TIBCO LogLogic Reports and Filter Bloks for Sarbanes-Oxley and COBIT 2019
The following table lists the reports included in LogLogic Compliance Suite - Sarbanes-Oxley Edition and COBIT 2019.
| # | Real-time Report Name | Advanced Filter Blok Name | Report Description | Regulation Item Numbers |
|---|---|---|---|---|
| 1 | Not Applicable | COBIT_Amazon_Cloudtrail_Successful_Logins | Displays all Amazon CloudTrail successful logins. | APO01.02, APO07.01, DSS05.04, DSS05.02, BAI10.04, BAI10.05, BAI02.05 |
| 2 | Not Applicable | COBIT_Amazon_Cloudtrail_Change_Events | Displays all Amazon CloudTrail change events. | DSS03.10, BAI06.01, BAI06.02, BAI06.03, BAI06.04 |
| 3 | Not Applicable | COBIT_Amazon_Cloudtrail_Create_Events | Displays all Amazon CloudTrail create events. | APO01.02, APO07.01, DSS05.04, DSS05.04 |
| 4 | Not Applicable | COBIT_Amazon_Cloudtrail_Delete_Events | Displays all Amazon CloudTrail delete events. | APO07.01, DSS05.04 |
| 5 | Not Applicable | COBIT_Amazon_Cloudtrail_Failed_Logins | Displays all Amazon CloudTrail failed logins. | APO07.01, DSS05.04 |
| 6 | COBIT: Account Activities on UNIX Servers | COBIT_Account_Activities_on_UNIX_Servers | Displays all accounts activities on UNIX servers to ensure authorized and appropriate access. | APO01.02, APO07.01, DSS05.04, DSS05.04 |
| 7 | COBIT: Account Activities on Windows Servers | COBIT_Account_Activities_on_Windows_Servers | Displays all accounts activities on Windows servers to ensure authorized and appropriate access. | APO01.02, APO07.01, DSS05.04, DSS05.04 |
| 8 | COBIT: Accounts Changed on NetApp Filer | COBIT_Accounts_Changed_on_NetApp_Filer | Displays all accounts changed on NetApp Filer to ensure authorized and appropriate access. | APO07.01, DSS05.04 |
| 9 | COBIT: Accounts Changed on TIBCO Administrator | COBIT_Accounts_Changed_on_TIBCO_Administrator | Displays all accounts changed on TIBCO Administrator to ensure authorized and appropriate access. | APO07.01, DSS05.04 |
| 10 | COBIT: Accounts Changed on TIBCO ActiveMatrix Administrator | COBIT_Accounts_Changed_on_TIBCO_ActiveMatrix_Administrator | Displays all accounts changed on TIBCO ActiveMatrix Administrator to ensure authorized and appropriate access. | APO07.01, DSS05.04 |
| 11 | COBIT: Accounts Changed on UNIX Servers | COBIT_Accounts_Changed_on_UNIX_Servers | Displays all accounts changed on UNIX servers to ensure authorized and appropriate access. | APO07.01, DSS05.04 |
| 12 | COBIT: Accounts Changed on Windows Servers | COBIT_Accounts_Changed_on_Windows_Servers | Displays all accounts changed on Windows servers to ensure authorized and appropriate access. | APO07.01, DSS05.04 |
| 13 | COBIT: Accounts Created on NetApp Filer | COBIT_Accounts_Created_on_NetApp_Filer | Displays all accounts created on NetApp Filer to ensure authorized and appropriate access. | APO01.02, APO07.01, DSS05.04, DSS05.04 |
| 14 | COBIT: Accounts Created on NetApp Filer Audit | COBIT_Accounts_Created_on_NetApp_Filer_Audit | Displays all accounts created on NetApp Filer Audit to ensure authorized and appropriate access. | APO01.02, APO07.01, DSS05.04, DSS05.04 |
| 15 | COBIT: Accounts Created on Symantec Endpoint Protection | COBIT_Accounts_Created_on_Symantec_Endpoint_Protection | Displays all accounts created on Symantec Endpoint Protection to ensure authorized and appropriate access. | APO01.02, APO07.01, DSS05.04, DSS05.04 |
| 16 | COBIT: Accounts Created on TIBCO Administrator | COBIT_Accounts_Created_on_TIBCO_Administrator | Displays all accounts created on TIBCO Administrator to ensure authorized and appropriate access. | APO01.02, APO07.01, DSS05.04, DSS05.04 |
| 17 | COBIT: Accounts Created on TIBCO ActiveMatrix Administrator | COBIT_Accounts_Created_on_TIBCO_ActiveMatrix_Administrator | Displays all accounts created on TIBCO ActiveMatrix Administrator to ensure authorized and appropriate access. | APO01.02, APO07.01, DSS05.04, DSS05.04 |
| 18 | COBIT: Accounts Created on UNIX Servers | COBIT_Accounts_Created_on_UNIX_Servers | Displays all accounts created on UNIX servers to ensure authorized and appropriate access. | APO01.02, APO07.01, DSS05.04, DSS05.04 |
