Summary Reports
|
Report Name |
Report Description |
Report ID |
Data Source |
Intelligent Indexing |
Classifications |
Log Sources |
|---|---|---|---|---|---|---|
|
CCF: Access Granted/Revoked Activity Summary |
This report provides a summary of disabled/locked accounts by account. Direct: 10.2.2 Augment: 7.1.2.a, 7.1.2.b, 8.1.a, 8.1.1, 8.1.2, 8.1.3.a, 8.1.4, 8.1.6.a, 8.1.7, 8.2.5.a, 8.2.5.b, 8.5.c |
1854 |
Data Processor(s) |
No |
Audit |
Log Source List = CCF: All Log Sources |
|
CCF: Account Management Activity Summary |
This report provides a summary of account management activity such as user account creation/deletion, user account name change, and password modified by log source entity. Direct: 10.2.2 Augment: 7.1.2.a, 7.1.2.b, 8.1.a, 8.1.1, 8.1.2, 8.1.3.a, 8.1.4, 8.2.5.a, 8.2.5.b, 8.5.c |
1855 |
LogMart |
No |
Audit |
Log Source List = CCF: Cardholder Data Systems, CCF: File Integrity Monitors, CCF: Network Security Systems, CCF: Physical Security Systems |
|
CCF: AIE Antivirus Activity Summary |
This report provides a summary of antivirus activity by impacted application. Direct: 5.2.d Augment: 5.1, 5.2.b, 5.2.c |
1856 |
Platform Manager |
No |
Operations |
N/A |
|
CCF: AIE Backup Activity Summary |
This report provides a summary of critical failures, errors, and information from backup software. Augment: 9.7.1, 12.10.5 |
1857 |
Platform Manager |
No |
Operations |
N/A |
|
CCF: AIE Database Authentication Summary |
This report provides a summary of database authentication activity. Direct: 10.2.1, 10.2.4, 10.8.b, A3.3.1.b Augment: 8.7.a, 8.7.c, 8.7.d, 10.8.1.b, A1.1, A1.3, A3.3.1.a, A3.4.1, A3.5.1.a, A3.5.1.b |
1858 |
Platform Manager |
No |
Audit |
N/A |
|
CCF: AIE Denied CDE => Internet Comm Summary |
This report provides a summary of denied communication from the cardholder data environment to the external internet. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.4 (PCI 3.1 - 1.3.5), 2.2.2.a, 2.2.2.b |
1859 |
Platform Manager |
No |
Operations |
N/A |
|
CCF: AIE Denied DMZ => Internal Comm Summary |
This report provides a summary of denied communication from the demilitarized zone to the internal network. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.3 (PCI 3.1 - 1.3.4), 2.2.2.a, 2.2.2.b |
1860 |
Platform Manager |
No |
Operations |
N/A |
|
CCF: AIE Denied Inet => Intrn Comm Summary |
This report provides a summary of denied communication from the external internet to all internal environments. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, 1.2.3.b, 1.3.1, 1.3.2, 2.2.2.a, 2.2.2.b |
1861 |
Platform Manager |
No |
Operations |
N/A |
|
CCF: AIE Denied Internet => CDE Comm Summary |
This report provides a summary of denied communication from the external internet to the cardholder data environment. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.4 (PCI 3.1 - 1.3.5), 2.2.2.a, 2.2.2.b |
1862 |
Platform Manager |
No |
Operations |
N/A |
|
CCF: AIE Denied Internet => DMZ Comm Summary |
This report provides a summary of denied communication from the external internet to the demilitarized zone. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.3 (PCI 3.1 - 1.3.4), 2.2.2.a, 2.2.2.b |
1863 |
Platform Manager |
No |
Operations |
N/A |
|
CCF: AIE Denied Intrn => Inet Comm Summary |
This report provides a summary of denied communication from the internal environment to the external internet. Augment: 2.2.2.a, 2.2.2.b, 2.3.b, 4.1.c, 4.1.f |
1864 |
Platform Manager |
No |
Operations |
N/A |
|
CCF: AIE Denied Intrn => Intrn Comm Summary |
This report provides a summary of denied communication from the internal environment to the internal environment. Augment: 2.2.2.a, 2.2.2.b, 2.3.b, 4.1.c, 4.1.f |
1865 |
Platform Manager |
No |
Operations |
N/A |
|
CCF: AIE Denied Test => Internal Comm Summary |
This report provides a summary of denied communication from the test environment to other internal environments. Augment: 2.2.2.a, 2.2.2.b, 6.4.1.a, 6.4.1.b, 6.4.2 |
1866 |
Platform Manager |
No |
Operations |
N/A |
|
CCF: AIE Denied Test => Internet Comm Summary |
This report provides a summary of denied communication from the test environment to the external internet. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, 2.2.2.a, 2.2.2.b, 6.4.1.a, 6.4.1.b, 6.4.2 |
1867 |
Platform Manager |
No |
Operations |
N/A |
|
CCF: AIE Denied Wireless => CDE Comm Summary |
This report provides a summary of denied communication from the wireless environment to the internal card holder data environment. Augment: 2.2.2.a, 2.2.2.b |
1868 |
Platform Manager |
No |
Operations |
N/A |
|
CCF: AIE FIM Activity Summary |
This report provides a summary of file integrity monitoring activity such as adds, deletes, modifies, group changes, owner changes, and permissions. Direct: 10.5.5, 11.5.a, 11.5.b Augment: 3.6.7.a, 10.2.7, A1.2.b, A1.2.c, A3.2.5.b |
1869 |
Platform Manager |
No |
Security |
N/A |
|
CCF: AIE FIM Critical/Error/Info Summary |
This report provides a summary of critical failures, errors, and information from file integrity monitoring software. Augment: 12.10.5 |
1870 |
Platform Manager |
No |
Operations |
N/A |
|
CCF: AIE Firewall Policy Synch Summary |
This report provides a summary of firewall policy synchronization activity. Augment: 1.2.2.a, 1.2.2.b |
1871 |
Platform Manager |
No |
Operations |
N/A |
|
CCF: AIE Host Firewall Activity Summary |
This report provides a summary of the occurrence of host firewall activity. Augment: 1.4.a |
1872 |
Platform Manager |
No |
Operations |
N/A |
|
CCF: AIE Invalid Account Usage Summary |
This report provides a summary of authentication successes and failures from unauthorized accounts such as default account, disabled accounts, and terminated accounts. Direct: 2.1.a, 2.1.b, 10.2.1, 10.2.2, 10.2.4, 10.8.b, A3.3.1.b Augment: 8.1.3.a, 8.1.4, 8.2.5.a, 8.2.5.b, 8.5.c, 10.8.1.b, A1.1, A1.3, A3.3.1.a, A3.4.1, A3.5.1.a, A3.5.1.b |
1873 |
Platform Manager |
No |
Audit |
N/A |
|
CCF: AIE Invalid CDE => Internet Comm Summary |
This report provides a summary of un-allowed communication from the cardholder data environment to the external internet. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.4 (PCI 3.1 - 1.3.5), 2.2.2.a, 2.2.2.b |
1874 |
Platform Manager |
No |
Operations |
N/A |
|
CCF: AIE Invalid DMZ => Internal Comm Summary |
This report provides a summary of un-allowed communication from the demilitarized zone to the internal network. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.3 (PCI 3.1 - 1.3.4), 2.2.2.a, 2.2.2.b |
1875 |
Platform Manager |
No |
Operations |
N/A |
|
CCF: AIE Invalid Inet => Intrn Comm Summary |
This report provides a summary of un-allowed communication from the external internet to all internal environment. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, 1.2.3.b, 1.3.1, 1.3.2, 2.2.2.a, 2.2.2.b |
1876 |
Platform Manager |
No |
Operations |
N/A |
|
CCF: AIE Invalid Internet => CDE Comm Summary |
This report provides a summary of un-allowed communication from the external internet to the cardholder data environment. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.4 (PCI 3.1 - 1.3.5), 2.2.2.a, 2.2.2.b |
1877 |
Platform Manager |
No |
Operations |
N/A |
|
CCF: AIE Invalid Internet => DMZ Comm Summary |
This report provides a summary of un-allowed communication from the external internet to the demilitarized zone. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.3 (PCI 3.1 - 1.3.4), 2.2.2.a, 2.2.2.b |
