TIBCO LogLogic Reports for PCI
The following table lists the Custom Reports included in the TIBCO LogLogic® Compliance Suite - PCI Edition.
Serial Number | TIBCO LogLogic Report | Description |
---|---|---|
1 | PCI: Accepted VPN Connections - RADIUS | Displays all users connected to the internal network through the RADIUS VPN. |
2 | PCI: Account Activities on UNIX Servers | Displays all accounts activities on UNIX servers to ensure authorized and appropriate access. |
3 | PCI: Account Activities on Windows Servers | Displays all accounts activities on Windows servers to ensure authorized and appropriate access. |
4 | PCI: Accounts Changed on NetApp Filer | Displays all accounts changed on NetApp Filer to ensure authorized and appropriate access. |
5 | PCI: Accounts Changed on UNIX Servers | Displays all accounts changed on UNIX servers to ensure authorized and appropriate access. |
6 | PCI: Accounts Changed on Windows Servers | Displays all accounts changed on Windows servers to ensure authorized and appropriate access. |
7 | PCI: Accounts Changed on TIBCO ActiveMatrix Administrator | Displays all accounts changed on TIBCO ActiveMatrix Administrator to ensure authorized and appropriate access. |
8 | PCI: Accounts Changed on TIBCO Administrator | Displays all accounts changed on TIBCO Administrator to ensure authorized and appropriate access. |
9 | PCI: Accounts Created on NetApp Filer | Displays all accounts created on NetApp Filer to ensure authorized and appropriate access. |
10 | PCI: Accounts Created on NetApp Filer Audit | Displays all accounts created on NetApp Filer Audit to ensure authorized and appropriate access. |
11 | PCI: Accounts Created on Symantec Endpoint Protection | Displays all accounts created on Symantec Endpoint Protection to ensure authorized and appropriate access. |
12 | PCI: Accounts Created on TIBCO ActiveMatrix Administrator | Displays all accounts created on TIBCO ActiveMatrix Administrator to ensure authorized and appropriate access. |
13 | PCI: Accounts Created on TIBCO Administrator | Displays all accounts created on TIBCO Administrator to ensure authorized and appropriate access. |
14 | PCI: Accounts Created on Sidewinder | Displays all accounts created on Sidewinder to ensure authorized and appropriate access. |
15 | PCI: Accounts Created on UNIX Servers | Displays all accounts created on UNIX servers to ensure authorized and appropriate access. |
16 | PCI: Accounts Created on Windows Servers | Displays all accounts created on Windows servers to ensure authorized and appropriate access. |
17 | PCI: Accounts Deleted on NetApp Filer | Displays all accounts deleted on NetApp Filer to ensure authorized and appropriate access. |
18 | PCI: Accounts Deleted on NetApp Filer Audit | Displays all accounts deleted on NetApp Filer Audit to ensure authorized and appropriate access. |
19 | PCI: Accounts Deleted on Sidewinder | Displays all accounts deleted on Sidewinder to ensure authorized and appropriate access. |
20 | PCI: Accounts Deleted on Symantec Endpoint Protection | Displays all accounts deleted on Symantec Endpoint Protection to ensure authorized and appropriate access. |
21 | PCI: Accounts Deleted on TIBCO ActiveMatrix Administrator | Displays all accounts deleted on TIBCO ActiveMatrix Administrator to ensure authorized and appropriate access. |
22 | PCI: Accounts Deleted on TIBCO Administrator | Displays all accounts deleted on TIBCO Administrator to ensure authorized and appropriate access. |
23 | PCI: Accounts Deleted on UNIX Servers | Displays all accounts deleted on UNIX servers to ensure authorized and appropriate access. |
24 | PCI: Accounts Deleted on Windows Servers | Displays all accounts deleted on Windows servers to ensure authorized and appropriate access. |
25 | PCI: Active Directory System Changes | Displays changes made within Active Directory. |
26 | PCI: Administrator Logins on Windows Servers | Displays all logins with the administrator account on Windows servers. |
27 | PCI: Administrators Activities on Servers | Displays the latest activities performed by administrators and root users to ensure appropriate access. |
28 | PCI: Applications Through Firewalls | Displays the most active applications used through the firewalls. |
29 | PCI: Applications Under Attack | Displays all applications under attack as well as the attack signatures. |
30 | PCI: Applications Under Attack - Cisco IOS | Displays all applications under attack as well as the attack signatures by Cisco IOS. |
31 | PCI: Applications Under Attack - FireEye MPS | Displays all applications under attack as well as the attack signatures by FireEye MPS. |
32 | PCI: Applications Under Attack - ISS SiteProtector | Displays all applications under attack as well as the attack signatures by ISS SiteProtector. |
33 | PCI: Applications Under Attack - SiteProtector | Displays all applications under attack as well as the attack signatures by SiteProtector. |
34 | PCI: Applications Under Attack - Sourcefire Defense Center | Displays all applications under attack as well as the attack signatures by Sourcefire Defense Center. |
35 | PCI: Attack Origins | Displays the sources that have initiated the most attacks. |
36 | PCI: Attack Origins - Cisco IOS | Displays the sources that have initiated the most attacks by Cisco IOS. |
37 | PCI: Attack Origins - HIPS | Displays the sources that have initiated the most attacks. |
38 | PCI: Attack Origins - ISS SiteProtector | Displays the sources that have initiated the most attacks by ISS SiteProtector. |
39 | PCI: Attack Origins - SiteProtector | Displays the sources that have initiated the most attacks by SiteProtector. |
40 | PCI: Attack Origins - Sourcefire Defense Center | Displays the sources that have initiated the most attacks by Sourcefire Defense Center. |
41 | PCI: Attacks Detected | Displays all IDS attacks detected against servers and applications. |
42 | PCI: Attacks Detected - Cisco IOS | Displays all IDS attacks detected against servers and applications by Cisco IOS. |
43 | PCI: Attacks Detected - HIPS | Displays all IPS attacks detected against servers and applications. |
44 | PCI: Attacks Detected - ISS SiteProtector | Displays all IDS attacks detected against servers and applications by ISS SiteProtector. |