| 19 | COBIT: Accounts Created on Windows Servers | COBIT_Accounts_Created_on_Windows_Servers | Displays all accounts created on Windows servers to ensure authorized and appropriate access. | APO01.02, APO07.01, DSS05.04, DSS05.04 |
| 20 | COBIT: Accounts Deleted on NetApp Filer | COBIT_Accounts_Deleted_on_NetApp_Filer | Displays all accounts deleted on NetApp Filer to ensure authorized and appropriate access. | APO07.01, DSS05.04 |
| 21 | COBIT: Accounts Deleted on NetApp Filer Audit | COBIT_Accounts_Deleted_on_NetApp_Filer_Audit | Displays all accounts deleted on NetApp Filer Audit to ensure authorized and appropriate access. | APO07.01, DSS05.04 |
| 22 | COBIT: Accounts Deleted on
Symantec Endpoint Protection |
COBIT_Accounts_Deleted_on_Symantec_Endpoint_Protection | Displays all accounts deleted on Symantec Endpoint Protection to ensure authorized and appropriate access. | APO07.01, DSS05.04 |
| 23 | COBIT: Accounts Deleted on TIBCO Administrator | COBIT_Accounts_Deleted_on_TIBCO_Administrator | Displays all accounts deleted on TIBCO Administrator to ensure authorized and appropriate access. | APO07.01, DSS05.04 |
| 24 | COBIT: Accounts Deleted on
TIBCO ActiveMatrix Administrator |
COBIT_Accounts_Deleted_on_TIBCO_ActiveMatrix_Administrator | Displays all accounts deleted on TIBCO ActiveMatrix Administrator to ensure authorized and appropriate access. | APO07.01, DSS05.04 |
| 25 | COBIT: Accounts Deleted on UNIX Servers | COBIT_Accounts_Deleted_on_UNIX_Servers | Displays all accounts deleted on UNIX servers to ensure authorized and appropriate access. | APO07.01, DSS05.04 |
| 26 | COBIT: Accounts Deleted on Windows Servers | COBIT_Accounts_Deleted_on_Windows_Servers | Displays all accounts deleted on Windows servers to ensure authorized and appropriate access. | APO07.01, DSS05.04 |
| 27 | COBIT: Active Connections for Cisco ASA | Not Applicable | Displays all currently active firewall connections for Cisco ASA. | DSS05.02 |
| 28 | COBIT: Active Connections for Cisco FWSM | Not Applicable | Displays all currently active firewall connections for Cisco FWSM. | DSS05.02 |
| 29 | COBIT: Active Directory System Changes | COBIT_Active_Directory_System_Changes | Displays changes made within Active Directory. | APO01.02, BAI03.05, BAI03.01, BAI03.02, BAI03.02, BAI03.05, DSS02.03, DSS03.10, BAI06.01, BAI06.02, BAI06.03, BAI06.04, DSS06.05 |
| 30 | COBIT: Active VPN Connections for Cisco VPN Concentrators |
Not Applicable | Displays all currently active VPN connections for Cisco VPN Concentrators. | APO07.01 |
| 31 | COBIT: Active VPN Connections for Nortel Contivity | Not Applicable | Displays all currently active VPN connections for Nortel Contivity VPN devices. | APO07.01 |
| 32 | COBIT: Administrator Logins on Windows Servers | COBIT_Administrator_Logins_on_Windows_Servers | Displays all logins with the administrator account on Windows servers. | APO01.02 |
| 33 | COBIT: Allowed URLs by Source Ips | Not Applicable | Displays successful access to URLs by source IP addresses. | DSS05.02 |
| 34 | COBIT: Allowed URLs by Source IPs - F5 BIG-IP TMOS |
COBIT_Allowed_URLs_by_Source_IPs_F5_BIG-IP_TMOS | Displays successful access to URLs by source IP addresses on F5 BIG-IP TMOS. | DSS05.02 |
| 35 | COBIT: Allowed URLs by Source IPs - Microsoft IIS | Not Applicable | Displays successful access to URLs by source IP addresses on Microsoft IIS. | DSS05.02 |
| 36 | COBIT: Allowed URLs by Source Users | Not Applicable | Displays successful access to URLs by source users. | DSS05.02 |
| 37 | COBIT: Allowed URLs by Source Users - F5 BIG-IP TMOS | COBIT_Allowed_URLs_by_Source_Users_F5_BIG-IP_TMOS | Displays successful access to URLs by source users on F5 BIG-IP TMOS. | DSS05.02 |
| 38 | COBIT: Allowed URLs by Source Users - Microsoft IIS | Not Applicable | Displays successful access to URLs by source users on Microsoft IIS. | DSS05.02 |
| 39 | COBIT: Applications Under Attack | Not Applicable | Displays all applications under attack as well as the attack signatures. | DSS05.02 |
| 40 | COBIT: Applications Under Attack - Cisco IOS | COBIT_Applications_Under_Attack_Cisco_IOS | Displays all applications under attack as well as the attack signatures by Cisco IOS. | DSS05.02 |
| 41 | COBIT: Applications Under Attack - FireEye MPS | COBIT_Applications_Under_Attack_FireEye_MPS | Displays all applications under attack as well as the attack signatures by FireEye MPS. | DSS05.02 |
