4.1.c, 4.1.f | 1979 | Platform Manager | No | Operations | N/A |
CCF: AIE Invalid Intrn => Intrn Comm Details | This report provides details of un-allowed communication from the internal environment to the internal environment. Augment: 2.2.2.a, 2.2.2.b, 2.3.b, 4.1.c, 4.1.f | 1980 | Platform Manager | No | Operations | N/A |
CCF: AIE Invalid Test => Internal Comm Details | This report provides details of un-allowed communication from the test environment to other internal environments. Augment: 2.2.2.a, 2.2.2.b, 6.4.1.a, 6.4.1.b, 6.4.2 | 1981 | Platform Manager | No | Operations | N/A |
CCF: AIE Invalid Test => Internet Comm Details | This report provides details of un-allowed communication from the test environment to the external internet. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, 2.2.2.a, 2.2.2.b, 6.4.1.a, 6.4.1.b, 6.4.2 | 1982 | Platform Manager | No | Operations | N/A |
CCF: AIE Invalid Wireless => CDE Comm Details | This report provides details of un-allowed communication from the wireless environment to the internal card holder data environment. Augment: 2.2.2.a, 2.2.2.b | 1983 | Platform Manager | No | Operations | N/A |
CCF: AIE Physical Security Auth Details | This report provides details of physical access authentication success and failure activity. Augment: 8.1.3.b,9.1, 9.1.1.a, 9.1.2, 9.3.c | 1984 | Platform Manager | No | Audit | N/A |
CCF: AIE Priv Access Granted/Revoked Details | This report provides details of privileged user access granted & revoked by log source entity. Direct: 10.1, 10.2.2, 10.2.5.a, 10.2.5.b, 10.2.5.c Augment: 7.1.1, 7.1.2.a, 7.1.2.b, 8.1.a, 8.1.1, 8.1.2, 8.1.3.a, 8.1.4, 8.1.6.a, 8.1.7, 8.2.5.a, 8.2.5.b, 8.5.c | 1985 | Platform Manager | No | Audit | N/A |
CCF: AIE Remote Session Timeout Details | This report provides details of remote session timeout activity. Augment: 12.3.8.b | 1986 | Platform Manager | No | Operations | N/A |
CCF: AIE Vendor Authentication Details | This report provides details of vendor account activity. Direct: 10.2.1, 10.2.4, 10.8.b, A3.3.1.b Augment: 8.1.5.a, 8.1.5.b, 8.1.6.b, 10.8.1.b, 12.3.9, A1.1, A1.3, A3.3.1.a, A3.4.1, A3.5.1.a, A3.5.1.b | 1987 | Platform Manager | No | Audit | N/A |
CCF: Antivirus Activity Details | This report provides details of antivirus activity by impacted application. Direct: 5.2.d Augment: 5.1, 5.2.b, 5.2.c | 1988 | Data Processor(s) | No | Operations | Log Source List = CCF: Network Security Systems |
CCF: Audit Log Details | This report provides details of audit log clearing or write failures. Augment: 10.2.6 | 1989 | Data Processor(s) | No | Audit | Log Source List = CCF: All Log Sources |
CCF: Authentication Failure Detail | This report provides detail around authentication failures across the environment, but does not include privileged, vendor or database accounts. Direct: 10.2.1, 10.2.4, 10.8.b, A3.3.1.b Augment: 10.8.1.b, A1.1, A1.3, A3.3.1.a, A3.4.1, A3.5.1.a, A3.5.1.b | 1990 | Platform Manager | No | Audit | Log Source List = CCF: Cardholder Data Systems, CCF: File Integrity Monitors, CCF: Network Security Systems, CCF: Physical Security Systems |
CCF: Backup Activity Details | This report provides details of critical failures, errors, and information from backup software. Augment: 9.7.1, 12.10.5 | 1991 | Data Processor(s) | No | Operations | Log Source List = CCF: All Log Sources |
CCF: Configuration/Policy Change Details | This report provides details of the occurrence of configuration or policy changes. Direct: 6.2.b, 10.2.2, 10.4.1.a Augment: 12.11.a, A3.2.5.b, 1.1.1.a, 8.1.6.a, 8.1.6.b | 1992 | Data Processor(s) | No | Audit | Log Source List = CCF: All Log Sources |