45 | PCI: Attacks Detected - SiteProtector | Displays all IDS attacks detected against servers and applications by SiteProtector. |
46 | PCI: Attacks Detected - Sourcefire Defense Center | Displays all IDS attacks detected against servers and applications by Sourcefire Defense Center. |
47 | PCI: Check Point Configuration Changes | Displays all Check Point audit events related to configuration changes. |
48 | PCI: Check Point Management Station Login | Displays all login events to the Check Point management station. |
49 | PCI: Check Point Objects Created | Displays all Check Point audit events related to object creation in policies. |
50 | PCI: Check Point Objects Deleted | Displays all Check Point audit events related to policy objects deleted. |
51 | PCI: Check Point Objects Modified | Displays all Check Point audit events related to policy objects modified. |
52 | PCI: Check Point SIC Revoked | Displays all Check Point audit events related to the security certificate being revoked. |
53 | PCI: Cisco ESA: Attacks by Event ID | Displays Cisco ESA attacks by Event ID. |
54 | PCI: Cisco ESA: Attacks Detected | Displays attacks detected by Cisco ESA. |
55 | PCI: Cisco ESA: Attacks by Threat Name | Displays Cisco ESA Attacks by threat name. |
56 | PCI: Cisco ESA: Scans | Displays scans using Cisco ESA. |
57 | PCI: Cisco ESA: Updated | Displays updates to Cisco ESA. |
58 | PCI: Cisco FWSM HA State Changed | Displays all Cisco FWSM firewall fail-over state change events. |
59 | PCI: Cisco ISE, ACS Accounts Created | Displays all accounts created on Cisco ISE and Cisco SecureACS to ensure authorized and appropriate access. |
60 | PCI: Cisco ISE, ACS Accounts Removed | Displays all accounts removed on Cisco ISE and Cisco SecureACS to ensure authorized and appropriate access. |
61 | PCI: Cisco ISE, ACS Configuration Changes | Displays Cisco ISE and Cisco SecureACS configuration changes. |
62 | PCI: Cisco ISE, ACS Password Changes | Displays all password change activities on Cisco ISE and Cisco SecureACS to ensure authorized and appropriate access. |
63 | PCI: Cisco Peer Reset/Reload | Displays all Cisco Peer reset and reload events. |
64 | PCI: Cisco Peer Supervisor Status Changes | Displays all Cisco Peer Supervisor status changes. |
65 | PCI: Cisco PIX, ASA, FWSM Failover Disabled | Displays all logs related to disabling Cisco PIX, ASA, and FWSM failover capability. |
66 | PCI: Cisco PIX, ASA, FWSM Failover Performed | Displays all logs related to performing a Cisco PIX, ASA, and FWSM failover. |
67 | PCI: Cisco PIX, ASA, FWSM Policy Changed | Displays all configuration changes made to the Cisco PIX, ASA, and FWSM devices. |
68 | PCI: Cisco PIX, ASA, FWSM Restarted | Displays all Cisco PIX, ASA, or FWSM restart activities to detect unusual activities. |
69 | PCI: Cisco PIX, ASA, FWSM Routing Failure | Displays all Cisco PIX, ASA, and FWSM routing error messages. |
70 | PCI: Cisco Redundancy Version Check Failed | Displays all Cisco redundancy version check failures. |
71 | PCI: Cisco Routers and Switches Restart | Displays all Cisco routers and switches restart activities to detect unusual activities. |
72 | PCI: Cisco Switch Policy Changes | Displays all configuration changes to the Cisco router and switch policies. |
73 | PCI: Creation and Deletion of System Level Objects: AIX Audit | Displays AIX audit events related to creation and deletion of system-level objects. |
74 | PCI: Creation and Deletion of System Level Objects: DB2 Database | Displays DB2 database events related to creation and deletion of system-level objects. |
75 | PCI: Creation and Deletion of System Level Objects: HP-UX Audit | Displays HP-UX audit events related to creation and deletion of system-level objects. |
76 | PCI: Creation and Deletion of System Level Objects: Oracle | Displays Oracle database events related to creation and deletion of system-level objects. |
77 | PCI: Creation and Deletion of System Level Objects: Solaris BSM | Displays Solaris BSM events related to creation and deletion of system-level objects. |
78 | PCI: Creation and Deletion of System Level Objects: SQL Server | Displays Microsoft SQL Server events related to creation and deletion of system-level objects. |
79 | PCI: Creation and Deletion of System Level Objects: Windows | Displays all Windows events related to creation and deletion of system-level objects. |
80 | PCI: DB2 Database Configuration Changes | Displays DB2 database configuration changes. |
81 | PCI: DB2 Database Failed Logins | Displays all failed login attempts to review any access violations or unusual activity. |
82 | PCI: DB2 Database Successful Logins | Displays successful DB2 database logins. |
83 | PCI: DB2 Database User Additions and Deletions | Displays IBM DB2 Database events related to creation and deletion of database users. |
84 | PCI: Denied VPN Connections - RADIUS | Displays all users denied access to the internal network by the RADIUS VPN. |
85 | PCI: DHCP Activities on Microsoft DHCP | Displays all DHCP activities on Microsoft DHCP Server. |
86 | PCI: DHCP Activities on VMware vShield | Displays all DHCP activities on VMware vShield Edge. |
87 | PCI: DNS Server Error | Displays all events when DNS Server has errors. |
88 | PCI: Escalated Privilege Activities on Servers | Displays all privilege escalation activities performed on servers to ensure appropriate access. |
89 | PCI: ESX Accounts Activities | Displays all accounts activities on VMware ESX servers to ensure authorized and appropriate access. |
90 | PCI: ESX Accounts Created | Displays all accounts created on VMware ESX servers to ensure authorized and appropriate access. |
91 | PCI: ESX Accounts Deleted | Displays all accounts deleted on VMware ESX servers to ensure authorized and appropriate access. |
92 | PCI: ESX Failed Logins | Failed VMware ESX logins for known user. |
93 | PCI: ESX Group Activities | Displays all group activities on VMware ESX servers to ensure authorized and appropriate access. |
94 | PCI: ESX Kernel log daemon terminating | Displays all VMware ESX Kernel log daemon terminating. |
95 | PCI: ESX Kernel logging Stop | Displays all VMware ESX Kernel logging stops. |
96 | PCI: ESX Logins Failed Unknown User | Failed VMware ESX logins for unknown user |
97 | PCI: ESX Logins Succeeded | Displays successful logins to VMware ESX to ensure only authorized personnel have access. |