1878 |
Platform Manager |
No |
Operations |
N/A |
|
CCF: AIE Invalid Intrn => Inet Comm Summary |
This report provides a summary of un-allowed communication from the internal environment to the external internet. Augment: 2.2.2.a, 2.2.2.b, 2.3.b, 4.1.c, 4.1.f |
1879 |
Platform Manager |
No |
Operations |
N/A |
|
CCF: AIE Invalid Intrn => Intrn Comm Summary |
This report provides a summary of un-allowed communication from the internal environment to the internal environment. Augment: 2.2.2.a, 2.2.2.b, 2.3.b, 4.1.c, 4.1.f |
1880 |
Platform Manager |
No |
Operations |
N/A |
|
CCF: AIE Invalid Test => Internal Comm Summary |
This report provides a summary of un-allowed communication from the test environment to other internal environments. Augment: 2.2.2.a, 2.2.2.b, 6.4.1.a, 6.4.1.b, 6.4.2 |
1881 |
Platform Manager |
No |
Operations |
N/A |
|
CCF: AIE Invalid Test => Internet Comm Summary |
This report provides a summary of un-allowed communication from the test environment to the external internet. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, 2.2.2.a, 2.2.2.b, 6.4.1.a, 6.4.1.b, 6.4.2 |
1882 |
Platform Manager |
No |
Operations |
N/A |
|
CCF: AIE Invalid Wireless => CDE Comm Summary |
This report provides a summary of un-allowed communication from the wireless environment to the internal card holder data environment. Augment: 2.2.2.a, 2.2.2.b |
1883 |
Platform Manager |
No |
Operations |
N/A |
|
CCF: AIE Physical Security Auth Summary |
This report provides a summary of physical access authentication success and failure activity. Augment: 8.1.3.b,9.1, 9.1.1.a, 9.1.2, 9.3.c |
1884 |
Platform Manager |
No |
Audit |
N/A |
|
CCF: AIE Priv Access Granted/Revoked Summary |
This report provides a summary of privileged user access granted & revoked by log source entity. Direct: 10.1, 10.2.2, 10.2.5.a, 10.2.5.b, 10.2.5.c Augment: 7.1.1, 7.1.2.a, 7.1.2.b, 8.1.a, 8.1.1, 8.1.2, 8.1.3.a, 8.1.4, 8.1.6.a, 8.1.7, 8.2.5.a, 8.2.5.b, 8.5.c |
1885 |
Platform Manager |
No |
Audit |
N/A |
|
CCF: AIE Remote Session Timeout Summary |
This report provides a summary of remote session timeout activity. Augment: 12.3.8.b |
1886 |
Platform Manager |
No |
Audit |
N/A |
|
CCF: AIE Vendor Account Enabled Rule Summary |
This report provides a summary of vendor account management activity. Augment: 8.1.a, 8.1.1, 8.1.2, 8.1.3.a, 8.1.4, 8.1.5.a, 8.1.5.b, 8.1.6.b, 8.2.5.a, 8.2.5.b, 8.5.c, 12.3.9 |
1887 |
Platform Manager |
No |
Audit |
N/A |
|
CCF: AIE Vendor Authentication Summary |
This report provides a summary of vendor account activity. Direct: 10.2.1, 10.2.4, 10.8.b, A3.3.1.b Augment: 8.1.5.a, 8.1.5.b, 8.1.6.b, 10.8.1.b, 12.3.9, A1.1, A1.3, A3.3.1.a, A3.4.1, A3.5.1.a, A3.5.1.b |
1888 |
Platform Manager |
No |
Audit |
N/A |
|
CCF: Antivirus Activity Summary |
This report provides a summary of antivirus activity by impacted application. Direct: 5.2.d Augment: 5.1, 5.2.b, 5.2.c |
1889 |
Data Processor(s) |
No |
Operations |
Log Source List = CCF: Network Security Systems |
|
CCF: Audit Log Summary |
This report provides a summary of audit log clearing or write failures. Augment: 10.2.6 |
1890 |
LogMart |
No |
Audit |
Log Source List = CCF: All Log Sources |
|
CCF: Backup Activity Summary |
This report provides a summary of critical failures, errors, and information from backup software. Augment: 9.7.1, 12.10.5 |
1891 |
Data Processor(s) |
No |
Operations |
Log Source List = CCF: All Log Sources |
|
CCF: Configuration/Policy Change Summary |
This report provides a summary of the occurrence of configuration or policy changes. Direct: 6.2.b, 10.2.2, 10.4.1.a Augment: 12.11.a, A3.2.5.b, 1.1.1.a, 8.1.6.a, 8.1.6.b |
1892 |
LogMart |
No |
Audit |
Log Source List = CCF: All Log Sources |
|
CCF: Database Access Failure Summary |
This report provides summary information around database account access failures. Direct: 10.2.1, 10.2.4, 10.8.b, A3.3.1.b Augment: 8.7.a, 8.7.c, 8.7.d, 10.8.1.b, A1.1, A1.3, A3.3.1.a, A3.4.1, A3.5.1.a, A3.5.1.b |
1893 |
Data Processor(s) |
No |
Audit |
Log Source List = CCF: Database Systems |
|
CCF: Database Access Granted/Revoked Summary |
This report provides summary information around user access granted and revoked within the defined database environment(s). Augment: 8.1.a, 8.1.1, 8.1.2, 8.1.3.a, 8.1.4, 8.1.6.a, 8.1.7, 8.2.5.a, 8.2.5.b, 8.5.c, 8.7.a, 8.7.c, 8.7.d |
1894 |
Platform Manager |
No |
Audit |
Log Source List = CCF: Database Systems |
|
CCF: Database Account Management Summary |
This report provides a summary of access modifications to accounts within the database environment. Augment: 8.1.a, 8.1.1, 8.1.2, 8.1.3.a, 8.1.4, 8.2.5.a, 8.2.5.b, 8.5.c, 8.7.a, 8.7.c, 8.7.d |
1895 |
LogMart |
No |
Audit |
Log Source List = CCF: Database Systems |
|
CCF: Database Authentication Activity Summary |
This report provides a summary of database authentication activity. Direct: 10.2.1, 10.2.4, 10.8.b, A3.3.1.b Augment: 8.7.a, 8.7.c, 8.7.d, 10.8.1.b, A1.1, A1.3, A3.3.1.a, A3.4.1, A3.5.1.a, A3.5.1.b |
1896 |
Data Processor(s) |
No |
Audit |
Log Source List = CCF: Database Systems |
|
CCF: Denied CDE => Internet Comm Summary |
This report provides a summary of denied communication from the cardholder data environment to the external internet. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.4 (PCI 3.1 - 1.3.5), 2.2.2.a, 2.2.2.b |
1897 |
Data Processor(s) |
No |
Operations |
Log Source List = CCF: Network Security Systems |
|
CCF: Denied DMZ => Internal Comm Summary |
This report provides a summary of denied communication from the demilitarized zone to the internal network. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.3 (PCI 3.1 - 1.3.4), 2.2.2.a, 2.2.2.b |
1898 |
Data Processor(s) |
No |
Operations |
Log Source List = CCF: Network Security Systems |
|
CCF: Denied Inet => Intrn Comm Summary |
This report provides a summary of denied communication from the external internet to all internal environments. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, 1.2.3.b, 1.3.1, 1.3.2, 2.2.2.a, 2.2.2.b |
1899 |
Data Processor(s) |
No |
Operations |
Log Source List = CCF: Network Security Systems |
|
CCF: Denied Internet => CDE Comm Summary |
This report provides a summary of denied communication from the external internet to the cardholder data environment. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.4 (PCI 3.1 - 1.3.5), 2.2.2.a, 2.2.2.b |
1900 |
Data Processor(s) |
No |
Operations |
Log Source List = CCF: Network Security Systems |
|
CCF: Denied Internet => DMZ Comm Summary |
This report provides a summary of denied communication from the external internet to the demilitarized zone. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.3 (PCI 3.1 - 1.3.4), 2.2.2.a, 2.2.2.b |
1901 |
Data Processor(s) |
No |
Operations |
Log Source List = CCF: Network Security Systems |
|
CCF: Denied Intrn => Inet Comm Summary |
This report provides a summary of denied communication from the internal environment to the external internet. Augment: 2.2.2.a, 2.2.2.b, 2.3.b, 4.1.c, 4.1.f |
1902 |
Data Processor(s) |
No |
Operations |
Log Source List = CCF: Network Security Systems |
|
CCF: Denied Intrn => Intrn Comm Summary |
This report provides a summary of denied communication from the internal environment to the internal environment. Augment: 2.2.2.a, 2.2.2.b, 2.3.b, 4.1.c, 4.1.f |
1903 |
Data Processor(s) |
No |
Operations |