CCF: Database Access Failure Detail | This report provides detail information around database account access failures. Direct: 10.2.1, 10.2.4, 10.8.b, A3.3.1.b Augment: 8.7.a, 8.7.c, 8.7.d, 10.8.1.b, A1.1, A1.3, A3.3.1.a, A3.4.1, A3.5.1.a, A3.5.1.b | 1993 | Platform Manager | No | Audit | CCF: Database Systems |
CCF: Database Access Granted/Revoked Details | This report provides detail information around user access granted and revoked within the defined database environment(s). Augment: 8.1.a, 8.1.1, 8.1.2, 8.1.3.a, 8.1.4, 8.1.6.a, 8.1.7, 8.2.5.a, 8.2.5.b, 8.5.c, 8.7.a, 8.7.c, 8.7.d | 1994 | Platform Manager | No | Audit | Log Source List = CCF: Database Systems |
CCF: Database Account Management Details | This report provides details of access modifications to accounts within the database environment. Augment: 8.1.a, 8.1.1, 8.1.2, 8.1.3.a, 8.1.4, 8.2.5.a, 8.2.5.b, 8.5.c, 8.7.a, 8.7.c, 8.7.d | 1995 | Data Processor(s) | No | Audit | Log Source List = CCF: Database Systems |
CCF: Database Authentication Activity Details | This report provides details of database authentication activity. Direct: 10.2.1, 10.2.4, 10.8.b, A3.3.1.b Augment: 8.7.a, 8.7.c, 8.7.d, 10.8.1.b, A1.1, A1.3, A3.3.1.a, A3.4.1, A3.5.1.a, A3.5.1.b | 1996 | Data Processor(s) | No | Audit | Log Source List = CCF: Database Systems |
CCF: Denied CDE => Internet Comm Details | This report provides details of denied communication from the cardholder data environment to the external internet. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.4 (PCI 3.1 - 1.3.5), 2.2.2.a, 2.2.2.b | 1997 | Data Processor(s) | No | Operations | Log Source List = CCF: Network Security Systems |
CCF: Denied DMZ => Internal Comm Details | This report provides details of denied communication from the demilitarized zone to the internal network. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.3 (PCI 3.1 - 1.3.4), 2.2.2.a, 2.2.2.b | 1998 | Data Processor(s) | No | Operations | Log Source List = CCF: Network Security Systems |
CCF: Denied Inet => Intrn Comm Details | This report provides details of denied communication from the external internet to all internal environments. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, 1.2.3.b, 1.3.1, 1.3.2, 2.2.2.a, 2.2.2.b | 1999 | Data Processor(s) | No | Operations | Log Source List = CCF: Network Security Systems |
CCF: Denied Internet => CDE Comm Details | This report provides details of denied communication from the external internet to the cardholder data environment. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.4 (PCI 3.1 - 1.3.5), 2.2.2.a, 2.2.2.b | 2000 | Data Processor(s) | No | Operations | Log Source List = CCF: Network Security Systems |
CCF: Denied Internet => DMZ Comm Details | This report provides details of denied communication from the external internet to the demilitarized zone. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.3 (PCI 3.1 - 1.3.4), 2.2.2.a, 2.2.2.b | 2001 | Data Processor(s) | No | Operations | Log Source List = CCF: Network Security Systems |
CCF: Denied Intrn => Inet Comm Details | This report provides details of denied communication from the internal environment to the external internet. Augment: 2.2.2.a, 2.2.2.b, 2.3.b, 4.1.c, 4.1.f | 2002 | Data Processor(s) | No | Operations | Log Source List = CCF: Network Security Systems |