| 42 | COBIT: Applications Under Attack - ISS SiteProtector | COBIT_Applications_Under_Attack_ISS_SiteProtector | Displays all applications under attack as well as the attack signatures by ISS SiteProtector. | DSS05.02 |
| 43 | COBIT: Applications Under Attack - SiteProtector | COBIT_Applications_Under_Attack_SiteProtector | Displays all applications under attack as well as the attack signatures by SiteProtector. | DSS05.02 |
| 44 | COBIT: Applications Under
Attack - Sourcefire Defense Center |
COBIT_Applications_Under_Attack_Cisco_FirePower | Displays all applications under attack as well as the attack signatures by Cisco FirePower and Sourcefire Defense Center. | DSS05.02 |
| 45 | COBIT: Attackers by Service | Not Applicable | Displays all attack source IP address and service ports. | DSS05.02 |
| 46 | COBIT: Attackers by Service - Cisco IOS | COBIT_Attackers_by_Service_Cisco_IOS | Displays all attack source IP address and service ports by Cisco IOS. | DSS05.02 |
| 47 | COBIT: Attackers by Service - FireEye MPS | COBIT_Attackers_by_Service_FireEye_MPS | Displays all attack source IP address and service ports by FireEye MPS. | DSS05.02 |
| 48 | COBIT: Attackers by Service - ISS SiteProtector | COBIT_Attackers_by_Service_ISS_SiteProtector | Displays all attack source IP address and service ports by ISS SiteProtector. | DSS05.02 |
| 49 | COBIT: Attackers by Service - SiteProtector | COBIT_Attackers_by_Service_SiteProtector | Displays all attack source IP address and service ports by SiteProtector. | DSS05.02 |
| 50 | COBIT: Attackers by Service - Sourcefire Defense Center | COBIT_Attackers_by_Service_Cisco_FirePower | Displays all attack source IP address and service ports by Sourcefire Defense Center and Cisco FirePower | DSS05.02 |
| 51 | COBIT: Attackers by Signature | Not Applicable | Displays all attack source IP address and signatures. | DSS05.02 |
| 52 | COBIT: Attackers by Signature - Cisco IOS | COBIT_Attackers_by_Signature_Cisco_IOS | Displays all attack source IP address and signatures by Cisco IOS. | DSS05.02 |
| 53 | COBIT: Attackers by Signature - FireEye MPS | COBIT_Attackers_by_Signature_FireEye_MPS | Displays all attack source IP address and signatures by FireEye MPS. | DSS05.02 |
| 54 | COBIT: Attackers by Signature - ISS SiteProtector | COBIT_Attackers_by_Signature_ISS_SiteProtector | Displays all attack source IP address and signatures by ISS SiteProtector. | DSS05.02 |
| 55 | COBIT: Attackers by Signature - SiteProtector | COBIT_Attackers_by_Signature_SiteProtector | Displays all attack source IP address and signatures by SiteProtector. | DSS05.02 |
| 56 | COBIT: Attackers by Signature - Sourcefire Defense Center | COBIT_Attackers_by_Signature_Cisco_FirePower | Displays all attack source IP address and signatures by Sourcefire Defense Center and Cisco FirePower | DSS05.02 |
| 57 | COBIT: Attacks Detected | Not Applicable | Displays all IDS attacks detected to servers and applications. | DSS05.02 |
| 58 | COBIT: Attacks Detected - Cisco IOS | COBIT_Attacks_Detected_Cisco_IOS | Displays all IDS attacks detected to servers and applications by Cisco IOS. | DSS05.02 |
| 59 | COBIT: Attacks Detected - HIPS | COBIT_Attacks_Detected_HIPS | Displays all IDS attacks detected to servers and applications. | DSS05.02 |
| 60 | COBIT: Attacks Detected - ISS SiteProtector | COBIT_Attacks_Detected_ISS_SiteProtector | Displays all IDS attacks detected to servers and applications by ISS SiteProtector. | DSS05.02 |
| 61 | COBIT: Attacks Detected - SiteProtector | COBIT_Attacks_Detected_SiteProtector | Displays all IDS attacks detected to servers and applications by SiteProtector. | DSS05.02 |
| 62 | COBIT: Attacks Detected - Sourcefire Defense Center | COBIT_Attacks_Detected_Cisco_FirePower | Displays all IPS attacks detected to servers and applications by Cisco FirePower and Sourcefire Defense Center. | DSS05.02 |
| 63 | COBIT: Bandwidth Usage by User | Not Applicable | Displays users who are using the most bandwidth. | BAI04.04 |
| 64 | COBIT: Blocked URLs by Source Ips | Not Applicable | Displays URLs that have been blocked by source IP addresses. | DSS05.02 |