Log Source List = CCF: Network Security Systems |
|
CCF: Denied Test => Internal Comm Summary |
This report provides a summary of denied communication from the test environment to other internal environments. Augment: 2.2.2.a, 2.2.2.b, 6.4.1.a, 6.4.1.b, 6.4.2 |
1904 |
Data Processor(s) |
No |
Operations |
Log Source List = CCF: Network Security Systems |
|
CCF: Denied Test => Internet Comm Summary |
This report provides a summary of denied communication from the test environment to the external internet. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, 2.2.2.a, 2.2.2.b, 6.4.1.a, 6.4.1.b, 6.4.2 |
1905 |
Data Processor(s) |
No |
Operations |
Log Source List = CCF: Network Security Systems |
|
CCF: Denied Wireless => CDE Comm Summary |
This report provides a summary of denied communication from the wireless environment to the internal card holder data environment. Augment: 2.2.2.a, 2.2.2.b |
1906 |
Data Processor(s) |
No |
Operations |
Log Source List = CCF: Network Security Systems |
|
CCF: Early TLS/SSL Version Summary |
Provides a summary of early TLS/SSL occurrences grouped by oHost. This report provides supplemental support for PCI-DSS controls that are oriented toward the evaluation of TLS and SSL security. Augment: 2.2.3.a, 2.2.3.b, 2.3.e, 4.1.g, 4.1.h, A2.1, A2.2, A2.3 |
1907 |
Data Processor(s) |
No |
Audit |
N/A |
|
CCF: FIM Activity Summary |
This report provides a summary of file integrity monitoring activity such as adds, deletes, modifies, group changes, owner changes, and permissions. Direct: 10.5.5, 11.5.a, 11.5.b Augment: 3.6.7.a, 10.2.7, A1.2.b, A1.2.c, A3.2.5.b |
1908 |
Data Processor(s) |
No |
Security |
Log Source List = CCF: File Integrity Monitors |
|
CCF: FIM Critical/Error/Information Summary |
This report provides a summary of critical failures, errors, and information from file integrity monitoring software. Augment: 12.10.5 |
1909 |
Platform Manager |
No |
Operations |
Log Source List = CCF: File Integrity Monitors |
|
CCF: Firewall Policy Synch Activity Summary |
This report provides a summary of firewall policy synchronization activity. Augment: 1.2.2.a, 1.2.2.b |
1910 |
Data Processor(s) |
No |
Operations |
Log Source List = CCF: Network Security Systems |
|
CCF: Host Firewall Activity Summary |
This report provides a summary of the occurrence of host firewall activity. Augment: 1.4.a |
1911 |
LogMart |
No |
Operations |
Log Source List = CCF: All Log Sources |
|
CCF: Invalid Account Usage Summary |
This report provides a summary of authentication successes and failures from unauthorized accounts such as default account, disabled accounts, and terminated accounts. Direct: 2.1.a, 2.1.b, 10.2.1, 10.2.2, 10.2.4, 10.8.b, A3.3.1.b Augment: 8.1.3.a, 8.1. |
1912 |
Data Processor(s) |
No |
Audit |
Log Source List = CCF: All Log Sources |
|
CCF: Invalid CDE => Internet Comm Summary |
This report provides a summary of un-allowed communication from the cardholder data environment to the external internet. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.4 (PCI 3.1 - 1.3.5), 2.2.2.a, 2.2.2.b |
1913 |
Data Processor(s) |
No |
Operations |
Log Source List = CCF: Network Security Systems |
|
CCF: Invalid DMZ => Internal Comm Summary |
This report provides a summary of un-allowed communication from the demilitarized zone to the internal network. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.3 (PCI 3.1 - 1.3.4), 2.2.2.a, 2.2.2.b |
1914 |
Data Processor(s) |
No |
Operations |
Log Source List = CCF: Network Security Systems |
|
CCF: Invalid Inet => Intrn Comm Summary |
This report provides a summary of un-allowed communication from the external internet to all internal environments. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, 1.2.3.b, 1.3.1, 1.3.2, 2.2.2.a, 2.2.2.b |
1915 |
Data Processor(s) |
No |
Operations |
Log Source List = CCF: Network Security Systems |
|
CCF: Invalid Internet => CDE Comm Summary |
This report provides a summary of un-allowed communication from the external internet to the cardholder data environment. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.4 (PCI 3.1 - 1.3.5), 2.2.2.a, 2.2.2.b |
1916 |
Data Processor(s) |
No |
Operations |
Log Source List = CCF: Network Security Systems |
|
CCF: Invalid Internet => DMZ Comm Summary |
This report provides a summary of un-allowed communication from the external internet to the demilitarized zone. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.3 (PCI 3.1 - 1.3.4), 2.2.2.a, 2.2.2.b |
1917 |
Data Processor(s) |
No |
Operations |
Log Source List = CCF: Network Security Systems |
|
CCF: Invalid Intrn => Inet Comm Summary |
This report provides a summary of un-allowed communication from the internal environment to the external internet. Augment: 2.2.2.a, 2.2.2.b, 2.3.b, 4.1.c, 4.1.f |
1918 |
Data Processor(s) |
No |
Operations |
Log Source List = CCF: Network Security Systems |
|
CCF: Invalid Intrn => Intrn Comm Summary |
This report provides a summary of un-allowed communication from the internal environment to the internal environment. Augment: 2.2.2.a, 2.2.2.b, 2.3.b, 4.1.c, 4.1.f |
1919 |
Data Processor(s) |
No |
Operations |
Log Source List = CCF: Network Security Systems |
|
CCF: Invalid Test => Internal Comm Summary |
This report provides a summary of un-allowed communication from the test environment to other internal environments. Augment: 2.2.2.a, 2.2.2.b, 6.4.1.a, 6.4.1.b, 6.4.2 |
1920 |
Data Processor(s) |
No |
Operations |
Log Source List = CCF: Network Security Systems |
|
CCF: Invalid Test => Internet Comm Summary |
This report provides a summary of un-allowed communication from the test environment to the external internet. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, 2.2.2.a, 2.2.2.b, 6.4.1.a, 6.4.1.b, 6.4.2 |
1921 |
Data Processor(s) |
No |
Operations |
Log Source List = CCF: Network Security Systems |
|
CCF: Invalid Wireless => CDE Comm Summary |
This report provides a summary of un-allowed communication from the wireless environment to the internal card holder data environment. Augment: 2.2.2.a, 2.2.2.b |
1922 |
Data Processor(s) |
No |
Operations |
Log Source List = CCF: Network Security Systems |
|
CCF: Log Volume Summary |
This report provides a summary of log management statistics by log source. Direct: 10.5.4, 10.7.b, 10.7.c |
1923 |
Platform Manager |
No |
Log Management |
N/A |
|
CCF: Non-Encrypted Protocol Summary |
This report provides a summary of unencrypted applications. Direct: 1.1.6.b Augment: 1.1.6.a, 2.3.b, 4.1.c, 4.1.f, 6.5.4, A2.3 |
1924 |
Platform Manager |
No |
Log Management |
N/A |
|
CCF: Object Creation/Disposal Activity Summary |
This report provides a summary of object creations, deletions, and removals. Augment: 10.2.7 |
1925 |
Data Processor(s) |
No |
Operations |
Log Source List = CCF: All Log Sources |
|
CCF: Patch Update Failure Summary |
This report provides summary information around patch failure log messages received across Critical and Production environments. Direct: 6.2.b Augment: 12.11.a, A3.2.5.b |
1926 |
Data Processor(s) |
No |
Audit |
Log Source List = CCF: Cardholder Data Systems |
|
CCF: LogRhythm Usage Auditing Summary |
This report provides a summary of usage by user. Augment: 10.2.3, 10.6.1.a, 10.6.1.b, 10.6.2.a |
1927 |
Platform Manager |
No |
Operations |
N/A |
|
CCF: Physical Security Auth Activity Summary |
This report provides a summary of physical access authentication success and failure activity. Augment: 8.1.3.b,9.1, 9.1.1.a, 9.1.2, 9.3.c |
