SOX-COSO – Reports
The following table provides a listing of all reports included in this compliance package. For each report, the targeted data source, the required classifications, and the required Log Source Lists are provided. If you are unable to implement the Data Management Settings, this table should be referred to so as to understand which reports will be impacted.
Reports with a data source of Log Manager will not populate in a fully collection- optimized deployment. Contact LogRhythm Support for additional details.
Report ID | Report Name | Data Source | Intelligent Indexing | Required Classifications | Required Log Source Lists |
|---|---|---|---|---|---|
210 | SOX COSO: Account Management Activity | Log Mart | No | Account Created, Account Deleted, Account Modified | SOX-COSO: File Integrity Monitoring Systems, SOX-COSO: Intrusion Detection Systems, SOX- COSO: Malware Systems, SOX-COSO: Network Access Control, SOX-COSO: Production Servers, SOX-COSO: Remote Access Systems, SOX-COSO: Wireless Access Points |
208 | SOX COSO: Applications Accessed By User | Log Manager | Yes | Information | SOX-COSO: Production Servers |
206 | SOX COSO: Attacks Detected | Log Mart | No | Attack, Compromise, Denial of Service | SOX-COSO: Intrusion Detection Systems, SOX- COSO: Malware Systems, SOX-COSO: Network Access Control, SOX-COSO: Production Servers, SOX-COSO: Wireless Access Points |
204 | SOX COSO: Audit Exceptions Event Summary | Log Mart | No | Access Failure, Authentication Failure, Other Audit Failure | SOX-COSO: Intrusion Detection Systems, SOX- COSO: Malware Systems, SOX-COSO: Network Access Control, SOX-COSO: Production Servers, SOX-COSO: Remote Access Systems, SOX-COSO: Wireless Access Points |
202 | SOX COSO: Audit Exceptions Event Summary | Log Mart | No | Access Failure, Authentication Failure, Other Audit Failure | SOX-COSO: Intrusion Detection Systems, SOX- COSO: Malware Systems, SOX-COSO: Network Access Control, SOX-COSO: Production Servers, SOX-COSO: Remote Access Systems, SOX-COSO: Wireless Access Points |
200 | SOX COSO: Compromises Detected | Log Mart | No | Compromise, Malware | SOX-COSO: Intrusion Detection Systems, SOX- COSO: Malware Systems, SOX-COSO: Network Access Control, SOX-COSO: Production Servers |
243 | SOX COSO: Failed Application Access | Log Mart | No | Access Failure, Authentication Failure | SOX-COSO: Production Servers |
196 | SOX COSO: Failed File Access | Log Manager | Yes | Access Failure | SOX-COSO: Production Servers |
193 | SOX COSO: Failed Host Access | Log Mart | No | Authentication Failure | SOX-COSO: Intrusion Detection Systems, SOX- COSO: Malware Systems, SOX-COSO: Network Access Control, SOX-COSO: Production Servers, SOX-COSO: Remote Access Systems, SOX-COSO: Wireless Access Points |
306 | SOX COSO: File Integrity Monitor Log Detail | Log Manager | No | Activity |
|
307 | SOX COSO: File Integrity Monitor Log Summary | Log Mart | No | Activity |
|
308 | SOX COSO: File Integrity Monitoring Log Detail | Log Manager | Yes | Activity |
|
189 | SOX COSO: Host Access Granted And Revoked | Log Mart | No | Access Granted, Access Revoked | SOX-COSO: File Integrity Monitoring Systems, SOX-COSO: Intrusion Detection Systems, SOX- COSO: Malware Systems, SOX-COSO: Network Access Control, SOX-COSO: Production Servers, SOX-COSO: Remote Access Systems, SOX-COSO: Wireless Access Points |
187 | SOX COSO: Host Authentication Summary | Log Mart | No | Authentication Success | SOX-COSO: Intrusion Detection Systems, SOX- COSO: Malware Systems, SOX-COSO: Network Access Control, SOX-COSO: Production Servers, SOX-COSO: Remote Access Systems, SOX-COSO: Wireless Access Points |