| 65 | COBIT: Blocked URLs by Source IPs - F5 BIG-IP TMOS | COBIT_Blocked_URLs_by_Source_IPs_F5_BIG-IP_TMOS | Displays URLs that have been blocked by source IP addresses on F5 BIG-IP TMOS. | DSS05.02 |
| 66 | COBIT: Blocked URLs by Source IPs - Microsoft IIS | Not Applicable | Displays URLs that have been blocked by source IP addresses on Microsoft IIS. | DSS05.02 |
| 67 | COBIT: Blocked URLs by Source Users | Not Applicable | Displays URLs that have been blocked by source users. | DSS05.02 |
| 68 | COBIT: Blocked URLs by Source Users - F5 BIG-IP TMOS | COBIT_Blocked_URLs_by _Source_Users_F5_BIG-IP_TMOS |
Displays URLs that have been blocked by source users on F5 BIG-IP TMOS. | DSS05.02 |
| 69 | COBIT: Blocked URLs by Source Users - Microsoft IIS | Not Applicable | Displays URLs that have been blocked by source users on Microsoft IIS. | DSS05.02 |
| 70 | COBIT: Check Point Configuration Changes | COBIT_Check_Point_Configuration_Changes | Displays all Check Point audit events related to configuration changes. | DSS03.10, BAI06.01, BAI06.02, BAI06.03, BAI06.04 |
| 71 | COBIT: Check Point Management Station Login | COBIT_Check_Point_Management_Station_Login | Displays all login events to the Check Point management station. | APO01.02, APO07.01, DSS05.04, DSS05.02, BAI10.04, BAI10.05, BAI02.05 |
| 72 | COBIT: Check Point Objects Created | COBIT_Check_Point_Objects_Created | Displays all Check Point audit events related to object creation in policies. | DSS02.03 |
| 73 | COBIT: Check Point Objects Deleted | COBIT_Check_Point_Objects_Deleted | Displays all Check Point audit events related to policy objects deleted. | DSS02.03 |
| 74 | COBIT: Check Point Objects Modified | COBIT_Check_Point_Objects_Modified | Displays all Check Point audit events related to policy objects modified. | BAI06.01, BAI06.02, BAI06.03, BAI06.04 |
| 75 | COBIT: Check Point SIC Revoked | COBIT_Check_Point_SIC_Revoked | Displays all Check Point audit events related to the security certificate being revoked. | DSS05.03 |
| 76 | COBIT: Cisco ESA: Attacks by Event ID | COBIT_Cisco_ESA_Attacks_by_Event_ID | Displays Cisco ESA attacks by Event ID. | DSS05.02 |
| 77 | COBIT: Cisco ESA: Attacks Detected | COBIT_Cisco_ESA_Attacks_Detected | Displays attacks detected by Cisco ESA. | DSS05.02 |
| 78 | COBIT: Cisco ESA: Attacks by Threat Name | COBIT_Cisco_ESA_Attacks_by_Threat_Name | Displays Cisco ESA attacks by threat name. | DSS05.02 |
| 79 | COBIT: Cisco ESA: Scans | COBIT_Cisco_ESA_Scans | Displays scans using Cisco ESA. | DSS05.02 |
| 80 | COBIT: Cisco ESA: Updated | COBIT_Cisco_ESA_Updated | Displays updates to Cisco ESA. | DSS03.10, BAI06.01, BAI06.02, BAI06.03, BAI06.04 |
| 81 | COBIT: Cisco Line Protocol Status Changes | COBIT_Cisco_Line_Protocol_Status_Changes | Displays all Cisco line protocol up and down events. | APO09.05, BAI04.04 |
| 82 | COBIT: Cisco Link Status Changes | COBIT_Cisco_Link_Status_Changes | Displays all Cisco link up and down events. | APO09.05, BAI04.04 |
| 83 | COBIT: Cisco ISE, ACS Accounts Created | COBIT_Cisco_ISE_ACS_Accounts_Created | Displays all accounts created on Cisco ISE and Cisco SecureACS to ensure authorized and appropriate access. | APO01.02, APO07.01, DSS05.04, DSS05.04 |
| 84 | COBIT: Cisco ISE, ACS Accounts Removed | COBIT_Cisco_ISE_ACS_Accounts_Removed | Displays all accounts removed on Cisco ISE and Cisco SecureACS to ensure authorized and appropriate access. | APO07.01, DSS05.04 |
| 85 | COBIT: Cisco ISE, ACS Configuration Changes | COBIT_Cisco_ISE_ACS_Configuration_Changes | Displays Cisco ISE and Cisco SecureACS configuration changes. | DSS03.10, BAI06.01, BAI06.02, BAI06.03, BAI06.04 |
| 86 | COBIT: Cisco ISE, ACS Password Changes | COBIT_Cisco_ISE_ACS_Password_Changes | Displays all password change activities on Cisco ISE and Cisco SecureACS to ensure authorized and appropriate access. | DSS05.04 |
| 87 | COBIT: Cisco Peer Reset/Reload | COBIT_Cisco_Peer_Reset_Reload | Displays all Cisco Peer reset and reload events. | DSS03.10, BAI06.01, BAI06.02, BAI06.03, BAI06.04, APO09.05, BAI04.04 |
| 88 | COBIT: Cisco Peer Supervisor Status Changes | COBIT_Cisco_Peer_Supervisor_Status_Changes | Displays all Cisco Peer Supervisor status changes. | DSS03.10, BAI06.01, BAI06.02, BAI06.03, BAI06.04, APO09.05, BAI04.04 |