1928 |
Data Processor(s) |
No |
Audit |
Log Source List = CCF: Physical Security Systems |
|
CCF: Priv Access Granted/Revoked Summary |
This report provides a summary of privileged user access granted & revoked by log source entity. Direct: 10.2.2, 10.2.5.a, 10.2.5.b, 10.2.5.c Augment: 10.8.1.b, A1.1, A1.3, A3.3.1.a, A3.4.1, A3.5.1.a, A3.5.1.b |
1929 |
Data Processor(s) |
No |
Audit |
Log Source List = CCF: All Log Sources |
|
CCF: Priv Account Management Activity Summary |
This report provides a summary of access modification to privileged accounts (list). Direct: 10.1, 10.2.2, 10.2.5.a, 10.2.5.b, 10.2.5.c Augment: 7.1.2.a, 7.1.2.b, 8.1.a, 8.1.1, 8.1.2, 8.1.3.a, 8.1.4, 8.2.5.a, 8.2.5.b, 8.5.c |
1930 |
Data Processor(s) |
No |
Audit |
Log Source List = CCF: All Log Sources |
|
CCF: Priv Authentication Activity Summary |
This report provides a summary of privileged user authentication successes and failures by impacted host. Direct: 10.1, 10.2.1, 10.2.2, 10.2.4, 10.2.5.a, 10.2.5.b, 10.2.5.c, 10.8.b, A3.3.1.b Augment: 7.1.1, 10.8.1.b, A1.1, A1.3, A3.3.1.a, A3.4.1, A3.5.1.a, A3.5.1.b |
1931 |
LogMart |
No |
Audit |
Log Source List = CCF: All Log Sources |
|
CCF: Remote Session Timeout Activity Summary |
This report provides a summary of remote session timeout activity. Augment: 12.3.8.b |
1932 |
Data Processor(s) |
No |
Operations |
Log Source List = CCF: Network Security Systems |
|
CCF: Rogue WAP Summary |
This report provides a summary of detected rogue access points. Augment: 11.1.b, 11.1.d, 12.10.5 |
1933 |
LogMart |
No |
Security |
Log Source List = CCF: All Log Sources |
|
CCF: Security Event by Impacted App Summary |
This report provides a summary of security activity such as attacks, compromises, denial of service, malware, misuse, reconnaissance, and suspicious activity. Augment: 11.4.a, 11.4.b, 11.4.c, 12.10.5 |
1934 |
LogMart |
No |
Security |
Log Source List = CCF: Network Security Systems |
|
CCF: Security Event by Impacted Host Summary |
This report provides a summary of security activity like attacks, compromises, denial of service, malware, misuse, reconnaissance, and suspicious activity. Augment: 11.4.a, 11.4.b, 11.4.c, 12.10.5 |
1935 |
LogMart |
No |
Security |
Log Source List = CCF: Network Security Systems |
|
CCF: Security Event by Log Source Ent Summary |
This report provides a summary of security activity like attacks, compromises, denial of service, malware, misuse, reconnaissance, and suspicious activity. Augment: 11.4.a, 11.4.b, 11.4.c, 12.10.5 |
1936 |
LogMart |
No |
Security |
Log Source List = CCF: Network Security Systems |
|
CCF: Security Event by Origin Host Summary |
This report provides a summary of security activity like attacks, compromises, denial of service, malware, misuse, reconnaissance, and suspicious activity. Augment: 11.4.a, 11.4.b, 11.4.c, 12.10.5 |
1937 |
LogMart |
No |
Security |
Log Source List = CCF: Network Security Systems |
|
CCF: Signature Update Activity Summary |
This report provides details on signature update activity. Direct: 5.2.d, 6.2.b Augment: 5.2.b, 5.2.c, 11.4.a, 11.4.b, 11.4.c, 12.11.a, A3.2.5.b |
1938 |
LogMart |
No |
Operations |
Log Source List = CCF: Network Security Systems |
|
CCF: Software Update Activity Summary |
This report provides details of software update activity. Direct: 6.2.b Augment: 12.11.a, A3.2.5.b |
1939 |
LogMart |
No |
Operations |
Log Source List = CCF: All Log Sources |
|
CCF: Time Sync Errors Summary |
This report provides a summary of time sync errors occurring within in-scope environment. Augment: 10.4.2.b |
1940 |
Platform Manager |
No |
Operations |
Log Source List = CCF: All Log Sources |
|
CCF: TLS/SSL Summary |
Provides a summary of TLS/SSL activity grouped by oHost. This report provides supplemental support for PCI-DSS controls that oriented toward the evaluation of TLS and SSL security. Augment: 2.2.3.a, 2.2.3.b, 2.3.e, 4.1.g, 4.1.h, A2.1, A2.2, A2.3 |
1941 |
Data Processor(s) |
No |
Audit |
N/A |
|
CCF: Top Attackers Summary |
This report provides a summary of top attackers by origin host. Augment: 11.4.a, 11.4.b, 11.4.c, 12.10.5 |
1942 |
Data Processor(s) |
No |
Security |
Log Source List = CCF: Network Security Systems |
|
CCF: Top Suspicious Users Summary |
This report provides a summary of top suspicious users by origin login. Augment: 11.4.a, 11.4.b, 11.4.c, 12.10.5 |
1943 |
Data Processor(s) |
No |
Security |
Log Source List = CCF: Network Security Systems |
|
CCF: Top Targeted Applications Summary |
This report provides a summary of top targeted applications by impacted application. Augment: 11.4.a, 11.4.b, 11.4.c, 12.10.5 |
1944 |
Data Processor(s) |
No |
Security |
Log Source List = CCF: Network Security Systems |
|
CCF: Top Targeted Hosts Summary |
This report provides a summary of top targeted hosts by impacted host. Augment: 11.4.a, 11.4.b, 11.4.c, 12.10.5 |
1945 |
Data Processor(s) |
No |
Security |
Log Source List = CCF: Network Security Systems |
|
CCF: User Priv Escalation (SU & SUDO) |
This report provides summary information specific to a user privilege level status on a Linux environment. This report is specific to Linux based on a search for the MPE rule of SU Session Opened (flat file, SUDO log, or syslog). Direct: 10.2.5.a, 10.2.5.b, 10.2.5.c |
1946 |
Data Processor(s) |
No |
Audit |
Log Source List = CCF: All Log Sources |
|
CCF: User Priv Escalation (Windows) |
This report provides summary information around changes in privilege level status of a user on a critical server or workstation, specific to Windows based on event ID, security metadata field of 2. This type of log is generated when a new process is created on a Windows machine and the token type is recorded in the object metadata field. Audit privilege use and audit process tracking must be enabled on the Windows machine being audited. Direct: 10.2.5.a, 10.2.5.b, 10.2.5.c |
1947 |
Data Processor(s) |
No |
Audit |
Log Source List = CCF: All Log Sources |
|
CCF: Vendor Access Failure Summary |
This report provides summary information around vendor account access failures. Direct: 10.2.1, 10.2.4, 10.8.b, A3.3.1.b Augment: 8.1.5.a, 8.1.5.b, 8.1.6.b, 10.8.1.b, 12.3.9, A1.1, A1.3, A3.3.1.a, A3.4.1, A3.5.1.a, A3.5.1.b |
1948 |
Data Processor(s) |
No |
Audit |
Log Source List = CCF: All Log Sources |
|
CCF: Vendor Access Granted/Revoked Summary |
This report provides summary information around user access granted and revoked for defined vendor accounts (list). Augment: 8.1.a, 8.1.1, 8.1.2, 8.1.3.a, 8.1.4, 8.1.5.a, 8.1.5.b, 8.1.6.a, 8.1.6.b, 8.1.7, 8.2.5.a, 8.2.5.b, 8.5.c, 12.3.9 |
1949 |
Platform Manager |
No |
Audit |
Log Source List = CCF: All Log Sources |
|
CCF: Vendor Account Management Summary |
This report provides a summary of vendor account management activity. Augment: 8.1.a, 8.1.1, 8.1.2, 8.1.3.a, 8.1.4, 8.1.5.a, 8.1.5.b, 8.1.6.b, 8.2.5.a, 8.2.5.b, 8.5.c, 12.3.9 |
1950 |
Data Processor(s) |
No |
Audit |
Log Source List = CCF: All Log Sources |
|
CCF: Vendor Authentication Summary |
This report provides a summary of vendor account activity. Direct: 10.2.1, 10.2.4, 10.8.b, A3.3.1.b Augment: 8.1.5.a, 8.1.5.b, 8.1.6.b, 10.8.1.b, 12.3.9, A1.1, A1.3, A3.3.1.a, A3.4.1, A3.5.1.a, A3.5.1.b |
1951 |
Data Processor(s) |
No |
Audit |
Log Source List = CCF: All Log Sources |
Detail Reports
|
Report Name |
Report Description |