98 | PCI: F5 BIG-IP TMOS Login Failed | Displays all F5 BIG-IP TMOS login events which have failed. |
99 | PCI: F5 BIG-IP TMOS Login Successful | Displays all F5 BIG-IP TMOS login events which have succeeded. |
100 | PCI: F5 BIG-IP TMOS Password Changes | Displays all password change activities on F5 BIG-IP TMOS to ensure authorized and appropriate access. |
101 | PCI: F5 BIG-IP TMOS Restarted | Displays all events when the F5 BIG-IP TMOS has been restarted. |
102 | PCI: ESX Syslogd Restart | Displays all VMware ESX syslogd restarts. |
103 | PCI: Files Accessed on NetApp Filer Audit | Displays all files accessed on NetApp Filer Audit to ensure appropriate access. |
104 | PCI: Failed Logins | Displays all failed login attempts to review any access violations or unusual activity. |
105 | PCI: Files Accessed on Servers | Displays all files accessed on servers to ensure appropriate access. |
106 | PCI: Files Accessed through Juniper SSL VPN (Secure Access) | Displays all files accessed through Juniper SSL VPN (Secure Access). |
107 | PCI: Files Accessed through PANOS | Displays all files accessed through Palo Alto Networks. |
108 | PCI: FireEye MPS: Attacks by Event ID | Displays FireEye MPS attacks by Event ID. |
109 | PCI: FireEye MPS: Attacks by Threat Name | Displays FireEye MPS attacks by threat name. |
110 | PCI: FireEye MPS: Attacks Detected | Displays attacks detected by FireEye MPS. |
111 | PCI: Firewall Connections Accepted - Check Point | Displays all traffic passing through the Check Point firewall. |
112 | PCI: Firewall Connections Accepted - Cisco IOS | Displays all traffic passing through the Cisco IOS firewall. |
113 | PCI: Firewall Connections Accepted - Cisco Netflow | Displays all traffic passing through the Cisco Netflow. |
114 | PCI: Firewall Connections Accepted - Cisco NXOS | Displays all traffic passing through the Cisco NXOS device. |
115 | PCI: Firewall Connections Accepted - Cisco PIX | Displays all traffic passing through the Cisco PIX firewall. |
116 | PCI: Firewall Connections Accepted - F5 BIG-IP TMOS | Displays all traffic passing through the F5 BIG-IP TMOS device. |
117 | PCI: Firewall Connections Accepted - Juniper JunOS | Displays all traffic passing through the Juniper JunOS firewall. |
118 | PCI: Firewall Connections Accepted - PANOS | Displays all traffic passing through the Palo Alto Networks firewall. |
119 | PCI: Firewall Connections Accepted - Sidewinder | Displays all traffic passing through the Sidewinder firewall. |
120 | PCI: Firewall Connections Accepted - VMware vShield | Displays all traffic passing through the VMware vShield device. |
121 | PCI: Firewall Connections Denied - Check Point | Displays the applications that have been denied access the most by the Check Point devices. |
122 | PCI: Firewall Connections Denied - F5 BIG-IP TMOS | Displays the applications that have been denied access the most by the F5 BIG-IP TMOS. |
123 | PCI: Firewall Connections Denied - Cisco ASA | Displays the applications that have been denied access the most by the Cisco ASA devices. |
124 | PCI: Firewall Connections Denied - Cisco FWSM | Displays the applications that have been denied access the most by the Cisco FWSM devices. |
125 | PCI: Firewall Connections Denied - Cisco IOS | Displays the applications that have been denied access the most by the Cisco IOS. |
126 | PCI: Firewall Connections Denied - Cisco NXOS | Displays the applications that have been denied access the most by the Cisco NXOS devices. |
127 | PCI: Firewall Connections Denied - Cisco PIX | Displays the applications that have been denied access the most by the Cisco PIX devices. |
128 | PCI: Firewall Connections Denied - Cisco Router | Displays the applications that have been denied access the most by the Cisco Router. |
129 | PCI: Firewall Connections Denied - Fortinet | Displays the applications that have been denied access the most by the Fortinet devices. |
130 | PCI: Firewall Connections Denied - Juniper Firewall | Displays the applications that have been denied access the most by the Juniper Firewall. |
131 | PCI: Firewall Connections Denied - Juniper JunOS | Displays the applications that have been denied access the most by the Juniper JunOS. |
132 | PCI: Firewall Connections Denied - Juniper RT Flow | Displays the applications that have been denied access the most by the Juniper RT Flow. |
133 | PCI: Firewall Connections Denied - Nortel | Displays the applications that have been denied access the most by the Nortel devices. |
134 | PCI: Firewall Connections Denied - PANOS | Displays the applications that have been denied access the most by the Palo Alto Networks devices. |
135 | PCI: Firewall Connections Denied - Sidewinder | Displays the applications that have been denied access the most by the Sidewinder |
136 | PCI: Firewall Connections Denied - VMware vShield | Displays the applications that have been denied access the most by the VMware vShield. |
137 | PCI: Firewall Traffic Besides HTTP, SSL and SSH - Check Point | Displays all traffic passing through the Check Point that is not HTTP, SSL and SSH. |
138 | PCI: Firewall Traffic Besides HTTP, SSL and SSH - Cisco ASA | Displays all traffic passing through the Cisco ASA that is not HTTP, SSL and SSH. |
139 | PCI: Firewall Traffic Besides HTTP, SSL and SSH - Cisco FWSM | Displays all traffic passing through the Cisco FWSM that is not HTTP, SSL and SSH. |
140 | PCI: Firewall Traffic Besides HTTP, SSL and SSH - Cisco IOS | Displays all traffic passing through the Cisco IOS that is not HTTP, SSL and SSH. |
141 | PCI: Firewall Traffic Besides HTTP, SSL and SSH - Cisco Netflow | Displays all traffic passing through the Cisco Netflow that is not HTTP, SSL and SSH. |
142 | PCI: Firewall Traffic Besides HTTP, SSL and SSH - Cisco PIX | Displays all traffic passing through the Cisco PIX that is not HTTP, SSL and SSH. |
143 | PCI: Firewall Traffic Besides HTTP, SSL and SSH - F5 BIG-IP TMOS | Displays all traffic passing through the F5 BIG-IP TMOS that is not HTTP, SSL and SSH. |
144 | PCI: Firewall Traffic Besides HTTP, SSL and SSH - Fortinet | Displays all traffic passing through the Fortinet that is not HTTP, SSL and SSH. |
145 | PCI: Firewall Traffic Besides HTTP, SSL and SSH - Juniper Firewall | Displays all traffic passing through the Juniper Firewall that is not HTTP, SSL and SSH. |