| 89 | COBIT: Cisco ASA, FWSM Failover Disabled | COBIT_Cisco_ASA_FWSM_Failover_Disabled | Displays all logs related to disabling Cisco ASA and FWSM failover capability. | DSS03.10, AI6, APO09.05, APO10.05, BAI04.04 |
| 90 | COBIT: Cisco ASA, FWSM Failover Performed | COBIT_Cisco_ASA_FWSM_Failover_Performed | Displays all logs related to performing a Cisco ASA and FWSM failover. | DSS03.10, AI6, APO09.05, APO10.05, BAI04.04 |
| 91 | COBIT: Cisco ASA, FWSM Policy Changed | COBIT_Cisco_ASA_FWSM_Policy_Changed | Displays all configuration changes made to the Cisco ASA and FWSM devices. | BAI10.04, BAI10.05, BAI02.05 |
| 92 | COBIT: Cisco Routers and Switches Restart | COBIT_Cisco_Routers_and_Switches_Restart | Displays all Cisco ASA or FWSM restart activities to detect unusual activities. | DSS03.10, BAI06.01, BAI06.02, BAI06.03, BAI06.04, APO09.05, APO10.05, BAI04.04 |
| 93 | COBIT: Cisco Switch Policy Changes | COBIT_Cisco_Switch_Policy_Changes | Displays all configuration changes to the Cisco router and switch policies. | BAI10.04, BAI10.05, BAI02.05 |
| 94 | COBIT: Creation and Deletion of System Level Objects: AIX Audit |
COBIT_Creation_and_Deletion_of_System_Level_Objects_AIX_Audit | Displays AIX audit events related to creation and deletion of system-level objects. | DSS02.03 |
| 95 | COBIT: Creation and Deletion of System Level Objects: DB2 Database |
COBIT_Creation_and_Deletion_of_System_Level_Objects_DB2_Database | Displays DB2 database events related to creation and deletion of system-level objects. | DSS02.03 |
| 96 | COBIT: Creation and Deletion of System Level Objects: HP-UX Audit |
COBIT_Creation_and_ Deletion_of_System_Level_Objects_HP-UX_Audit |
Displays HP-UX audit events related to creation and deletion of system-level objects. | DSS02.03 |
| 97 | COBIT: Creation and Deletion of System Level Objects: Oracle |
COBIT_Creation_and_Deletion_of_System_Level_Objects_Oracle | Displays Oracle database events related to creation and deletion of system-level objects. | DSS02.03 |
| 98 | COBIT: Creation and Deletion of System Level Objects: Solaris BSM |
COBIT_Creation_and_Deletion_of_System_Level_Objects_Solaris_BSM | Displays Solaris BSM events related to creation and deletion of system-level objects. | DSS02.03 |
| 99 | COBIT: Creation and Deletion of System Level Objects: SQL Server |
COBIT_Creation_and_Deletion_of_System_Level_Objects_SQL_Server | Displays Microsoft SQL Server events related to creation and deletion of system-level objects. | DSS02.03 |
| 100 | COBIT: Creation and Deletion of System Level Objects: Windows |
COBIT_Creation_and_Deletion_of_System_Level_Objects_Windows | Displays all Windows events related to creation and deletion of system-level objects. | DSS02.03 |
| 101 | COBIT: Domain activities on Symantec Endpoint Protection | COBIT_Domain_activities_on_Symantec_Endpoint_Protection | Displays all domain activities on Symantec Endpoint Protection. | DSS02.03, BAI06.01, BAI06.02, BAI06.03, BAI06.04 |
| 102 | COBIT: DB2 Database Backup Failed | COBIT_DB2_Database_Backup_Failed | Displays all IBM DB2 Database Server backup failures. | DSS04.05, DSS06.04, DS11.5 |
| 103 | COBIT: DB2 Database Configuration Changes | COBIT_DB2_Database_Configuration_Changes | Displays DB2 database configuration changes. | DSS03.10, BAI06.01, BAI06.02, BAI06.03, BAI06.04 |
| 104 | COBIT: DB2 Database Failed Logins | COBIT_DB2_Database_Failed_Logins | Displays all failed login attempts to review any access violations or unusual activity. | APO07.01, DSS05.04 |
| 105 | COBIT: DB2 Database Successful Logins | COBIT_DB2_Database_Successful_Logins | Displays successful DB2 database logins. | APO01.02, APO07.01, DSS05.04, DSS05.02, BAI10.04, BAI10.05, BAI02.05 |
| 106 | COBIT: DB2 Database Restore Failed | COBIT_DB2_Database_Restore_Failed | Displays all IBM DB2 Database restore failure events. | DS11.5 |
| 107 | COBIT: DB2 Database Stop and Start Events | COBIT_DB2_Database_Stop_and_Start_Events | Displays DB2 database events related to starting and stopping the database. | DSS03.10, BAI06.01, BAI06.02, BAI06.03, BAI06.04, APO09.05, APO10.05, BAI04.04 |
| 108 | COBIT: DB2 Database User Additions and Deletions | COBIT_DB2_Database_User_Additions_and_Deletions | Displays IBM DB2 Database events related to creation and deletion of database users. | DSS05.04, DSS05.04 |