Report ID |
Data Source |
Intelligent Indexing |
Classifications |
Log Sources |
|---|---|---|---|---|---|---|
|
CCF: Access Failure Detail |
This report provides detail of access failures across the environment that are not vendor or privileged in nature. Direct: 10.2.1, 10.2.4, 10.8.b, A3.3.1.b Augment: 10.8.1.b, A1.1, A1.3, A3.3.1.a, A3.4.1, A3.5.1.a, A3.5.1.b |
1952 |
Platform Manager |
No |
Audit |
Log Source List = CCF: Cardholder Data Systems, CCF: Database Systems, CCF: File Integrity Monitors, CCF: Network Security Systems, CCF: Physical Security Systems |
|
CCF: Access Granted/Revoked Activity Details |
This report provides details of disabled/locked accounts by account. Direct: 10.2.2 Augment: 7.1.2.a, 7.1.2.b, 8.1.a, 8.1.1, 8.1.2, 8.1.3.a, 8.1.4, 8.1.6.a, 8.1.7, 8.2.5.a, 8.2.5.b, 8.5.c |
1953 |
Data Processor(s) |
No |
Audit |
Log Source List = CCF: All Log Sources |
|
CCF: Account Management Activity Details |
This report provides details of account management activity such as user account creation/deletion, user account name change, and password modified by log source entity. Direct: 10.2.2 Augment: 7.1.2.a, 7.1.2.b, 8.1.a, 8.1.1, 8.1.2, 8.1.3.a, 8.1.4, 8.2.5.a, 8.2.5.b, 8.5.c |
1954 |
Platform Manager |
No |
Audit |
Log Source List = CCF: Cardholder Data Systems, CCF: File Integrity Monitors, CCF: Network Security Systems, CCF: Physical Security Systems |
|
CCF: AIE Access Granted/Revoked Details |
This report provides details of disabled/locked accounts by account. Direct: 10.2.2 Augment: 7.1.2.a, 7.1.2.b, 8.1.a, 8.1.1, 8.1.2, 8.1.3.a, 8.1.4, 8.1.6.a, 8.1.7, 8.2.5.a, 8.2.5.b, 8.5.c |
1955 |
Platform Manager |
No |
Audit |
N/A |
|
CCF: AIE Antivirus Activity Details |
This report provides details of antivirus activity by impacted application. Direct: 5.2.d Augment: 5.1, 5.2.b, 5.2.c |
1956 |
Platform Manager |
No |
Operations |
N/A |
|
CCF: AIE Backup Activity Details |
This report provides details of critical failures, errors, and information from backup software. Augment: 9.7.1, 12.10.5 |
1957 |
Platform Manager |
No |
Operations |
N/A |
|
CCF: AIE Database Authentication Details |
This report provides details of database authentication activity. Direct: 10.2.1, 10.2.4, 10.8.b, A3.3.1.b Augment: 8.7.a, 8.7.c, 8.7.d, 10.8.1.b, A1.1, A1.3, A3.3.1.a, A3.4.1, A3.5.1.a, A3.5.1.b |
1958 |
Platform Manager |
No |
Audit |
N/A |
|
CCF: AIE Denied CDE => Internet Comm Details |
This report provides details of denied communication from the cardholder data environment to the external internet. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.4 (PCI 3.1 - 1.3.5), 2.2.2.a, 2.2.2.b |
1959 |
Platform Manager |
No |
Operations |
N/A |
|
CCF: AIE Denied DMZ => Internal Comm Details |
This report provides details of denied communication from the demilitarized zone to the internal network. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.3 (PCI 3.1 - 1.3.4), 2.2.2.a, 2.2.2.b |
1960 |
Platform Manager |
No |
Operations |
N/A |
|
CCF: AIE Denied Inet => Intrn Comm Details |
This report provides details of denied communication from the external internet to all internal environments. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, 1.2.3.b, 1.3.1, 1.3.2, 2.2.2.a, 2.2.2.b |
1961 |
Platform Manager |
No |
Operations |
N/A |
|
CCF: AIE Denied Internet => CDE Comm Details |
This report provides details of denied communication from the external internet to the cardholder data environment. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.4 (PCI 3.1 - 1.3.5), 2.2.2.a, 2.2.2.b |
1962 |
Platform Manager |
No |
Operations |
N/A |
|
CCF: AIE Denied Internet => DMZ Comm Details |
This report provides details of denied communication from the external internet to the demilitarized zone. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.3 (PCI 3.1 - 1.3.4), 2.2.2.a, 2.2.2.b |
1963 |
Platform Manager |
No |
Operations |
N/A |
|
CCF: AIE Denied Intrn => Inet Comm Details |
This report provides details of denied communication from the internal environment to the external internet. Augment: 2.2.2.a, 2.2.2.b, 2.3.b, 4.1.c, 4.1.f |
1964 |
Platform Manager |
No |
Operations |
N/A |
|
CCF: AIE Denied Intrn => Intrn Comm Details |
This report provides details of denied communication from the internal environment to the internal environment. Augment: 2.2.2.a, 2.2.2.b, 2.3.b, 4.1.c, 4.1.f |
1965 |
Platform Manager |
No |
Operations |
N/A |
|
CCF: AIE Denied Test => Internal Comm Details |
This report provides details of denied communication from the test environment to other internal environments. Augment: 2.2.2.a, 2.2.2.b, 6.4.1.a, 6.4.1.b, 6.4.2 |
1966 |
Platform Manager |
No |
Operations |
N/A |
|
CCF: AIE Denied Test => Internet Comm Details |
This report provides details of denied communication from the test environment to the external internet. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, 2.2.2.a, 2.2.2.b, 6.4.1.a, 6.4.1.b, 6.4.2 |
1967 |
Platform Manager |
No |
Operations |
N/A |
|
CCF: AIE Denied Wireless => CDE Comm Details |
This report provides details of denied communication from the wireless environment to the internal card holder data environment. Augment: 2.2.2.a, 2.2.2.b |
1968 |
Platform Manager |
No |
Operations |
N/A |
|
CCF: AIE FIM Activity Details |
This report provides details of file integrity monitoring activity like adds, deletes, modifies, group changes, owner changes, and permissions. Direct: 10.5.5, 11.5.a, 11.5.b Augment: 3.6.7.a, 10.2.7, A1.2.b, A1.2.c, A3.2.5.b |
1969 |
Platform Manager |
No |
Security |
N/A |
|
CCF: AIE FIM Critical/Error/Info Details |
This report provides details of critical failures, errors, and information from file integrity monitoring software. Augment: 12.10.5 |
1970 |
Platform Manager |
No |
Operations |
N/A |
|
CCF: AIE Firewall Policy Synch Details |
This report provides details of firewall policy synchronization activity. Augment: 1.2.2.a, 1.2.2.b |
1971 |
Platform Manager |
No |
Operations |
N/A |
|
CCF: AIE Host Firewall Activity Details |
This report provides details of the occurrence of host firewall activity. Augment: 1.4.a |
1972 |
Platform Manager |
No |
Operations |
N/A |
|
CCF: AIE Invalid Account Usage Details |
This report provides details of authentication successes and failures from unauthorized accounts such as default account, disabled accounts, and terminated accounts. Direct: 2.1.a, 2.1.b, 10.2.1, 10.2.2, 10.2.4, 10.8.b, A3.3.1.b Augment: 8.1.3.a, 8.1.4, 8.2.5.a, 8.2.5.b, 8.5.c, 10.8.1.b, A1.1, A1.3, A3.3.1.a, A3.4.1, A3.5.1.a, A3.5.1.b |
1973 |
Platform Manager |
No |
Audit |
N/A |
|
CCF: AIE Invalid CDE => Internet Comm Details |
This report provides details of un-allowed communication from the cardholder data environment to the external internet. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.4 (PCI 3.1 - 1.3.5), 2.2.2.a, 2.2.2.b |
1974 |
Platform Manager |
No |
Operations |
N/A |
|
CCF: AIE Invalid DMZ => Internal Comm Details |
This report provides details of un-allowed communication from the demilitarized zone to the internal network. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.3 (PCI 3.1 - 1.3.4), 2.2.2.a, 2.2.2.b |
1975 |
Platform Manager |
No |
Operations |
N/A |
|
CCF: AIE Invalid Inet => Intrn Comm Details |
This report provides details of un-allowed communication from the external internet to all internal environment. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, 1.2.3.b, 1.3.1, 1.3.2, 2.2.2.a, 2.2.2.b |