183 | SOX COSO: Log Volume | Event Manager | N/A | N/A |
|
181 | SOX COSO: Log Volume | Event Manager | N/A | N/A |
|
180 | SOX COSO: Log Volume | Event Manager | N/A | N/A |
|
178 | SOX COSO: Log Volume | Event Manager | N/A | N/A |
|
176 | SOX COSO: Log Volume | Event Manager | N/A | N/A |
|
244 | SOX COSO: Malware Detected | Log Manager | Yes | Malware | SOX-COSO: Intrusion Detection Systems, SOX- COSO: Malware Systems |
173 | SOX COSO: Policy Activity Summary | Log Mart | No | Access Granted, Access Revoked, Policy | SOX-COSO: Intrusion Detection Systems, SOX- COSO: Malware Systems, SOX-COSO: Network Access Control, SOX-COSO: Production Servers, SOX-COSO: Remote Access Systems, SOX-COSO: Wireless Access Points |
170 | SOX COSO: Security Event Summary | Log Mart | No | Attack, Compromise, Denial of Service, Malware, Reconnaissance, Suspicious | SOX-COSO: Intrusion Detection Systems, SOX- COSO: Malware Systems, SOX-COSO: Network Access Control, SOX-COSO: Production Servers, SOX-COSO: Remote Access Systems, SOX-COSO: Wireless Access Points |
167 | SOX COSO: Security Event Summary | Log Mart | No | Attack, Compromise, Denial of Service, Malware, Reconnaissance, Suspicious | SOX-COSO: Intrusion Detection Systems, SOX- COSO: Malware Systems, SOX-COSO: Network Access Control, SOX-COSO: Production Servers, SOX-COSO: Remote Access Systems, SOX-COSO: Wireless Access Points |
166 | SOX COSO: Security Event Summary | Log Mart | No | Attack, Compromise, Denial of Service, Malware, Reconnaissance, Suspicious | SOX-COSO: Intrusion Detection Systems, SOX- COSO: Malware Systems, SOX-COSO: Network Access Control, SOX-COSO: Production Servers, SOX-COSO: Remote Access Systems, SOX-COSO: Wireless Access Points |
164 | SOX COSO: Suspicious Activity By Host | Log Mart | No | Suspicious | SOX-COSO: Intrusion Detection Systems, SOX- COSO: Network Access Control, SOX-COSO: Production Servers, SOX-COSO: Remote Access Systems, SOX-COSO: Wireless Access Points |
162 | SOX COSO: Suspicious Activity By User | Log Mart | No | Suspicious | SOX-COSO: Intrusion Detection Systems, SOX- COSO: Malware Systems, SOX-COSO: Network Access Control, SOX-COSO: Production Servers, SOX-COSO: Remote Access Systems, SOX-COSO: Wireless Access Points |
160 | SOX COSO: System Critical And Error Conditions | Log Mart | No | Critical, Error | SOX-COSO: Intrusion Detection Systems, SOX- COSO: Malware Systems, SOX-COSO: Network Access Control, SOX-COSO: Production Servers, SOX-COSO: Remote Access Systems, SOX-COSO: Wireless Access Points |
159 | SOX COSO: System Security Event Summary | Log Manager | Yes | Configuration, Startup and Shutdown | SOX-COSO: Intrusion Detection Systems, SOX- COSO: Malware Systems, SOX-COSO: Network Access Control, SOX-COSO: Production Servers, SOX-COSO: Remote Access Systems, SOX-COSO: Wireless Access Points |
158 | SOX COSO: System Startup And Shutdown | Log Mart | No | Startup and Shutdown | SOX-COSO: Intrusion Detection Systems, SOX- COSO: Malware Systems, SOX-COSO: Network Access Control, SOX-COSO: Production Servers, SOX-COSO: Remote Access Systems, SOX-COSO: Wireless Access Points |
157 | SOX COSO: Terminated Account Summary | Log Mart | No | Account Deleted | SOX-COSO: File Integrity Monitoring Systems, SOX-COSO: Intrusion Detection Systems, SOX- COSO: Malware Systems, SOX-COSO: Network Access Control, SOX-COSO: Production Servers, SOX-COSO: Remote Access Systems, SOX-COSO: Wireless Access Points |
156 | SOX COSO: Top Applications Experiencing Errors | Log Mart | No | Critical, Error | SOX-COSO: Production Servers |