| 109 | COBIT: Decru DataFort Cryptographic Key Events | COBIT_Decru_DataFort_Cryptographic_Key_Events | Displays events related to cryptographic key handling. | DSS05.03 |
| 110 | COBIT: Decru DataFort Zeroization Events | COBIT_Decru_DataFort_Zeroization_Events | Displays events related to Decru DataFort zeroization. | DSS05.05, DSS05.03 |
| 111 | COBIT: Denied Connections - Cisco IOS | COBIT_Denied_Connections_Cisco_IOS | Displays all connections that have been denied by the Cisco IOS devices. | DSS05.02 |
| 112 | COBIT: Denied Connections - Cisco NXOS | COBIT_Denied_Connections_Cisco_NXOS | Displays all connections that have been denied by the Cisco NXOS devices. | DSS05.02 |
| 113 | COBIT: Denied Connections - Cisco Router | Not Applicable | Displays all connections that have been denied by the Cisco Router devices. | DSS05.02 |
| 114 | COBIT: Denied Connections - F5 BIG-IP TMOS | Not Applicable | Displays all connections that have been denied by the F5 BIG-IP TMOS devices. | DSS05.02 |
| 115 | COBIT: Denied Connections by IP Addresses - Check Point |
Not Applicable | Displays remote IP addresses with the most denied connections from Check Point. | DSS05.02 |
| 116 | COBIT: Denied Connections by IP Addresses - Cisco ASA | Not Applicable | Displays remote IP addresses with the most denied connections from Cisco ASA. | DSS05.02 |
| 117 | COBIT: Denied Connections by IP Addresses - Cisco FWSM |
Not Applicable | Displays remote IP addresses with the most denied connections from Cisco FWSM. | DSS05.02 |
| 118 | COBIT: Denied Connections by IP Addresses - Nortel | Not Applicable | Displays remote IP addresses with the most denied connections from Nortel. | DSS05.02 |
| 119 | COBIT: Denied Inbound Connections - Check Point | Not Applicable | Displays all inbound connections that have been denied by the Check Point devices. | DSS05.02 |
| 120 | COBIT: Denied Inbound Connections - Cisco ASA | Not Applicable | Displays all inbound connections that have been denied by the Cisco ASA devices. | DSS05.02 |
| 121 | COBIT: Denied Inbound
Connections - Cisco FWSM |
COBIT_Denied_Inbound_Connections_Cisco_FWSM | Displays all inbound connections that have been denied by the Cisco FWSM devices. | DSS05.02 |
| 122 | COBIT: Denied Outbound
Connections - Check Point |
Not Applicable | Displays all outbound connections that have been denied by the Check Point. | DSS05.02 |
| 123 | COBIT: Denied Outbound
Connections - Cisco ASA |
COBIT_Denied_Outbound_Connections_Cisco_ASA | Displays all outbound connections that have been denied by the Cisco ASA. | DSS05.02 |
| 124 | COBIT: Denied Outbound Connections - Cisco FWSM | Not Applicable | Displays all outbound connections that have been denied by the Cisco FWSM. | DSS05.02 |
| 125 | COBIT: DHCP Granted/ Renewed Activities on Microsoft DHCP |
COBIT_DHCP_Granted_Renewed_Activities_on_Microsoft_DHCP | Displays all DHCP Granted/Renewed activities on Microsoft DHCP Server. | APO09.05, DSS03.02 |
| 126 | COBIT: DNS Server Error | COBIT_DNS_Server_Error | Displays all events when DNS Server has errors. | APO09.05, APO10.05, BAI04.04 |
| 127 | COBIT: Domains Sending the Most Email - Exchange 2000/2003 |
Not Applicable | Displays the top domains sending email. | Does not map to any compliance regulation |
| 128 | COBIT: Email Recipients Receiving the Most Emails by Count - Exchange 2000/2003 |
Not Applicable | Displays the email recipients who receiving the most emails by count. | Does not map to any compliance regulation |
| 129 | COBIT: Email Recipients Receiving the Most Emails by Size - Exchange 2000/2003 |
Not Applicable | Displays the email recipients who received the most emails by mail size. | Does not map to any compliance regulation |
| 130 | COBIT: Email Recipients Receiving the Most Emails by Count - Exchange 2007/10 |
Not Applicable | Displays the email recipients who receiving the most emails by count. | Does not map to any compliance regulation |
| 131 | COBIT: Email Senders Sending the Most Emails by Count - Exchange 2000/2003 |
Not Applicable | Displays the email senders who sent the most emails by count. | Does not map to any compliance regulation |