146 | PCI: Firewall Traffic Besides HTTP, SSL and SSH - Juniper JunOS | Displays all traffic passing through the Juniper JunOS that is not HTTP, SSL and SSH. |
147 | PCI: Firewall Traffic Besides HTTP, SSL and SSH - Juniper RTFlow | Displays all traffic passing through the Juniper RT Flow that is not HTTP, SSL and SSH. |
148 | PCI: Firewall Traffic Besides HTTP, SSL and SSH - Nortel | Displays all traffic passing through the Nortel that is not HTTP, SSL and SSH. |
149 | PCI: Firewall Traffic Besides HTTP, SSL and SSH - PANOS | Displays all traffic passing through the Palo Alto Networks that is not HTTP, SSL and SSH. |
150 | PCI: Firewall Traffic Besides HTTP, SSL and SSH - Sidewinder | Displays all traffic passing through the Sidewinder that is not HTTP, SSL and SSH. |
151 | PCI: Firewall Traffic Besides HTTP, SSL and SSH - VMware vShield | Displays all traffic passing through the VMware vShield that is not HTTP, SSL and SSH. |
152 | PCI: Firewall Traffic Besides SSL and SSH - Check Point | Displays all traffic passing through the Check Point that is not SSL and SSH. |
153 | PCI: Firewall Traffic Besides SSL and SSH - Cisco ASA | Displays all traffic passing through the Cisco ASA that is not SSL and SSH. |
154 | PCI: Firewall Traffic Besides SSL and SSH - Cisco FWSM | Displays all traffic passing through the Cisco FWSM that is not SSL and SSH. |
155 | PCI: Firewall Traffic Besides SSL and SSH - Cisco IOS | Displays all traffic passing through the Cisco IOS that is not SSL and SSH. |
156 | PCI: Firewall Traffic Besides SSL and SSH - Cisco Netflow | Displays all traffic passing through the Cisco Netflow that is not SSL and SSH. |
157 | PCI: Firewall Traffic Besides SSL and SSH - F5 BIG-IP TMOS | Displays all traffic passing through the F5 BIG-IP TMOS that is not SSL and SSH. |
158 | PCI: Firewall Traffic Besides SSL and SSH - Cisco PIX | Displays all traffic passing through the Cisco PIX that is not SSL and SSH. |
159 | PCI: Firewall Traffic Besides SSL and SSH - Fortinet | Displays all traffic passing through the Fortinet that is not SSL and SSH. |
160 | PCI: Firewall Traffic Besides SSL and SSH - Juniper Firewall | Displays all traffic passing through the Juniper firewall that is not SSL and SSH. |
161 | PCI: Firewall Traffic Besides SSL and SSH - Juniper JunOS | Displays all traffic passing through the Juniper JunOS that is not SSL and SSH. |
162 | PCI: Firewall Traffic Besides SSL and SSH - Juniper RT Flow | Displays all traffic passing through the Juniper RT Flow that is not SSL and SSH. |
163 | PCI: Firewall Traffic Besides SSL and SSH - Nortel | Displays all traffic passing through the Nortel that is not SSL and SSH. |
164 | PCI: Firewall Traffic Besides SSL and SSH - PANOS | Displays all traffic passing through the Palo Alto Networks that is not SSL and SSH. |
165 | PCI: Firewall Traffic Besides SSL and SSH - Sidewinder | Displays all traffic passing through the Sidewinder that is not SSL and SSH. |
166 | PCI: Firewall Traffic Besides SSL and SSH - VMware vShield | Displays all traffic passing through the VMware vShield that is not SSL and SSH. |
167 | PCI: Firewall Traffic Considered Risky - Check Point | Displays Check Point allowed firewall traffic that is considered risky. |
168 | PCI: Firewall Traffic Considered Risky - Cisco ASA | Displays Cisco ASA allowed firewall traffic that is considered risky. |
169 | PCI: Firewall Traffic Considered Risky - Cisco FWSM | Displays Cisco FWSM allowed firewall traffic that is considered risky. |
170 | PCI: Firewall Traffic Considered Risky - Cisco IOS | Displays Cisco IOS allowed firewall traffic that is considered risky. |
171 | PCI: Firewall Traffic Considered Risky - Cisco Netflow | Displays Cisco Netflow allowed firewall traffic that is considered risky. |
172 | PCI: Firewall Traffic Considered Risky - Cisco PIX | Displays Cisco PIX allowed firewall traffic that is considered risky. |
173 | PCI: Firewall Traffic Considered Risky - F5 BIG-IP TMOS | Displays F5 BIG-IP TMOS allowed firewall traffic that is considered risky. |
174 | PCI: Firewall Traffic Considered Risky - Fortinet | Displays Fortinet allowed firewall traffic that is considered risky. |
175 | PCI: Firewall Traffic Considered Risky - Juniper Firewall | Displays Juniper Firewall allowed firewall traffic that is considered risky. |
176 | PCI: Firewall Traffic Considered Risky - Juniper JunOS | Displays Juniper JunOS allowed firewall traffic that is considered risky. |
177 | PCI: Firewall Traffic Considered Risky - Juniper RT Flow | Displays Juniper RT Flow allowed firewall traffic that is considered risky. |
178 | PCI: Firewall Traffic Considered Risky - Nortel | Displays Nortel allowed firewall traffic that is considered risky. |
179 | PCI: Firewall Traffic Considered Risky - PANOS | Displays Palo Alto Networks allowed firewall traffic that is considered risky. |
180 | PCI: Firewall Traffic Considered Risky - Sidewinder | Displays Sidewinder allowed firewall traffic that is considered risky. |
181 | PCI: Firewall Traffic Considered Risky - VMware vShield | Displays VMware vShield Edge allowed firewall traffic that is considered risky. |
182 | PCI: FortiOS: Attacks by Event ID | Displays FortiOS attacks by Event ID. |
183 | PCI: FortiOS: Attacks by Threat Name | Displays FortiOS attacks by threat Name. |
184 | PCI: FortiOS: Attacks Detected | Displays attacks detected by FortiOS. |
185 | PCI: FortiOS DLP Attacks Detected | Displays all DLP attacks detected by FortiOS. |
186 | PCI: Group Activities on TIBCO ActiveMatrix Administrator | Displays all group activities on TIBCO ActiveMatrix Administrator to ensure authorized and appropriate access. |
187 | PCI: Group Activities on UNIX Servers | Displays all group activities on UNIX servers to ensure authorized and appropriate access. |
188 | PCI: Group Activities on Windows Servers | Displays all group activities on Windows servers to ensure authorized and appropriate access. |
189 | PCI: Guardium SQL Guard Audit Configuration Changes | Displays all configuration changes on the Guardium SQL Guard Audit database. |
190 | PCI: Guardium SQL Guard Audit Data Access | Displays all select statements made on Guardium SQL Audit Server. |
191 | PCI: Guardium SQL Guard Audit Logins | Displays all login attempts to the Guardium SQL Server Audit database. |