CCF: Denied Intrn => Intrn Comm Details | This report provides details of denied communication from the internal environment to the internal environment. Augment: 2.2.2.a, 2.2.2.b, 2.3.b, 4.1.c, 4.1.f | 2003 | Data Processor(s) | No | Operations | Log Source List = CCF: Network Security Systems |
CCF: Denied Test => Internal Comm Details | This report provides details of denied communication from the test environment to other internal environments. Augment: 2.2.2.a, 2.2.2.b, 6.4.1.a, 6.4.1.b, 6.4.2 | 2004 | Data Processor(s) | No | Operations | Log Source List = CCF: Network Security Systems |
CCF: Denied Test => Internet Comm Details | This report provides details of denied communication from the test environment to the external internet. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, 2.2.2.a, 2.2.2.b, 6.4.1.a, 6.4.1.b, 6.4.2 | 2005 | Data Processor(s) | No | Operations | Log Source List = CCF: Network Security Systems |
CCF: Denied Wireless => CDE Comm Details | This report provides details of denied communication from the wireless environment to the internal card holder data environment. Augment: 2.2.2.a, 2.2.2.b | 2006 | Data Processor(s) | No | Operations | Log Source List = CCF: Network Security Systems |
CCF: Early TLS/SSL Version Detail | Provides a detail report of early TLS/SSL occurrences grouped by oHost. This report provides supplemental support for PCI-DSS controls that oriented toward the evaluation of TLS and SSL security. Augment: 2.2.3.a, 2.2.3.b, 2.3.e, 4.1.g, 4.1.h, A2.1, A2.2, A2.3 | 2007 | Data Processor(s) | No | Audit | N/A |
CCF: FIM Activity Details | This report provides details of file integrity monitoring activity such as adds, deletes, modifies, group changes, owner changes, and permissions. Direct: 10.5.5, 11.5.a, 11.5.b Augment: 3.6.7.a, 10.2.7, A1.2.b, A1.2.c, A3.2.5.b | 2008 | Data Processor(s) | No | Security | Log Source List = CCF: File Integrity Monitors |
CCF: FIM Critical/Error/Information Details | This report provides details of critical failures, errors, and information from file integrity monitoring software. Augment: 12.10.5 | 2009 | Platform Manager | No | Operations | Log Source List = CCF: File Integrity Monitors |
CCF: Firewall Policy Synch Activity Details | This report provides details of firewall policy synchronization activity. Augment: 1.2.2.a, 1.2.2.b | 2010 | Data Processor(s) | No | Operations | Log Source List = CCF: Network Security Systems |
CCF: Host Firewall Activity Details | This report provides details of the occurrence of host firewall activity. Augment: 1.4.a | 2011 | Data Processor(s) | No | Operations | Log Source List = CCF: All Log Sources |
CCF: Invalid Account Usage Details | This report provides details of authentication successes and failures from unauthorized accounts such as default account, disabled accounts, and terminated accounts. Direct: 2.1.a, 2.1.b, 10.2.1, 10.2.2, 10.2.4, 10.8.b, A3.3.1.b Augment: 8.1.3.a, 8.1. | 2012 | Data Processor(s) | No | Audit | Log Source List = CCF: All Log Sources |
CCF: Invalid CDE => Internet Comm Details | This report provides details of un-allowed communication from the cardholder data environment to the external internet. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.4 (PCI 3.1 - 1.3.5), 2.2.2.a, 2.2.2.b | 2013 | Data Processor(s) | No | Operations | Log Source List = CCF: Network Security Systems |
CCF: Invalid DMZ => Internal Comm Details | This report provides details of un-allowed communication from the demilitarized zone to the internal network. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.3 (PCI 3.1 - 1.3.4), 2.2.2.a, 2.2.2.b | 2014 | Data Processor(s) | No | Operations | Log Source List = CCF: Network Security Systems |