| 132 | COBIT: Email Senders Sending the Most Emails by Count - Exchange 2007/10 |
Not Applicable | Displays the email senders who sent the most emails by count. | Does not map to any compliance regulation |
| 133 | COBIT: Email Senders Sending the Most Emails by Size - Exchange 2000/2003 |
Not Applicable | Displays the email senders who sent the most emails by mail size. | Does not map to any compliance regulation |
| 134 | COBIT: Email Senders Sending
the Most Emails by Size - Exchange 2007/10 |
Not Applicable | Displays the email senders who sent the most emails by mail size. | Does not map to any compliance regulation |
| 135 | COBIT: Email Source IP Sending To Most Recipients | Not Applicable | Displays IP addresses that are sending to the most recipients using Exchange. | Does not map to any compliance regulation |
| 136 | COBIT: Escalated Privilege Activities on Servers | Not Applicable | Displays all privilege escalation activities performed on servers to ensure appropriate access. | DSS05.04 |
| 137 | COBIT: ESX Accounts Activities | COBIT_ESX_Accounts_Activities | Displays all accounts activities on VMware ESX servers to ensure authorized and appropriate access. | APO01.02, APO07.01, DSS05.04, DSS05.04 |
| 138 | COBIT: ESX Accounts Created | COBIT_ESX_Accounts_Created | Displays all accounts created on VMwareESX servers to ensure authorized and appropriate access. | APO01.02, APO07.01, DSS05.04, DSS05.04 |
| 139 | COBIT: ESX Accounts Deleted | COBIT_ESX_Accounts_Deleted | Displays all accounts deleted on VMware ESX servers to ensure authorized and appropriate access. | APO07.01, DSS05.04 |
| 140 | COBIT: ESX Failed Logins | COBIT_ESX_Failed_Logins | Failed VMware ESX logins for known user. | APO07.01, DSS05.04 |
| 141 | COBIT: ESX Group Activities | COBIT_ESX_Group_Activities | Displays all group activities on VMware ESX servers to ensure authorized and appropriate access. | APO01.02, APO07.01, DSS05.04, DSS05.04 |
| 142 | COBIT: ESX Kernel log daemon terminating | COBIT_ESX_Kernel_log_daemon_terminating | Displays all VMware ESX Kernel log daemon terminating. | BAI03.05, BAI10.04, BAI10.05, BAI02.05 |
| 143 | COBIT: ESX Kernel logging Stop | COBIT_ESX_Kernel_logging_Stop | Displays all VMware ESX Kernel logging stops. | BAI03.05, BAI10.04, BAI10.05, BAI02.05 |
| 144 | COBIT: ESX Logins Succeeded | COBIT_ESX_Logins_Succeeded | Displays successful logins to VMware ESX to ensure only authorized personnel have access. | APO01.02, APO07.01, DSS05.04, DSS05.02, BAI10.04, BAI10.05, BAI02.05 |
| 145 | COBIT: ESX Logins Failed Unknown User | COBIT_ESX_Logins_Failed_Unknown_User | Failed VMware ESX logins for unknown user. | APO07.01, DSS05.04 |
| 146 | COBIT: ESX Syslogd Restart | COBIT_ESX_Syslogd_Restart | Displays all VMware ESX syslogd restarts. | BAI03.05, BAI10.04, BAI10.05, BAI02.05 |
| 147 | COBIT: F5 BIG-IP TMOS Login Failed | COBIT_F5_BIG-IP_TMOS_Login_Failed | Displays all F5 BIG-IP TMOS login events which have failed. | APO07.01, DSS05.04 |
| 148 | COBIT: F5 BIG-IP TMOS Login Successful | COBIT_F5_BIG-IP_TMOS_Login_Successful | Displays all F5 BIG-IP TMOS login events which have succeeded. | APO01.02, APO07.01, DSS05.04, DSS05.02, BAI10.04, BAI10.05, BAI02.05 |
| 149 | COBIT: F5 BIG-IP TMOS Password Changes | COBIT_F5_BIG-IP_TMOS_Password_Changes | Displays all password change activities on F5 BIG-IP TMOS to ensure authorized and appropriate access. | DSS05.04 |
| 150 | COBIT: F5 BIG-IP TMOS Restarted | COBIT_F5_BIG-IP_TMOS_Restarted | Displays all events when the F5 BIG-IP TMOS has been restarted. | DSS03.10, BAI06.01, BAI06.02, BAI06.03, BAI06.04, APO09.05, APO10.05, BAI04.04 |
| 151 | COBIT: Failed Logins | Not Applicable | Displays all failed login attempts to review any access violations or unusual activity. | APO07.01, DSS05.04 |
| 152 | COBIT: Failed Windows Events Summary | COBIT_Failed_Windows_Events_Summary | Displays summary of all failed access-related Windows events. | APO09.05, BAI04.04 |
| 153 | COBIT: Files Accessed on NetApp Filer Audit | COBIT_Files_Accessed_on_NetApp_Filer_Audit | Displays all files accessed on NetApp Filer Audit to ensure appropriate access. | DSS04.01, DSS04.02, APO13.02, DSS05.04 |