192 | PCI: Guardium SQL Guard Configuration Changes | Displays all configuration changes on the Guardium SQL Guard database. |
193 | PCI: Guardium SQL Guard Data Access | Displays all select statements made on Guardium SQL Server. |
194 | PCI: Group Activities on NetApp Filer Audit | Displays all group activities on NetApp Filer Audit to ensure authorized and appropriate access. |
195 | PCI: Group Activities on Symantec Endpoint Protection | Displays all group activities on Symantec Endpoint Protection to ensure authorized and appropriate access. |
196 | PCI: Guardium SQL Guard Logins | Displays all login attempts to the Guardium SQL Server database. |
197 | PCI: Files Accessed through Pulse Connect Secure | Displays all files accessed through Pulse Connect Secure. |
198 | PCI: HP NonStop Audit Configuration Changes | Displays all audit configuration changes on HP NonStop. |
199 | PCI: HP NonStop Audit Login Failed | Displays all HP NonStop Audit login events which have failed. |
200 | PCI: HP NonStop Audit Login Successful | Displays all HP NonStop Audit login events which have succeeded. |
201 | PCI: HP NonStop Audit Object Changes | Displays HP NonStop Audit events related to object changes. |
202 | PCI: HP NonStop Audit Permissions Changed | Displays all permission modification activities on HP NonStop Audit to ensure authorized access. |
203 | PCI: i5/OS DST Password Reset | Displays i5/OS events related to the reset of the DST (Dedicated Service Tools) password. |
204 | PCI: i5/OS Files Accessed | Lists all events when a user gains access an i5/OS file. |
205 | PCI: i5/OS Network User Login Failed | Lists all events when a network user was denied access into the i5/OS. |
206 | PCI: i5/OS Network User Login Successful | Lists all events when a network user successfully logs into the i5/OS. |
207 | PCI: i5/OS Network User Profile Creation | Displays i5/OS events when a network user profile has been created. |
208 | PCI: i5/OS Network User Profile Deletion | Displays i5/OS events when a network user profile has been deleted. |
209 | PCI: i5/OS Network User Profile Modified | Displays i5/OS events when a network user profile has been modified. |
210 | PCI: i5/OS Object Permissions Modified | Displays all permission modification activities on i5/OS to ensure authorized access. |
211 | PCI: i5/OS Restarted | Lists all events when the i5/OS has been restarted. |
212 | PCI: i5/OS Service Started | Lists all events when a user starts a service on the i5/OS. |
213 | PCI: i5/OS User Login Failed | Lists all events when a user was denied access into the i5/OS. |
214 | PCI: i5/OS User Login Successful | Lists all events when a user successfully logs into the i5/OS. |
215 | PCI: i5/OS User Profile Creation | Displays i5/OS events when a user profile has been created. |
216 | PCI: i5/OS User Profile Modifications | Displays i5/OS events when a user profile has been modified. |
217 | PCI: Juniper Firewall HA State Changed | Displays all Juniper Firewall fail-over state change events. |
218 | PCI: Juniper Firewall Policy Changed | Displays all configuration changes to the Juniper Firewall policies. |
219 | PCI: Juniper Firewall Policy Out of Sync | Displays events that indicate the Juniper Firewall's HA policies are out of sync. |
220 | PCI: Juniper Firewall Reset Accepted | Displays events that indicate the Juniper Firewall has been reset to its factory default state. |
221 | PCI: Juniper Firewall Reset Imminent | Displays events that indicate the Juniper Firewall will be reset to its factory default state. |
222 | PCI: Juniper Firewall Restarted | Displays all Juniper Firewall restart events. |
223 | PCI: Juniper SSL VPN (Secure Access) Failed Logins by User | Displays all failed Juniper SSL VPN (Secure Access) logins based on user. |
224 | PCI: Juniper SSL VPN (Secure Access) Successful Logins by User | Displays all successful Juniper SSL VPN (Secure Access) logins based on user. |
225 | PCI: Juniper SSL VPN Failed Logins by User | Displays all failed logins per user at the Juniper SSL VPN. |
226 | PCI: Juniper SSL VPN Successful Logins by User | Displays all successful Juniper SSL VPN logins based on user. |
227 | PCI: Logins by Authentication Type | Displays all logins categorized by the authentication type. |
228 | PCI: LogLogic Disk Full | Displays events that indicate the LogLogic appliance's disk is near full. |
229 | PCI: LogLogic DSM Configuration Changes | Displays all configuration changes on the LogLogic DSM database. |
230 | PCI: LogLogic DSM Data Access | Displays all select statements made on LogLogic DSM database. |
231 | PCI: LogLogic DSM Logins | Displays all login attempts to the LogLogic DSM database. |
232 | PCI: LogLogic File Retrieval Errors | Displays all errors while retrieving log files from devices, servers and applications. |
233 | PCI: LogLogic HA State Changed | Displays all LogLogic appliance failover state change events. |
234 | PCI: LogLogic Management Center Account Activities | Displays all accounts activities on LogLogic management center to ensure authorized and appropriate access. |
235 | PCI: LogLogic Management Center Login | Displays all login events to the LogLogic management center. |
236 | PCI: LogLogic Management Center Password Changes | Displays all password change activities on LogLogic management center to ensure authorized and appropriate access. |
237 | PCI: LogLogic Management Center Upgrade Success | Displays all successful events related to the system's upgrade. |
238 | PCI: LogLogic Message Routing Errors | Displays all log forwarding errors on the LogLogic appliance to ensure all logs are archived properly. |
239 | PCI: LogLogic Universal Collector Configuration Changes | Displays LogLogic universal collector configuration changes. |
240 | PCI: McAfee AntiVirus: Attacks by Event ID | Displays McAfee AntiVirus attacks by Event ID. |
241 | PCI: McAfee AntiVirus: Attacks by Threat Name | Displays McAfee AntiVirus attacks by threat name. |
242 | PCI: McAfee AntiVirus: Attacks Detected | Displays attacks detected by McAfee AntiVirus. |
243 | PCI: Microsoft Operations Manager - Windows Accounts Activities | Displays all accounts activities on Windows servers to ensure authorized and appropriate access. |