1976 |
Platform Manager |
No |
Operations |
N/A |
|
CCF: AIE Invalid Internet => CDE Comm Details |
This report provides details of un-allowed communication from the external internet to the cardholder data environment. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.4 (PCI 3.1 - 1.3.5), 2.2.2.a, 2.2.2.b |
1977 |
Platform Manager |
No |
Operations |
N/A |
|
CCF: AIE Invalid Internet => DMZ Comm Details |
This report provides details of un-allowed communication from the external internet to the demilitarized zone. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.3 (PCI 3.1 - 1.3.4), 2.2.2.a, 2.2.2.b |
1978 |
Platform Manager |
No |
Operations |
N/A |
|
CCF: AIE Invalid Intrn => Inet Comm Details |
This report provides details of un-allowed communication from the internal environment to the external internet. Augment: 2.2.2.a, 2.2.2.b, 2.3.b, 4.1.c, 4.1.f |
1979 |
Platform Manager |
No |
Operations |
N/A |
|
CCF: AIE Invalid Intrn => Intrn Comm Details |
This report provides details of un-allowed communication from the internal environment to the internal environment. Augment: 2.2.2.a, 2.2.2.b, 2.3.b, 4.1.c, 4.1.f |
1980 |
Platform Manager |
No |
Operations |
N/A |
|
CCF: AIE Invalid Test => Internal Comm Details |
This report provides details of un-allowed communication from the test environment to other internal environments. Augment: 2.2.2.a, 2.2.2.b, 6.4.1.a, 6.4.1.b, 6.4.2 |
1981 |
Platform Manager |
No |
Operations |
N/A |
|
CCF: AIE Invalid Test => Internet Comm Details |
This report provides details of un-allowed communication from the test environment to the external internet. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, 2.2.2.a, 2.2.2.b, 6.4.1.a, 6.4.1.b, 6.4.2 |
1982 |
Platform Manager |
No |
Operations |
N/A |
|
CCF: AIE Invalid Wireless => CDE Comm Details |
This report provides details of un-allowed communication from the wireless environment to the internal card holder data environment. Augment: 2.2.2.a, 2.2.2.b |
1983 |
Platform Manager |
No |
Operations |
N/A |
|
CCF: AIE Physical Security Auth Details |
This report provides details of physical access authentication success and failure activity. Augment: 8.1.3.b,9.1, 9.1.1.a, 9.1.2, 9.3.c |
1984 |
Platform Manager |
No |
Audit |
N/A |
|
CCF: AIE Priv Access Granted/Revoked Details |
This report provides details of privileged user access granted & revoked by log source entity. Direct: 10.1, 10.2.2, 10.2.5.a, 10.2.5.b, 10.2.5.c Augment: 7.1.1, 7.1.2.a, 7.1.2.b, 8.1.a, 8.1.1, 8.1.2, 8.1.3.a, 8.1.4, 8.1.6.a, 8.1.7, 8.2.5.a, 8.2.5.b, 8.5.c |
1985 |
Platform Manager |
No |
Audit |
N/A |
|
CCF: AIE Remote Session Timeout Details |
This report provides details of remote session timeout activity. Augment: 12.3.8.b |
1986 |
Platform Manager |
No |
Operations |
N/A |
|
CCF: AIE Vendor Authentication Details |
This report provides details of vendor account activity. Direct: 10.2.1, 10.2.4, 10.8.b, A3.3.1.b Augment: 8.1.5.a, 8.1.5.b, 8.1.6.b, 10.8.1.b, 12.3.9, A1.1, A1.3, A3.3.1.a, A3.4.1, A3.5.1.a, A3.5.1.b |
1987 |
Platform Manager |
No |
Audit |
N/A |
|
CCF: Antivirus Activity Details |
This report provides details of antivirus activity by impacted application. Direct: 5.2.d Augment: 5.1, 5.2.b, 5.2.c |
1988 |
Data Processor(s) |
No |
Operations |
Log Source List = CCF: Network Security Systems |
|
CCF: Audit Log Details |
This report provides details of audit log clearing or write failures. Augment: 10.2.6 |
1989 |
Data Processor(s) |
No |
Audit |
Log Source List = CCF: All Log Sources |
|
CCF: Authentication Failure Detail |
This report provides detail around authentication failures across the environment, but does not include privileged, vendor or database accounts. Direct: 10.2.1, 10.2.4, 10.8.b, A3.3.1.b Augment: 10.8.1.b, A1.1, A1.3, A3.3.1.a, A3.4.1, A3.5.1.a, A3.5.1.b |
1990 |
Platform Manager |
No |
Audit |
Log Source List = CCF: Cardholder Data Systems, CCF: File Integrity Monitors, CCF: Network Security Systems, CCF: Physical Security Systems |
|
CCF: Backup Activity Details |
This report provides details of critical failures, errors, and information from backup software. Augment: 9.7.1, 12.10.5 |
1991 |
Data Processor(s) |
No |
Operations |
Log Source List = CCF: All Log Sources |
|
CCF: Configuration/Policy Change Details |
This report provides details of the occurrence of configuration or policy changes. Direct: 6.2.b, 10.2.2, 10.4.1.a Augment: 12.11.a, A3.2.5.b, 1.1.1.a, 8.1.6.a, 8.1.6.b |
1992 |
Data Processor(s) |
No |
Audit |
Log Source List = CCF: All Log Sources |
|
CCF: Database Access Failure Detail |
This report provides detail information around database account access failures. Direct: 10.2.1, 10.2.4, 10.8.b, A3.3.1.b Augment: 8.7.a, 8.7.c, 8.7.d, 10.8.1.b, A1.1, A1.3, A3.3.1.a, A3.4.1, A3.5.1.a, A3.5.1.b |
1993 |
Platform Manager |
No |
Audit |
CCF: Database Systems |
|
CCF: Database Access Granted/Revoked Details |
This report provides detail information around user access granted and revoked within the defined database environment(s). Augment: 8.1.a, 8.1.1, 8.1.2, 8.1.3.a, 8.1.4, 8.1.6.a, 8.1.7, 8.2.5.a, 8.2.5.b, 8.5.c, 8.7.a, 8.7.c, 8.7.d |
1994 |
Platform Manager |
No |
Audit |
Log Source List = CCF: Database Systems |
|
CCF: Database Account Management Details |
This report provides details of access modifications to accounts within the database environment. Augment: 8.1.a, 8.1.1, 8.1.2, 8.1.3.a, 8.1.4, 8.2.5.a, 8.2.5.b, 8.5.c, 8.7.a, 8.7.c, 8.7.d |
1995 |
Data Processor(s) |
No |
Audit |
Log Source List = CCF: Database Systems |
|
CCF: Database Authentication Activity Details |
This report provides details of database authentication activity. Direct: 10.2.1, 10.2.4, 10.8.b, A3.3.1.b Augment: 8.7.a, 8.7.c, 8.7.d, 10.8.1.b, A1.1, A1.3, A3.3.1.a, A3.4.1, A3.5.1.a, A3.5.1.b |
1996 |
Data Processor(s) |
No |
Audit |
Log Source List = CCF: Database Systems |
|
CCF: Denied CDE => Internet Comm Details |
This report provides details of denied communication from the cardholder data environment to the external internet. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.4 (PCI 3.1 - 1.3.5), 2.2.2.a, 2.2.2.b |
1997 |
Data Processor(s) |
No |
Operations |
Log Source List = CCF: Network Security Systems |
|
CCF: Denied DMZ => Internal Comm Details |
This report provides details of denied communication from the demilitarized zone to the internal network. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.3 (PCI 3.1 - 1.3.4), 2.2.2.a, 2.2.2.b |
1998 |
Data Processor(s) |
No |
Operations |
Log Source List = CCF: Network Security Systems |
|
CCF: Denied Inet => Intrn Comm Details |
This report provides details of denied communication from the external internet to all internal environments. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, 1.2.3.b, 1.3.1, 1.3.2, 2.2.2.a, 2.2.2.b |
1999 |
Data Processor(s) |
No |
Operations |
Log Source List = CCF: Network Security Systems |
|
CCF: Denied Internet => CDE Comm Details |
This report provides details of denied communication from the external internet to the cardholder data environment. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.4 (PCI 3.1 - 1.3.5), 2.2.2.a, 2.2.2.b |
2000 |
Data Processor(s) |
No |
Operations |
Log Source List = CCF: Network Security Systems |
|
CCF: Denied Internet => DMZ Comm Details |