CCF: Invalid Inet => Intrn Comm Details | This report provides details of un-allowed communication from the external internet to all internal environments. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, 1.2.3.b, 1.3.1, 1.3.2, 2.2.2.a, 2.2.2.b | 2015 | Data Processor(s) | No | Operations | Log Source List = CCF: Network Security Systems |
CCF: Invalid Internet => CDE Comm Details | This report provides details of un-allowed communication from the external internet to the cardholder data environment. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.4 (PCI 3.1 - 1.3.5), 2.2.2.a, 2.2.2.b | 2016 | Data Processor(s) | No | Operations | Log Source List = CCF: Network Security Systems |
CCF: Invalid Internet => DMZ Comm Details | This report provides details of un-allowed communication from the external internet to the demilitarized zone. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.3 (PCI 3.1 -1.3.4), 2.2.2.a, 2.2.2.b | 2017 | Data Processor(s) | No | Operations | Log Source List = CCF: Network Security Systems |
CCF: Invalid Intrn => Inet Comm Details | This report provides details of un-allowed communication from the internal environment to the external internet. Augment: 2.2.2.a, 2.2.2.b, 2.3.b, 4.1.c, 4.1.f | 2018 | Data Processor(s) | No | Operations | Log Source List = CCF: Network Security Systems |
CCF: Invalid Intrn => Intrn Comm Details | This report provides details of un-allowed communication from the internal environment to the internal environment. Augment: 2.2.2.a, 2.2.2.b, 2.3.b, 4.1.c, 4.1.f | 2019 | Data Processor(s) | No | Operations | Log Source List = CCF: Network Security Systems |
CCF: Invalid Test => Internal Comm Details | This report provides details of un-allowed communication from the test environment to other internal environments. Augment: 2.2.2.a, 2.2.2.b, 6.4.1.a, 6.4.1.b, 6.4.2 | 2020 | Data Processor(s) | No | Operations | Log Source List = CCF: Network Security Systems |
CCF: Invalid Test => Internet Comm Details | This report provides details of un-allowed communication from the test environment to the external internet. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, 2.2.2.a, 2.2.2.b, 6.4.1.a, 6.4.1.b, 6.4.2 | 2021 | Data Processor(s) | No | Operations | Log Source List = CCF: Network Security Systems |
CCF: Invalid Wireless => CDE Comm Details | This report provides details of un-allowed communication from the wireless environment to the internal card holder data environment. Augment: 2.2.2.a, 2.2.2.b | 2022 | Data Processor(s) | No | Operations | Log Source List = CCF: Network Security Systems |
CCF: LogRhythm Alarm And Response Details | This report provides details of all alarms alarm, events, notifications, and response activity by entity. Augment: 12.10.5 | 2023 | Platform Manager | No | Event Management | N/A |
CCF: LogRhythm Usage Auditing by Date Details | This report provides details of usage by date. Augment: 10.2.3, 10.6.1.a, 10.6.1.b, 10.6.2.a | 2024 | Platform Manager | No | Log Management | N/A |
CCF: LogRhythm Usage Auditing by User Details | This report provides details of usage by user. Augment: 10.2.3, 10.6.1.a, 10.6.1.b, 10.6.2.a | 2025 | Platform Manager | No | Log Management | N/A |
CCF: Non-Encrypted Protocol Details | This report provides details of unencrypted applications. Direct: 1.1.6.b Augment: 1.1.6.a, 2.3.b, 4.1.c, 4.1.f, 6.5.4, A2.3 | 2026 | Data Processor(s) | No | Operations | Log Source List = CCF: All Log Sources |