244 | PCI: Microsoft Operations Manager - Windows Accounts Created | Displays all accounts created on Windows servers to ensure authorized and appropriate access. |
245 | PCI: Microsoft Operations Manager - Windows Accounts Enabled | Displays all accounts enabled on Windows servers to ensure authorized and appropriate access. |
246 | PCI: Microsoft Operations Manager - Windows Password Changes | Displays all password change activities on Windows servers to ensure authorized and appropriate access. |
247 | PCI: Microsoft Operations Manager - Windows Permissions Modified | Displays all permission modification activities on Windows servers to ensure authorized access. |
248 | PCI: Microsoft Operations Manager - Windows Policies Modified | Displays all policy modification activities on Windows servers to ensure authorized and appropriate access. |
249 | PCI: Microsoft Operations Manager - Windows Servers Restarted | Displays all Windows server restart activities to detect unusual activities. |
250 | PCI: Microsoft Sharepoint Content Deleted | Displays all events when content has been deleted from Microsoft Sharepoint. |
251 | PCI: Microsoft Sharepoint Content Updates | Displays all events when content is updated within Microsoft Sharepoint. |
252 | PCI: Microsoft Sharepoint Permissions Changed | Displays all user/group permission events to Microsoft Sharepoint. |
253 | PCI: Microsoft Sharepoint Policy Add, Remove, or Modify | Displays all events when a Microsoft Sharepoint policy is added, removed, or modified. |
254 | PCI: Microsoft SQL Server Configuration Changes | Displays Microsoft SQL database configuration changes. |
255 | PCI: Microsoft SQL Server Data Access | Displays data access events on Microsoft SQL Server databases. |
256 | PCI: Microsoft SQL Server Database Failed Logins | Displays failed Microsoft SQL Server database logins. |
257 | PCI: Microsoft SQL Server Database Successful Logins | Displays successful Microsoft SQL Server database logins. |
258 | PCI: Microsoft SQL Server Database Permission Events | Displays events related to Microsoft SQL Server database permission modifications. |
259 | PCI: Microsoft SQL Server Database User Additions and Deletions | Displays Microsoft SQL Server events related to creation and deletion of database users. |
260 | PCI: Microsoft SQL Server Password Changes | Displays password changes for Microsoft SQL Server database accounts. |
261 | PCI: NetApp Filer Accounts Locked | Displays all accounts locked out of NetApp Filer to detect access violations or unusual activities. |
262 | PCI: NetApp Filer Audit Accounts Enabled | Displays all accounts enabled on NetApp Filer Audit to ensure authorized and appropriate access. |
263 | PCI: NetApp Filer Audit Login Failed | Displays all NetApp Filer Audit Login events which have failed. |
264 | PCI: NetApp Filer Audit Login Successful | Displays all NetApp Filer Audit Login events which have succeeded. |
265 | PCI: NetApp Filer Audit Logs Cleared | Displays all audit logs clearing activities on NetApp Filer Audit to detect access violations or unusual activity. |
266 | PCI: NetApp Filer Audit Policies Modified | Displays all policy modification activities on NetApp Filer Audit to ensure authorized and appropriate access. |
267 | PCI: NetApp Filer Disk Failure | Displays all disk failure events on the NetApp Filer servers. |
268 | PCI: NetApp Filer File Activity | Displays all file activities on NetApp Filer. |
269 | PCI: NetApp Filer File System Full | Displays events that indicate the NetApp Filer's disk is near full. |
270 | PCI: NetApp Filer Login Failed | Displays all NetApp Filer Login events which have failed. |
271 | PCI: NetApp Filer Login Successful | Displays all NetApp Filer Login events which have succeeded. |
272 | PCI: NetApp Filer Password Changes | Displays all password change activities on NetApp Filer to ensure authorized and appropriate access. |
273 | PCI: NetApp Filer Disk Missing | Displays events that indicate disk missing on the NetApp Filer servers. |
274 | PCI: NetApp Filer Snapshot Error | Displays events that indicate backup on the NetApp Filer has failed. |
275 | PCI: Oracle Database Configuration Changes | Displays Oracle database configuration changes. |
276 | PCI: Oracle Database Data Access | Displays data access events on Oracle databases. |
277 | PCI: Oracle Database Failed Logins | Displays all failed login attempts to the Oracle database. |
278 | PCI: Oracle Database Successful Logins | Displays successful Oracle database logins. |
279 | PCI: Oracle Database Permission Events | Displays events related to Oracle Server database role and privilege management. |
280 | PCI: Oracle Database User Additions and Deletions | Displays Oracle database events related to creation and deletion of database users. |
281 | PCI: PANOS: Attacks by Event ID | Displays Palo Alto Networks attacks by Event ID. |
282 | PCI: PANOS: Attacks by Threat Name | Displays Palo Alto Networks attacks by threat name. |
283 | PCI: PANOS: Attacks Detected | Displays attacks detected by Palo Alto Networks. |
284 | PCI: Password Changes on Windows Servers | Displays all password change activities on Windows servers to ensure authorized and appropriate access. |
285 | PCI: Periodic Review of Log Reports | Displays all review activities performed by administrators to ensure review for any access violations. |
286 | PCI: Periodic Review of User Access Logs | Displays all review activities performed by administrators to ensure review for any access violations. |
287 | PCI: Permissions Modified on Windows Servers | Displays all permission modification activities on Windows Servers to ensure authorized access. |
288 | PCI: Policies Modified on Windows Servers | Displays all policy modification activities on Windows servers to ensure authorized and appropriate access. |
289 | PCI: Pulse Connect Secure Failed Logins by User | Displays all failed Pulse Connect Secure logins based on user. |
290 | PCI: Pulse Connect Secure Policy Changed | Displays all configuration changes to the Pulse Connect Secure policies. |
291 | PCI: Pulse Connect Secure Successful Logins by User | Displays all successful Pulse Connect Secure logins based on user. |
292 | PCI: RACF Accounts Created | Displays all accounts created on RACF servers to ensure authorized and appropriate access. |
