PCI-DSS User Guide – Reports and Reporting Packages
Reports
PCI-DSS 3.2 reporting is broken into summary and detailed reports in order to present various audiences with appropriate forensic log data. Summary reports provide a higher level of information that may be appropriate for some audit and management requests. On the other hand, detailed reports provide additional information and, in some reports, raw log data to facilitate IT Security and Operations.
Reporting Packages
Reporting packages can be easily created or adjusted by a LogRhythm Admin to provide needed content for Audit, Executive Management, or other individuals who require output for assessment. Within the PCI-DSS 3.2 Compliance Suite, there are six (6) reporting packages that can be adjusted according to audit and organizational needs. Below are some examples:
Report Package Name | Report Package Description | Report Package ID |
|---|---|---|
PCI-DSS: Weekly IT Operations AIE Report Package | These are reports IT Operations should run and review on a weekly basis. | 81 |
PCI-DSS: Daily IT Operations Report Package | These are reports IT Operations should run and review on a daily basis. | 82 |
PCI-DSS: Daily IT Security Report Package | These are reports Security Operations should run and review on a daily basis. | 83 |
PCI-DSS: Weekly Audit Report Package | These are reports Audit should run and review on a weekly basis. | 84 |
PCI-DSS: Monthly Executive Report Package | These are reports Executive Management should run and review on a monthly basis. | 85 |
PCI-DSS: Weekly IT Security AIE Report Package | These are reports Security Management should run and review on a weekly basis. | 86 |
To create a new Reporting Package to be used at your discretion:
- Within your deployment, navigate to the Report Center.
- Click the Reporting Packages tab.
- In the Select Reports window, select the PCI-DSS reports you want included in this reporting package, and then click Next.
In the Override Log Source Criteria window, click Next.
Do NOT override log source criteria.- In the Configuration window, select the frequency and time frame in which you want the reporting package produced.
- Right-click in the report packages grid, and then click New Report Package.
- Configure additional settings according to the methods of delivery of report outputs you want, and then click Next.
- Type a name and description for the new PCI-DSS reporting package, and then click OK to save.
