Skip to main content
Skip table of contents

NRC RG 5.71 – Reports

The following table provides a listing of all reports included in this compliance package. For each report, the targeted data source, the required classifications, and the required Log Source Lists are provided. If you are unable to implement the Data Management Settings, this table should be referred to so as to understand which reports will be impacted.

Reports with a data source of Log Manager will not populate in a fully collection- optimized deployment. Contact LogRhythm Support for additional details.

Report ID

Report Name

Data Source

Intelligent Indexing

Required Classifications

Required Log Source Lists

476

NRC: Account Lockout Summary

Log Mart

No

Account Modified, Access Revoked

NRC: Production Servers, NRC: Workstations, NRC: Wireless Access Points, NRC: Remote Access Systems, NRC: Network Access Control Systems, NRC: Security Systems

477

NRC: Account Management Activity

Log Mart

No

Account Created, Account Deleted, Account Modified

NRC: Production Servers, NRC: Workstations, NRC: Wireless Access Points, NRC: Network Access Control Systems

478

NRC: Attacks Detected

Log Mart

No

Attack, Compromise, Denial of Service

NRC: Production Servers, NRC: Workstations, NRC: Network Access Control Systems, NRC: Security Systems

479

NRC: Audit Failure By Host

Log Mart

No

Access Failure, Authentication Failure, Other Audit Failure

NRC: Production Servers, NRC: Workstations, NRC: Wireless Access Points, NRC: Remote Access Systems, NRC: Network Access Control Systems

480

NRC: Audit Failure By User

Log Manager

Yes

Access Failure, Authentication Failure, Other Audit Failure

NRC: Production Servers, NRC: Workstations, NRC: Wireless Access Points, NRC: Remote Access Systems, NRC: Network Access Control Systems

481

NRC: Compromises Detected

Log Mart

No

Compromise

NRC: Production Servers, NRC: Workstations, NRC: Network Access Control Systems, NRC: Security Systems

482

NRC: Configuration Change Summary

Log Manager

Yes

Configuration

NRC: Production Servers, NRC: Workstations, NRC: Wireless Access Points, NRC: Remote Access Systems, NRC: Network Access Control Systems, NRC: Security Systems

483

NRC: Disabled Accounts

Log Mart

No

Account Modified, Access Revoked,

NRC: Production Servers, NRC: Workstations, NRC: Network Access Control Systems

484

NRC: Door Access Summary

Log Manager

Yes

Access Success, Authentication Success, Compromise

NRC: Security Systems

485

NRC: Failed Application Access

Log Mart

No

Access Failure, Authentication Failure

NRC: Production Servers, NRC: Workstations

486

NRC: Failed File Access

Log Manager

Yes

Access Failure

NRC: Production Servers, NRC: Workstations

487

NRC: Failed Host Access

Log Mart

No

Authentication Failure

NRC: Production Servers, NRC: Workstations, NRC: Wireless Access Points, NRC: Remote Access Systems, NRC: Network Access Control Systems, NRC: Security Systems

488

NRC: File Integrity Monitor Log Detail

Log Manager

No

Activity

NRC: File Integrity Monitoring Systems

489

NRC: File Integrity Monitor Log Detail

Log Manager

No

Activity

NRC: File Integrity Monitoring Systems

490

NRC: File Integrity Monitor Summary

Log Manager

No

Activity

NRC: File Integrity Monitoring Systems

491

NRC: Host Access Granted And Revoked

Log Mart

No

Access Granted, Access Revoked

NRC: Production Servers, NRC: Workstations, NRC: Network Access Control Systems

492

NRC: Host Authentication Summary

Log Mart

No

Authentication Success

NRC: Production Servers, NRC: Workstations, NRC: Network Access Control Systems

493

NRC: Network Connection Summary

Log Manager

No

Network Allow, Network Deny, Network Traffic

NRC: Network Access Control Systems

494

NRC: Network Service Summary

Log Manager

No

Network Allow, Network Deny, Network Traffic

NRC: Network Access Control Systems

495

NRC: New Account Summary

Log Mart

No

Account Created

NRC: Production Servers, NRC: Workstations, NRC: Network Access Control Systems

496

NRC: Object Access Summary

Log Manager

No

Access Success

NRC: Production Servers

497

NRC: Policy Activity Summary

Log Mart

No

Access Granted, Access Revoked, Policy

NRC: Production Servers, NRC: Workstations, NRC: Wireless Access Points, NRC: Remote Access Systems, NRC: Network Access Control Systems, NRC: Security Systems

498

NRC: Processes By User

Log Manager

No

Startup and Shutdown

NRC: Production Servers, NRC: Workstations

499

NRC: Security Event Summary

Log Mart

No

Attack, Compromise, Denial of Service, Malware, Reconnaissance, Suspicious

NRC: Data Loss Prevention Systems, NRC: Network Access Control Systems, NRC: Security Systems, NRC: Production Servers, NRC: Workstations, NRC: Wireless Access Points, NRC: Remote Access Systems, NRC: File Integrity Monitoring Systems