293 | PCI: RACF Accounts Deleted | Displays all accounts deleted on RACF servers to ensure authorized and appropriate access. |
294 | PCI: RACF Accounts Modified | Displays all events when a network user profile has been modified. |
295 | PCI: RACF Failed Logins | Displays all failed login attempts to review any access violations or unusual activity. |
296 | PCI: RACF Files Accessed | Displays all files accessed on RACF servers to ensure appropriate access. |
297 | PCI: RACF Password Changed | Displays all password change activities on RACF servers to ensure authorized and appropriate access. |
298 | PCI: RACF Permissions Changed | Displays all permission modification activities on RACF to ensure authorized access. |
299 | PCI: RACF Process Started | Displays all processes started on the RACF servers. |
300 | PCI: RACF Successful Logins | Displays successful logins to ensure only authorized personnel have access. |
301 | PCI: Root Logins | Displays root logins. |
302 | PCI: Sidewinder Configuration Changes | Displays Sidewinder configuration changes. |
303 | PCI: Software Update Successes on i5/OS | Displays all i5/OS successful events related to the system’s software or patch update. |
304 | PCI: Successful Logins | Displays successful logins to ensure only authorized personnel have access. |
305 | PCI: Sybase ASE Database Configuration Changes | Displays configuration changes to the Sybase database. |
306 | PCI: Sybase ASE Database Data Access | Displays Sybase ASE events involving the SELECT statement. |
307 | PCI: Sybase ASE Database User Additions and Deletions | Displays Sybase database events related to creation and deletion of database users. |
308 | PCI: Sybase ASE Failed Logins | Displays failed Sybase ASE database logins. |
309 | PCI: Sybase ASE Successful Logins | Displays successful Sybase ASE database logins. |
310 | PCI: Symantec AntiVirus: Attacks by Threat Name | Displays Symantec AntiVirus attacks by threat name. |
311 | PCI: Symantec AntiVirus: Attacks Detected | Displays attacks detected by Symantec AntiVirus. |
312 | PCI: Symantec AntiVirus: Scans | Displays scans using Symantec AntiVirus. |
313 | PCI: Symantec AntiVirus: Updated | Displays updates to Symantec AntiVirus. |
314 | PCI: Symantec Endpoint Protection: Attacks by Threat Name | Displays Symantec Endpoint Protection attacks by threat name. |
315 | PCI: Symantec Endpoint Protection: Attacks Detected | Displays attacks detected by Symantec Endpoint Protection. |
316 | PCI: Symantec Endpoint Protection Configuration Changes | Displays Symantec Endpoint Protection configuration changes. |
317 | PCI: Symantec Endpoint Protection Password Changes | Displays all password change activities on Symantec Endpoint Protection to ensure authorized and appropriate access. |
318 | PCI: Symantec Endpoint Protection Policy Add, Remove, or Modify | Displays all events when a Symantec Endpoint Protection policy is added, removed, or modified. |
319 | PCI: Symantec Endpoint Protection: Updated | Displays updates to Symantec Endpoint Protection. |
320 | PCI: Symantec Endpoint Protection: Scans | Displays scans using Symantec Endpoint Protection. |
321 | PCI: TIBCO ActiveMatrix Administrator Failed Logins | Displays all TIBCO ActiveMatrix Administrator login events which have failed. |
322 | PCI: TIBCO ActiveMatrix Administrator Permission Changes | Displays events related to TIBCO ActiveMatrix Administrator permission modifications. |
323 | PCI: TIBCO ActiveMatrix Administrator Successful Logins | Displays successful logins to TIBCO ActiveMatrix Administrator to ensure only authorized personnel have access. |
324 | PCI: TIBCO Administrator Password Changes | Displays all password change activities on TIBCO Administrator to ensure authorized and appropriate access. |
325 | PCI: TIBCO Administrator Permission Changes | Displays events related to TIBCO Administrator permission modifications. |
326 | PCI: System Restarted | Displays all logs related to system restarts. |
327 | PCI: TrendMicro Control Manager: Attacks Detected | Displays attacks detected by TrendMicro Control Manager. |
328 | PCI: TrendMicro Control Manager: Attacks Detected by Threat Name | Displays attacks detected by TrendMicro Control Manager by threat name. |
329 | PCI: TrendMicro OfficeScan: Attacks Detected | Displays attacks detected by TrendMicro OfficeScan. |
330 | PCI: TrendMicro OfficeScan: Attacks Detected by Threat Name | Displays attacks detected by TrendMicro OfficeScan by threat name. |
331 | PCI: Tripwire Modifications, Additions, and Deletions | Displays system modifications, additions, and deletions detected by Tripwire. |
332 | PCI: Unauthorized Logins | Displays all logins from unauthorized users to ensure appropriate access to data. |
333 | PCI: Unencrypted Network Services - Check Point | Displays Check Point firewall traffic containing unencrypted network services. |
334 | PCI: Unencrypted Network Services - Cisco ASA | Displays Cisco ASA firewall traffic containing unencrypted network services. |
335 | PCI: Unencrypted Network Services - Cisco FWSM | Displays Cisco FWSM firewall traffic containing unencrypted network services. |
336 | PCI: Unencrypted Network Services - Cisco IOS | Displays Cisco IOS firewall traffic containing unencrypted network services. |
337 | PCI: Unencrypted Network Services - Cisco Netflow | Displays Cisco Netflow traffic containing unencrypted network services. |
338 | PCI: Unencrypted Network Services - Cisco PIX | Displays Cisco PIX firewall traffic containing unencrypted network services. |
339 | PCI: Unencrypted Network Services - Fortinet | Displays Fortinet firewall traffic containing unencrypted network services. |
340 | PCI: Unencrypted Network Services - Juniper Firewall | Displays Juniper Firewall traffic containing unencrypted network services. |
341 | PCI: Unencrypted Network Services - Juniper JunOS | Displays Juniper JunOS firewall traffic containing unencrypted network services. |
342 | PCI: Unencrypted Network Services - Juniper RT Flow | Displays Juniper RT Flow firewall traffic containing unencrypted network services. |
343 | PCI: Unencrypted Network Services - Nortel | Displays Nortel firewall traffic containing unencrypted network services. |
344 | PCI: Unencrypted Network Services - PANOS | Displays Palo Alto Networks firewall traffic containing unencrypted network services. |