CCF: Object Creation/Disposal Activity Details | This report provides details of object creations, deletions, and removals. Augment: 10.2.7 | 2027 | Data Processor(s) | No | Audit | Log Source List = CCF: Cardholder Data Systems |
CCF: Patch Update Failure Detail | This report provides detail information around patch failure log messages received across Critical and Production environments. Direct: 6.2.b Augment: 12.11.a, A3.2.5.b | 2028 | Platform Manager | No | Operations | N/A |
CCF: Physical Security Auth Activity Details | This report provides details of physical access authentication success and failure activity. Augment: 8.1.3.b,9.1, 9.1.1.a, 9.1.2, 9.3.c | 2029 | Data Processor(s) | No | Audit | Log Source List = CCF: Physical Security Systems |
CCF: Priv Access Failure Detail | This report provides details of privileged user access granted & revoked by log source entity. Direct: 10.2.2, 10.2.5.a, 10.2.5.b, 10.2.5.c Augment: 10.8.1.b, A1.1, A1.3, A3.3.1.a, A3.4.1, A3.5.1.a, A3.5.1.b | 2030 | Platform Manager | No | Audit | Log Source List = CCF: All Log Sources |
CCF: Priv Access Granted/Revoked Details | This report provides details of privileged user access granted & revoked by log source entity. Direct: 10.2.2, 10.2.5.a, 10.2.5.b, 10.2.5.c Augment: 7.1.1, 7.1.2.a, 7.1.2.b, 8.1.a, 8.1.1, 8.1.2, 8.1.3.a, 8.1.4, 8.1.6.a, 8.1.7, 8.2.5.b, 8.5.c | 2031 | Data Processor(s) | No | Audit | Log Source List = CCF: All Log Sources |
CCF: Priv Account Management Activity Details | This report provides details of access modification to privileged accounts (list). Direct: 10.1, 10.2.2, 10.2.5.a, 10.2.5.b, 10.2.5.c Augment: 7.1.2.a, 7.1.2.b, 8.1.a, 8.1.1, 8.1.2, 8.1.3.a, 8.1.4, 8.2.5.a, 8.2.5.b, 8.5.c | 2032 | Data Processor(s) | No | Audit | Log Source List = CCF: All Log Sources |
CCF: Priv Authentication Activity Detail | This report provides details of privileged user authentication successes and failures by impacted host. Direct: 10.1, 10.2.1, 10.2.2, 10.2.4, 10.2.5.a, 10.2.5.b, 10.2.5.c, 10.8.b, A3.3.1.b Augment: 7.1.1, 10.8.1.b, A1.1, A1.3, A3.3.1.a, A3.4.1, A3.5.1.a, A3.5.1.b | 2033 | Data Processor(s) | No | Audit | Log Source List = CCF: All Log Sources |
CCF: Remote Session Timeout Activity Details | This report provides details of remote session timeout activity. Augment: 12.3.8.b | 2034 | Data Processor(s) | No | Operations | Log Source List = CCF: Network Security Systems |
CCF: Rogue WAP Detail | This report provides details of detected rogue access points. Augment: 11.1.b, 11.1.d, 12.10.5 | 2035 | Platform Manager | No | Security | Log Source List = CCF: All Log Sources |
CCF: Security Event by Impacted App Details | This report provides details of security activity such as attacks, compromises, denial of service, malware, misuse, reconnaissance, and suspicious activity. Augment: 11.4.a, 11.4.b, 11.4.c, 12.10.5 | 2036 | Platform Manager | No | Security | Log Source List = CCF: Network Security Systems |
CCF: Security Event by Impacted Host Details | This report provides details of security activity such as attacks, compromises, denial of service, malware, misuse, reconnaissance, and suspicious activity. Augment: 11.4.a, 11.4.b, 11.4.c, 12.10.5 | 2037 | Platform Manager | No | Security | Log Source List = CCF: Network Security Systems |