500

NRC: Security Event Summary

Log Mart

No

Attack, Compromise, Denial of Service, Malware, Reconnaissance, Suspicious

NRC: Data Loss Prevention Systems, NRC: Network Access Control Systems, NRC: Security Systems, NRC: Production Servers, NRC: Workstations, NRC: Wireless Access Points, NRC: Remote Access Systems, NRC: File Integrity Monitoring Systems

501

NRC: Security Event Summary

Log Mart

No

Attack, Compromise, Denial of Service, Malware, Reconnaissance, Suspicious

NRC: Data Loss Prevention Systems, NRC: Network Access Control Systems, NRC: Security Systems, NRC: Production Servers, NRC: Workstations, NRC: Wireless Access Points, NRC: Remote Access Systems, NRC: File Integrity Monitoring Systems

502

NRC: Security Event Summary

Log Mart

No

Attack, Compromise, Denial of Service, Malware, Reconnaissance, Suspicious

NRC: Data Loss Prevention Systems, NRC: Network Access Control Systems, NRC: Security Systems, NRC: Production Servers, NRC: Workstations, NRC: Wireless Access Points, NRC: Remote Access Systems, NRC: File Integrity Monitoring Systems

503

NRC: Suspicious Activity By Host

Log Mart

No

Suspicious

NRC: Data Loss Prevention Systems, NRC: Network Access Control Systems, NRC: Security Systems, NRC: Production Servers, NRC: Workstations, NRC: Wireless Access Points, NRC: Remote Access Systems, NRC: File Integrity Monitoring Systems

504

NRC: Suspicious Activity By User

Log Mart

No

Suspicious

NRC: Data Loss Prevention Systems, NRC: Network Access Control Systems, NRC: Security Systems, NRC: Production Servers, NRC: Workstations, NRC: Wireless Access Points, NRC: Remote Access Systems, NRC: File Integrity Monitoring Systems

505

NRC: Terminated Account Summary

Log Mart

No

Account Deleted

NRC: Production Servers, NRC: Workstations, NRC: Network Access Control Systems

506

NRC: Top Attackers

Log Mart

No

Attack, Compromise, Denial of Service, Failed Attack, Failed Denial of Service, Failed Malware, Failed Suspicious, Malware, Reconnaissance, Suspicious

NRC: Production Servers, NRC: Workstations, NRC: Wireless Access Points, NRC: Remote Access Systems, NRC: Network Access Control Systems, NRC: Security Systems

507

NRC: Top

Suspicious Users

Log Manager

Yes

Access Failure, Activity, Attack, Authentication Failure, Compromise, Denial of Service, Failed Activity, Failed Denial of Service, Failed Malware, Failed Misuse, Failed Suspicious, Malware, Misuse, Other Audit Failure, Reconnaissance, Suspicious

NRC: Production Servers, NRC: Workstations, NRC: Wireless Access Points, NRC: Remote Access Systems, NRC: Network Access Control Systems, NRC: Security Systems

508

NRC: Top Targeted Applications

Log Mart

No

Attack, Compromise, Denial of Service, Failed Attack, Failed Denial of Service, Failed Malware, Failed Suspicious, Malware, Reconnaissance, Suspicious

NRC: Production Servers, NRC: Workstations, NRC: Network Access Control Systems, NRC: Security Systems

509

NRC: Top Targeted Hosts

Log Mart

Yes

Attack, Compromise, Denial of Service, Failed Attack, Failed Denial of Service, Failed Malware, Failed Suspicious, Malware, Reconnaissance, Suspicious

NRC: Production Servers, NRC: Workstations, NRC: Network Access Control Systems, NRC: Security Systems

510

NRC: Usage Auditing Event Detail

Event Manager

N/A

N/A

NRC: Data Loss Prevention Systems, NRC: Network Access Control Systems, NRC: Security Systems, NRC: Production Servers, NRC: Workstations, NRC: Wireless Access Points, NRC: Remote Access Systems, NRC: File Integrity Monitoring Systems

511

NRC: Usage Auditing Event Detail

Event Manager

N/A

N/A

NRC: Data Loss Prevention Systems, NRC: Network Access Control Systems, NRC: Security Systems, NRC: Production Servers, NRC: Workstations, NRC: Wireless Access Points, NRC: Remote Access Systems, NRC: File Integrity Monitoring Systems

512

NRC: User Authentication Summary

Log Mart

No

Authentication Failure, Authentication Success

NRC: Production Servers, NRC: Workstations, NRC: Wireless Access Points, NRC: Remote Access Systems, NRC: Network Access Control Systems

513

NRC: User Misuse Summary

Log Manager

Yes

Misuse

NRC: Production Servers, NRC: Workstations, NRC: Wireless Access Points, NRC: Remote Access Systems, NRC: Data Loss Prevention Systems, NRC: Network Access Control Systems, NRC: Security Systems

514

NRC: User Object Access Summary

Log Manager

No

Access Success

NRC: Production Servers, NRC: Workstations

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.