345 | PCI: Unencrypted Network Services - Sidewinder | Displays Sidewinder firewall traffic containing unencrypted network services. |
346 | PCI: Unencrypted Network Services - VMware vShield | Displays VMware vShield firewall traffic containing unencrypted network services. |
347 | PCI: UNIX Failed Logins | Displays failed UNIX logins for known and unknown users. |
348 | PCI: vCenter Change Attributes | Modification of VMware vCenter and VMware ESX properties. |
349 | PCI: vCenter Data Move | Entity has been moved within the VMware vCenter infrastructure. |
350 | PCI: vCenter Datastore Events | Displays create, modify, and delete datastore events on VMware vCenter. |
351 | PCI: vCenter Failed Logins | Failed logins to the VMware vCenter console. |
352 | PCI: vCenter Orchestrator Change Attributes | Modification of VMware vCenter Orchestrator properties. |
353 | PCI: vCenter Orchestrator Datastore Events | Displays create, modify, and delete datastore events on VMware vCenter Orchestrator. |
354 | PCI: vCenter Orchestrator Data Move | Entity has been moved within the VMware vCenter Orchestrator infrastructure. |
355 | PCI: vCenter Orchestrator Failed Logins | Displays all failed logins for VMware vCenter Orchestrator. |
356 | PCI: vCenter Orchestrator Virtual Machine Created | Virtual machine has been created from VMware vCenter Orchestrator. |
357 | PCI: vCenter Orchestrator Virtual Machine Deleted | Virtual machine has been deleted from VMware vCenter Orchestrator. |
358 | PCI: vCenter Orchestrator Virtual Machine Shutdown | Virtual machine has been shutdown or paused from VMware vCenter Orchestrator console. |
359 | PCI: vCenter Orchestrator Virtual Machine Started | Virtual machine has been started or resumed from VMware vCenter Orchestrator console. |
360 | PCI: vCenter Orchestrator vSwitch Added, Changed or Removed | vSwitch has been added, modified or removed from VMware vCenter Orchestrator console. |
361 | PCI: vCenter Modify Firewall Policy | Displays changes to the VMware ESX allowed services firewall policy. |
362 | PCI: vCenter Resource Usage Change | Resources have changed on VMware vCenter. |
363 | PCI: vCenter Restart ESX Services | VMware vCenter restarted services running on VMware ESX Server. |
364 | PCI: vCenter Shutdown or Restart of ESX Server | VMware ESX Server is shutdown or restarted from VMware vCenter console. |
365 | PCI: vCenter Successful Logins | Successful logins to the VMware vCenter console. |
366 | PCI: vCenter User Permission Change | A permission role has been added, changed, removed, or applied to a user on VMware vCenter server. |
367 | PCI: vCenter Virtual Machine Created | Virtual machine has been created from VMware vCenter console. |
368 | PCI: vCenter Virtual Machine Deleted | Virtual machine has been deleted or removed from VMware vCenter console. |
369 | PCI: vCenter Virtual Machine Shutdown | Virtual machine has been shutdown or paused from VMware vCenter console. |
370 | PCI: vCenter Virtual Machine Started | Virtual machine has been started or resumed from VMware vCenter console. |
371 | PCI: vCenter vSwitch Added, Changed or Removed | vSwitch on VMware ESX server has been added, modified or removed from the VMware vCenter console. |
372 | PCI: vCloud Failed Logins | Failed logins to the VMware vCloud Director console. |
373 | PCI: vCloud Organization Created | VMware vCloud Director organization created events. |
374 | PCI: vCloud Organization Deleted | VMware vCloud Director organization deleted events. |
375 | PCI: vCloud Organization Modified | VMware vCloud Director organization modified events. |
376 | PCI: vCloud Successful Logins | Successful logins to the VMware vCloud Director console. |
377 | PCI: vCloud User Created | VMware vCloud Director user created events. |
378 | PCI: vCloud User Deleted or Removed | VMware vCloud Director users have been deleted or removed from the system. |
379 | PCI: vCloud vApp Created, Modified, or Deleted | VMware vCloud Director vApp created, deleted, and modified events. |
380 | PCI: vCloud vDC Created, Modified, or Deleted | VMware vCloud Director virtual datacenter created, modified, or deleted events. |
381 | PCI: VPN Users Accessing Corporate Network | Displays all users logging into the corporate network via Virtual Private Network to ensure appropriate access. |
382 | PCI: vShield Edge Configuration Changes | Displays changes to VMware vShield Edge policies. |
383 | PCI: Web Access to Applications - Fortinet | Displays all web-based access to applications to ensure appropriate and authorized access on Fortinet. |
384 | PCI: Web Access to Applications - F5 BIG-IP TMOS | Displays all web-based access to applications to ensure appropriate and authorized access on F5 BIG-IP TMOS. |
385 | PCI: Web Access to Applications - Microsoft IIS | Displays all web-based access to applications to ensure appropriate and authorized access on Microsoft IIS. |
386 | PCI: Web Access to Applications - PANOS | Displays all web-based access to applications to ensure appropriate and authorized access on Palo Alto Networks. |
387 | PCI: Web Access to Applications | Displays all web-based access to applications to ensure appropriate and authorized access. |
388 | PCI: Windows Accounts Enabled | Displays all accounts enabled on Windows servers to ensure authorized and appropriate access. |
389 | PCI: Windows Accounts Locked | Displays all accounts locked out of Windows servers to detect access violations or unusual activities. |
390 | PCI: Windows Audit Logs Cleared | Displays all audit logs clearing activities on Windows servers to detect access violations or unusual activity. |
391 | PCI: Windows New Services Installed | Displays a list of new services installed on Windows servers to ensure authorized access. |
392 | PCI: Windows Servers Restarted | Displays all Windows server restart activities to detect unusual activities. |
393 | PCI: Windows Software Update Activities | Displays all events related to the system’s software or patch update. |
394 | PCI: Windows Software Update Failures | Displays all failed events related to the system’s software or patch update. |
395 | PCI: Windows Software Update Successes | Displays all successful events related to the system’s software or patch update. |
Copyright © Cloud Software Group, Inc. All rights reserved.