This report provides details of denied communication from the external internet to the demilitarized zone. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.3 (PCI 3.1 - 1.3.4), 2.2.2.a, 2.2.2.b |
2001 |
Data Processor(s) |
No |
Operations |
Log Source List = CCF: Network Security Systems |
|
CCF: Denied Intrn => Inet Comm Details |
This report provides details of denied communication from the internal environment to the external internet. Augment: 2.2.2.a, 2.2.2.b, 2.3.b, 4.1.c, 4.1.f |
2002 |
Data Processor(s) |
No |
Operations |
Log Source List = CCF: Network Security Systems |
|
CCF: Denied Intrn => Intrn Comm Details |
This report provides details of denied communication from the internal environment to the internal environment. Augment: 2.2.2.a, 2.2.2.b, 2.3.b, 4.1.c, 4.1.f |
2003 |
Data Processor(s) |
No |
Operations |
Log Source List = CCF: Network Security Systems |
|
CCF: Denied Test => Internal Comm Details |
This report provides details of denied communication from the test environment to other internal environments. Augment: 2.2.2.a, 2.2.2.b, 6.4.1.a, 6.4.1.b, 6.4.2 |
2004 |
Data Processor(s) |
No |
Operations |
Log Source List = CCF: Network Security Systems |
|
CCF: Denied Test => Internet Comm Details |
This report provides details of denied communication from the test environment to the external internet. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, 2.2.2.a, 2.2.2.b, 6.4.1.a, 6.4.1.b, 6.4.2 |
2005 |
Data Processor(s) |
No |
Operations |
Log Source List = CCF: Network Security Systems |
|
CCF: Denied Wireless => CDE Comm Details |
This report provides details of denied communication from the wireless environment to the internal card holder data environment. Augment: 2.2.2.a, 2.2.2.b |
2006 |
Data Processor(s) |
No |
Operations |
Log Source List = CCF: Network Security Systems |
|
CCF: Early TLS/SSL Version Detail |
Provides a detail report of early TLS/SSL occurrences grouped by oHost. This report provides supplemental support for PCI-DSS controls that oriented toward the evaluation of TLS and SSL security. Augment: 2.2.3.a, 2.2.3.b, 2.3.e, 4.1.g, 4.1.h, A2.1, A2.2, A2.3 |
2007 |
Data Processor(s) |
No |
Audit |
N/A |
|
CCF: FIM Activity Details |
This report provides details of file integrity monitoring activity such as adds, deletes, modifies, group changes, owner changes, and permissions. Direct: 10.5.5, 11.5.a, 11.5.b Augment: 3.6.7.a, 10.2.7, A1.2.b, A1.2.c, A3.2.5.b |
2008 |
Data Processor(s) |
No |
Security |
Log Source List = CCF: File Integrity Monitors |
|
CCF: FIM Critical/Error/Information Details |
This report provides details of critical failures, errors, and information from file integrity monitoring software. Augment: 12.10.5 |
2009 |
Platform Manager |
No |
Operations |
Log Source List = CCF: File Integrity Monitors |
|
CCF: Firewall Policy Synch Activity Details |
This report provides details of firewall policy synchronization activity. Augment: 1.2.2.a, 1.2.2.b |
2010 |
Data Processor(s) |
No |
Operations |
Log Source List = CCF: Network Security Systems |
|
CCF: Host Firewall Activity Details |
This report provides details of the occurrence of host firewall activity. Augment: 1.4.a |
2011 |
Data Processor(s) |
No |
Operations |
Log Source List = CCF: All Log Sources |
|
CCF: Invalid Account Usage Details |
This report provides details of authentication successes and failures from unauthorized accounts such as default account, disabled accounts, and terminated accounts. Direct: 2.1.a, 2.1.b, 10.2.1, 10.2.2, 10.2.4, 10.8.b, A3.3.1.b Augment: 8.1.3.a, 8.1. |
2012 |
Data Processor(s) |
No |
Audit |
Log Source List = CCF: All Log Sources |
|
CCF: Invalid CDE => Internet Comm Details |
This report provides details of un-allowed communication from the cardholder data environment to the external internet. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.4 (PCI 3.1 - 1.3.5), 2.2.2.a, 2.2.2.b |
2013 |
Data Processor(s) |
No |
Operations |
Log Source List = CCF: Network Security Systems |
|
CCF: Invalid DMZ => Internal Comm Details |
This report provides details of un-allowed communication from the demilitarized zone to the internal network. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.3 (PCI 3.1 - 1.3.4), 2.2.2.a, 2.2.2.b |
2014 |
Data Processor(s) |
No |
Operations |
Log Source List = CCF: Network Security Systems |
|
CCF: Invalid Inet => Intrn Comm Details |
This report provides details of un-allowed communication from the external internet to all internal environments. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, 1.2.3.b, 1.3.1, 1.3.2, 2.2.2.a, 2.2.2.b |
2015 |
Data Processor(s) |
No |
Operations |
Log Source List = CCF: Network Security Systems |
|
CCF: Invalid Internet => CDE Comm Details |
This report provides details of un-allowed communication from the external internet to the cardholder data environment. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.4 (PCI 3.1 - 1.3.5), 2.2.2.a, 2.2.2.b |
2016 |
Data Processor(s) |
No |
Operations |
Log Source List = CCF: Network Security Systems |
|
CCF: Invalid Internet => DMZ Comm Details |
This report provides details of un-allowed communication from the external internet to the demilitarized zone. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, (PCI 3.1 - 1.3.3), 1.3.3 (PCI 3.1 -1.3.4), 2.2.2.a, 2.2.2.b |
2017 |
Data Processor(s) |
No |
Operations |
Log Source List = CCF: Network Security Systems |
|
CCF: Invalid Intrn => Inet Comm Details |
This report provides details of un-allowed communication from the internal environment to the external internet. Augment: 2.2.2.a, 2.2.2.b, 2.3.b, 4.1.c, 4.1.f |
2018 |
Data Processor(s) |
No |
Operations |
Log Source List = CCF: Network Security Systems |
|
CCF: Invalid Intrn => Intrn Comm Details |
This report provides details of un-allowed communication from the internal environment to the internal environment. Augment: 2.2.2.a, 2.2.2.b, 2.3.b, 4.1.c, 4.1.f |
2019 |
Data Processor(s) |
No |
Operations |
Log Source List = CCF: Network Security Systems |
|
CCF: Invalid Test => Internal Comm Details |
This report provides details of un-allowed communication from the test environment to other internal environments. Augment: 2.2.2.a, 2.2.2.b, 6.4.1.a, 6.4.1.b, 6.4.2 |
2020 |
Data Processor(s) |
No |
Operations |
Log Source List = CCF: Network Security Systems |
|
CCF: Invalid Test => Internet Comm Details |
This report provides details of un-allowed communication from the test environment to the external internet. Augment: 1.2.1.a, 1.2.1.b, 1.2.1.c, 2.2.2.a, 2.2.2.b, 6.4.1.a, 6.4.1.b, 6.4.2 |
2021 |
Data Processor(s) |
No |
Operations |
Log Source List = CCF: Network Security Systems |
|
CCF: Invalid Wireless => CDE Comm Details |
This report provides details of un-allowed communication from the wireless environment to the internal card holder data environment. Augment: 2.2.2.a, 2.2.2.b |
2022 |
Data Processor(s) |
No |
Operations |
Log Source List = CCF: Network Security Systems |
|
CCF: LogRhythm Alarm And Response Details |
This report provides details of all alarms alarm, events, notifications, and response activity by entity. Augment: 12.10.5 |
2023 |
Platform Manager |
No |
Event Management |
N/A |
|
CCF: LogRhythm Usage Auditing by Date Details |
This report provides details of usage by date. Augment: 10.2.3, 10.6.1.a, 10.6.1.b, 10.6.2.a |
2024 |
Platform Manager |
No |
Log Management |
N/A |
|
CCF: LogRhythm Usage Auditing by User Details |