155 | SOX COSO: Top Attackers | Log Mart | No | Attack, Compromise, Denial of Service, Failed Attack, Failed Denial of Service, Failed Malware, Failed Suspicious, Malware, Reconnaissance, Suspicious | SOX-COSO: Intrusion Detection Systems, SOX- COSO: Malware Systems |
152 | SOX COSO: Top Hosts Experiencing Errors | Log Mart | No | Critical, Error | SOX-COSO: Intrusion Detection Systems, SOX- COSO: Malware Systems, SOX-COSO: Network Access Control, SOX-COSO: Production Servers, SOX-COSO: Remote Access Systems, SOX-COSO: Wireless Access Points |
149 | SOX COSO: Top Suspicious Users | Log Manager | Yes | Access Failure, Activity, Attack, Authentication Failure, Compromise, Denial of Service, Failed Activity, Failed Denial of Service, Failed Malware, Failed Misuse, Failed Suspicious, Malware, Misuse, Other Audit Failure, Reconnaissance, Suspicious | SOX-COSO: Intrusion Detection Systems, SOX- COSO: Malware Systems, SOX-COSO: Network Access Control, SOX-COSO: Production Servers, SOX-COSO: Remote Access Systems, SOX-COSO: Wireless Access Points |
120 | SOX COSO: Top Targeted Applications | Log Mart | No | Attack, Compromise, Denial of Service, Failed Attack, Failed Denial of Service, Failed Malware, Failed Suspicious, Malware, Reconnaissance, Suspicious | SOX-COSO: Intrusion Detection Systems, SOX- COSO: Malware Systems, SOX-COSO: Production Servers |
119 | SOX COSO: Top Targeted Hosts | Log Mart | No | Attack, Compromise, Denial of Service, Failed Attack, Failed Denial of Service, Failed Malware, Failed Suspicious, Malware, Reconnaissance, Suspicious | SOX-COSO: Intrusion Detection Systems, SOX- COSO: Malware Systems, SOX-COSO: Network Access Control, SOX-COSO: Production Servers |
118 | SOX COSO: Usage Auditing Activity Summary | Event Manager | N/A | N/A | SOX-COSO: File Integrity Monitoring Systems, SOX-COSO: Intrusion Detection Systems, SOX- COSO: Malware Systems, SOX-COSO: Network Access Control, SOX-COSO: Production Servers, SOX-COSO: Remote Access Systems, SOX-COSO: Wireless Access Points |
117 | SOX COSO: Usage Auditing Event Detail | Event Manager | N/A | N/A | SOX-COSO: File Integrity Monitoring Systems, SOX-COSO: Intrusion Detection Systems, SOX- COSO: Malware Systems, SOX-COSO: Network Access Control, SOX-COSO: Production Servers, SOX-COSO: Remote Access Systems, SOX-COSO: Wireless Access Points |
116 | SOX COSO: Usage Auditing Event Detail | Event Manager | N/A | N/A | SOX-COSO: File Integrity Monitoring Systems, SOX-COSO: Intrusion Detection Systems, SOX- COSO: Malware Systems, SOX-COSO: Network Access Control, SOX-COSO: Production Servers, SOX-COSO: Remote Access Systems, SOX-COSO: Wireless Access Points |
115 | SOX COSO: Usage Auditing Event List | Event Manager | N/A | N/A | SOX-COSO: File Integrity Monitoring Systems, SOX-COSO: Intrusion Detection Systems, SOX- COSO: Malware Systems, SOX-COSO: Network Access Control, SOX-COSO: Production Servers, SOX-COSO: Remote Access Systems |
114 | SOX COSO: Usage Auditing Logon & Logoff Events | Event Manager | N/A | N/A | SOX-COSO: Intrusion Detection Systems, SOX- COSO: Malware Systems, SOX-COSO: Network Access Control, SOX-COSO: Production Servers, SOX-COSO: Remote Access Systems, SOX-COSO: Wireless Access Points |
245 | SOX COSO: User Authentication Summary | Log Mart | No | Authentication Failure, Authentication Success | SOX-COSO: Intrusion Detection Systems, SOX- COSO: Network Access Control, SOX-COSO: Production Servers, SOX-COSO: Remote Access Systems, SOX-COSO: Wireless Access Points |
112 | SOX COSO: User Object Access Summary | Log Manager | No | Access Success | SOX-COSO: Production Servers |