CCF: Security Event by Log Source Ent Details | This report provides details of security activity such as attacks, compromises, denial of service, malware, misuse, reconnaissance, and suspicious activity. Augment: 11.4.a, 11.4.b, 11.4.c, 12.10.5 | 2038 | Platform Manager | No | Security | Log Source List = CCF: Network Security Systems |
CCF: Security Event by Origin Host Details | This report provides details of security activity such as attacks, compromises, and denial of service, malware, misuse, reconnaissance, suspicious activity. Augment: 11.4.a, 11.4.b, 11.4.c, 12.10.5 | 2039 | Platform Manager | No | Security | Log Source List = CCF: Network Security Systems |
CCF: Signature Update Activity Details | This report provides details on signature update activity. Direct: 5.2.d, 6.2.b Augment: 5.2.b, 5.2.c, 11.4.a, 11.4.b, 11.4.c, 12.11.a, A3.2.5.b | 2040 | Data Processor(s) | No | Operations | Log Source List = CCF: Network Security Systems |
CCF: Software Update Activity Details | This report provides details of software update activity. Direct: 6.2.b Augment: 12.11.a, A3.2.5.b | 2041 | Data Processor(s) | No | Operations | Log Source List = CCF: All Log Sources |
CCF: TLS/SSL Detail | Provides a detail report of TLS/SSL activity grouped by oHost. This report provides supplemental support for PCI-DSS controls that oriented toward the evaluation of TLS and SSL security. Augment: 2.2.3.a, 2.2.3.b, 2.3.e, 4.1.g, 4.1.h, A2.1, A2.2, A2.3 | 2042 | Data Processor(s) | No | Audit | N/A |
CCF: Vendor Access Failure Detail | This report provides detail information around vendor account access failures. Direct: 10.2.1, 10.2.4, 10.8.b, A3.3.1.b Augment: 8.1.5.a, 8.1.5.b, 8.1.6.b, 10.8.1.b, 12.3.9, A1.1, A1.3, A3.3.1.a, A3.4.1, A3.5.1.a, A3.5.1.b | 2043 | Platform Manager | No | Audit | Log Source List = CCF: All Log Sources |
CCF: Vendor Access Granted/Revoked Details | This report provides detail information around user access granted and revoked for defined vendor accounts (list). Augment: 8.1.a, 8.1.1, 8.1.2, 8.1.3.a, 8.1.4, 8.1.5.a, 8.1.5.b, 8.1.6.a, 8.1.6.b, 8.1.7, 8.2.5.a, 8.2.5.b, 8.5.c, 12.3.9 | 2044 | Platform Manager | No | Audit | Log Source List = CCF: All Log Sources |
CCF: Vendor Account Management Details | This report provides details of vendor account management activity. Augment: 8.1.a, 8.1.1, 8.1.2, 8.1.3.a, 8.1.4, 8.1.5.a, 8.1.5.b, 8.1.6.b, 8.2.5.a, 8.2.5.b, 8.5.c, 12.3.9 | 2045 | Data Processor(s) | No | Audit | Log Source List = CCF: All Log Sources |
CCF: Vendor Authentication Details | This report provides details of vendor account activity. Direct: 10.2.1, 10.2.4, 10.8.b, A3.3.1.b Augment: 8.1.5.a, 8.1.5.b, 8.1.6.b, 10.8.1.b, 12.3.9, A1.1, A1.3, A3.3.1.a, A3.4.1, A3.5.1.a, A3.5.1.b | 2046 | Data Processor(s) | No | Audit | Log Source List = CCF: Network Security Systems |
Reporting Packages
Reporting Package | Description |
|---|---|
CCF: Weekly IT Operations AIE Report Package | These are reports IT Operations should run and review on a weekly basis. |
CCF: Daily IT Operations Report Package | These are reports IT Operations should run and review on a daily basis. |
CCF: Daily IT Security Report Package | These are reports Security Operations should run and review on a daily basis. |
CCF: Weekly Audit Report Package | These are reports Audit should run and review on a weekly basis. |
CCF: Monthly Executive Report Package | These are reports Executive Management should run and review on a monthly basis. |
CCF: Weekly IT Security AIE Report Package | These are reports Security Management should run and review on a weekly basis. |