This report provides details of usage by user. Augment: 10.2.3, 10.6.1.a, 10.6.1.b, 10.6.2.a |
2025 |
Platform Manager |
No |
Log Management |
N/A |
|
CCF: Non-Encrypted Protocol Details |
This report provides details of unencrypted applications. Direct: 1.1.6.b Augment: 1.1.6.a, 2.3.b, 4.1.c, 4.1.f, 6.5.4, A2.3 |
2026 |
Data Processor(s) |
No |
Operations |
Log Source List = CCF: All Log Sources |
|
CCF: Object Creation/Disposal Activity Details |
This report provides details of object creations, deletions, and removals. Augment: 10.2.7 |
2027 |
Data Processor(s) |
No |
Audit |
Log Source List = CCF: Cardholder Data Systems |
|
CCF: Patch Update Failure Detail |
This report provides detail information around patch failure log messages received across Critical and Production environments. Direct: 6.2.b Augment: 12.11.a, A3.2.5.b |
2028 |
Platform Manager |
No |
Operations |
N/A |
|
CCF: Physical Security Auth Activity Details |
This report provides details of physical access authentication success and failure activity. Augment: 8.1.3.b,9.1, 9.1.1.a, 9.1.2, 9.3.c |
2029 |
Data Processor(s) |
No |
Audit |
Log Source List = CCF: Physical Security Systems |
|
CCF: Priv Access Failure Detail |
This report provides details of privileged user access granted & revoked by log source entity. Direct: 10.2.2, 10.2.5.a, 10.2.5.b, 10.2.5.c Augment: 10.8.1.b, A1.1, A1.3, A3.3.1.a, A3.4.1, A3.5.1.a, A3.5.1.b |
2030 |
Platform Manager |
No |
Audit |
Log Source List = CCF: All Log Sources |
|
CCF: Priv Access Granted/Revoked Details |
This report provides details of privileged user access granted & revoked by log source entity. Direct: 10.2.2, 10.2.5.a, 10.2.5.b, 10.2.5.c Augment: 7.1.1, 7.1.2.a, 7.1.2.b, 8.1.a, 8.1.1, 8.1.2, 8.1.3.a, 8.1.4, 8.1.6.a, 8.1.7, 8.2.5.b, 8.5.c |
2031 |
Data Processor(s) |
No |
Audit |
Log Source List = CCF: All Log Sources |
|
CCF: Priv Account Management Activity Details |
This report provides details of access modification to privileged accounts (list). Direct: 10.1, 10.2.2, 10.2.5.a, 10.2.5.b, 10.2.5.c Augment: 7.1.2.a, 7.1.2.b, 8.1.a, 8.1.1, 8.1.2, 8.1.3.a, 8.1.4, 8.2.5.a, 8.2.5.b, 8.5.c |
2032 |
Data Processor(s) |
No |
Audit |
Log Source List = CCF: All Log Sources |
|
CCF: Priv Authentication Activity Detail |
This report provides details of privileged user authentication successes and failures by impacted host. Direct: 10.1, 10.2.1, 10.2.2, 10.2.4, 10.2.5.a, 10.2.5.b, 10.2.5.c, 10.8.b, A3.3.1.b Augment: 7.1.1, 10.8.1.b, A1.1, A1.3, A3.3.1.a, A3.4.1, A3.5.1.a, A3.5.1.b |
2033 |
Data Processor(s) |
No |
Audit |
Log Source List = CCF: All Log Sources |
|
CCF: Remote Session Timeout Activity Details |
This report provides details of remote session timeout activity. Augment: 12.3.8.b |
2034 |
Data Processor(s) |
No |
Operations |
Log Source List = CCF: Network Security Systems |
|
CCF: Rogue WAP Detail |
This report provides details of detected rogue access points. Augment: 11.1.b, 11.1.d, 12.10.5 |
2035 |
Platform Manager |
No |
Security |
Log Source List = CCF: All Log Sources |
|
CCF: Security Event by Impacted App Details |
This report provides details of security activity such as attacks, compromises, denial of service, malware, misuse, reconnaissance, and suspicious activity. Augment: 11.4.a, 11.4.b, 11.4.c, 12.10.5 |
2036 |
Platform Manager |
No |
Security |
Log Source List = CCF: Network Security Systems |
|
CCF: Security Event by Impacted Host Details |
This report provides details of security activity such as attacks, compromises, denial of service, malware, misuse, reconnaissance, and suspicious activity. Augment: 11.4.a, 11.4.b, 11.4.c, 12.10.5 |
2037 |
Platform Manager |
No |
Security |
Log Source List = CCF: Network Security Systems |
|
CCF: Security Event by Log Source Ent Details |
This report provides details of security activity such as attacks, compromises, denial of service, malware, misuse, reconnaissance, and suspicious activity. Augment: 11.4.a, 11.4.b, 11.4.c, 12.10.5 |
2038 |
Platform Manager |
No |
Security |
Log Source List = CCF: Network Security Systems |
|
CCF: Security Event by Origin Host Details |
This report provides details of security activity such as attacks, compromises, and denial of service, malware, misuse, reconnaissance, suspicious activity. Augment: 11.4.a, 11.4.b, 11.4.c, 12.10.5 |
2039 |
Platform Manager |
No |
Security |
Log Source List = CCF: Network Security Systems |
|
CCF: Signature Update Activity Details |
This report provides details on signature update activity. Direct: 5.2.d, 6.2.b Augment: 5.2.b, 5.2.c, 11.4.a, 11.4.b, 11.4.c, 12.11.a, A3.2.5.b |
2040 |
Data Processor(s) |
No |
Operations |
Log Source List = CCF: Network Security Systems |
|
CCF: Software Update Activity Details |
This report provides details of software update activity. Direct: 6.2.b Augment: 12.11.a, A3.2.5.b |
2041 |
Data Processor(s) |
No |
Operations |
Log Source List = CCF: All Log Sources |
|
CCF: TLS/SSL Detail |
Provides a detail report of TLS/SSL activity grouped by oHost. This report provides supplemental support for PCI-DSS controls that oriented toward the evaluation of TLS and SSL security. Augment: 2.2.3.a, 2.2.3.b, 2.3.e, 4.1.g, 4.1.h, A2.1, A2.2, A2.3 |
2042 |
Data Processor(s) |
No |
Audit |
N/A |
|
CCF: Vendor Access Failure Detail |
This report provides detail information around vendor account access failures. Direct: 10.2.1, 10.2.4, 10.8.b, A3.3.1.b Augment: 8.1.5.a, 8.1.5.b, 8.1.6.b, 10.8.1.b, 12.3.9, A1.1, A1.3, A3.3.1.a, A3.4.1, A3.5.1.a, A3.5.1.b |
2043 |
Platform Manager |
No |
Audit |
Log Source List = CCF: All Log Sources |
|
CCF: Vendor Access Granted/Revoked Details |
This report provides detail information around user access granted and revoked for defined vendor accounts (list). Augment: 8.1.a, 8.1.1, 8.1.2, 8.1.3.a, 8.1.4, 8.1.5.a, 8.1.5.b, 8.1.6.a, 8.1.6.b, 8.1.7, 8.2.5.a, 8.2.5.b, 8.5.c, 12.3.9 |
2044 |
Platform Manager |
No |
Audit |
Log Source List = CCF: All Log Sources |
|
CCF: Vendor Account Management Details |
This report provides details of vendor account management activity. Augment: 8.1.a, 8.1.1, 8.1.2, 8.1.3.a, 8.1.4, 8.1.5.a, 8.1.5.b, 8.1.6.b, 8.2.5.a, 8.2.5.b, 8.5.c, 12.3.9 |
2045 |
Data Processor(s) |
No |
Audit |
Log Source List = CCF: All Log Sources |
|
CCF: Vendor Authentication Details |
This report provides details of vendor account activity. Direct: 10.2.1, 10.2.4, 10.8.b, A3.3.1.b Augment: 8.1.5.a, 8.1.5.b, 8.1.6.b, 10.8.1.b, 12.3.9, A1.1, A1.3, A3.3.1.a, A3.4.1, A3.5.1.a, A3.5.1.b |
2046 |
Data Processor(s) |
No |
Audit |
Log Source List = CCF: Network Security Systems |
Reporting Packages
|
Reporting Package |
Description |
|---|---|
|
CCF: Weekly IT Operations AIE Report Package |
These are reports IT Operations should run and review on a weekly basis. |
|
CCF: Daily IT Operations Report Package |
These are reports IT Operations should run and review on a daily basis. |
|
CCF: Daily IT Security Report Package |
These are reports Security Operations should run and review on a daily basis. |
|
CCF: Weekly Audit Report Package |
These are reports Audit should run and review on a weekly basis. |
|
CCF: Monthly Executive Report Package |
These are reports Executive Management should run and review on a monthly basis. |
|
CCF: Weekly IT Security AIE Report Package |
These are reports Security Management should run and review on a weekly basis. |