| 154 | COBIT: Files Accessed on Servers | Not Applicable | Displays all files accessed on servers to ensure appropriate access. | DSS04.01, DSS04.02, APO13.02, DSS05.04 |
| 155 | COBIT: Files Accessed through
Juniper SSL VPN (Secure Access) |
COBIT_Files_Accessed_through_Juniper_SSL_VPN_Secure_Access | Displays all files accessed through Juniper SSL VPN (Secure Access). | DSS04.01, DSS04.02, APO13.02, DSS05.04 |
| 156 | COBIT: Files Accessed through PANOS | COBIT_Files_Accessed_through_PANOS | Displays all files accessed through Palo Alto Networks. | DSS04.01, DSS04.02, APO13.02, DSS05.04 |
| 157 | COBIT: Files Accessed through Pulse Connect Secure | COBIT_Files_Accessed_through_Pulse_Connect_Secure | Displays all files accessed through Pulse Connect Secure. | DSS04.01, DSS04.02, APO13.02, DSS05.04 |
| 158 | COBIT: Files Downloaded via Proxy | Not Applicable | Displays all proxy-based downloads ensure authorized and appropriate access. | DSS04.01, DSS04.02, APO13.02 |
| 159 | COBIT: Files Downloaded via Proxy - Blue Coat | COBIT_Files_Downloaded_via_Proxy_Blue_Coat | Displays all proxy-based downloads to ensure authorized and appropriate access on Blue Coat. | DSS04.01, DSS04.02, APO13.02 |
| 160 | COBIT: Files Downloaded via Proxy - Cisco WSA | Not Applicable | Displays all proxy-based downloads to ensure authorized and appropriate access on Cisco WSA. | DSS04.01, DSS04.02, APO13.02 |
| 161 | COBIT: Files Downloaded via Proxy - Microsoft IIS | Not Applicable | Displays all proxy-based downloads to ensure authorized and appropriate access on Microsoft IIS. | DSS04.01, DSS04.02, APO13.02 |
| 162 | COBIT: Files Downloaded via the Web | Not Applicable | Displays all web-based downloads ensure authorized and appropriate access. | DSS04.01, DSS04.02, APO13.02 |
| 163 | COBIT: Files Downloaded via the Web - F5 BIG-IP TMOS | COBIT_Files_Downloaded_via_the_Web_F5_BIG-IP_TMOS | Displays all web-based downloads ensure authorized and appropriate access on F5 BIG-IP TMOS. | DSS04.01, DSS04.02, APO13.02 |
| 164 | COBIT: Files Downloaded via the Web - Microsoft IIS | Not Applicable | Displays all web-based downloads ensure authorized and appropriate access on Microsoft IIS. | DSS04.01, DSS04.02, APO13.02 |
| 165 | COBIT: Files Uploaded via Proxy | Not Applicable | Displays all proxy-based uploads to ensure only authorized data can be uploaded. | DSS04.01, DSS04.02, APO13.02 |
| 166 | COBIT: Files Uploaded via Proxy - Blue Coat | COBIT_Files_Uploaded_via_Proxy_Blue_Coat | Displays all proxy-based uploads to ensure only authorized data can be uploaded on Blue Coat. | DSS04.01, DSS04.02, APO13.02 |
| 167 | COBIT: Files Uploaded via Proxy - Cisco WSA | COBIT_Files_Uploaded_via_Proxy_Cisco_WSA | Displays all proxy-based uploads to ensure only authorized data can be uploaded on Cisco WSA. | DSS04.01, DSS04.02, APO13.02 |
| 168 | COBIT: Files Uploaded via Proxy - Microsoft IIS | Not Applicable | Displays all proxy-based uploads to ensure only authorized data can be uploaded on Microsoft IIS. | DSS04.01, DSS04.02, APO13.02 |
| 169 | COBIT: Files Uploaded via the Web | Not Applicable | Displays all web-based uploads to ensure only authorized data can be uploaded. | DSS04.01, DSS04.02, APO13.02 |
| 170 | COBIT: Files Uploaded via the Web - F5 BIG-IP TMOS | COBIT_Files_Uploaded_via_the_Web_F5_BIG-IP_TMOS | Displays all web-based uploads to ensure only authorized data can be uploaded on F5 BIG-IP TMOS. | DSS04.01, DSS04.02, APO13.02 |
| 171 | COBIT: Files Uploaded via the Web - Microsoft IIS | Not Applicable | Displays all web-based uploads to ensure only authorized data can be uploaded on Microsoft IIS. | DSS04.01, DSS04.02, APO13.02 |
| 172 | COBIT: FireEye MPS: Attacks by Event ID | COBIT_FireEye_MPS_Attacks_by_Event_ID | Displays FireEye MPS attacks by Event ID. | DSS05.02 |
| 173 | COBIT: FireEye MPS: Attacks by Threat Name | COBIT_FireEye_MPS_Attacks_by_Threat_Name | Displays FireEye MPS attacks by threat name. | DSS05.02 |
| 174 | COBIT: FireEye MPS: Attacks Detected | COBIT_FireEye_MPS_Attacks_Detected | Displays attacks detected by FireEye MPS. | DSS05.02 |
| 175 | COBIT: FortiOS: Attacks by Event ID | COBIT_FortiOS_Attacks_by_Event_ID | Displays FortiOS attacks by Event ID. | DSS05.02 |
| 176 | COBIT: FortiOS: Attacks by Threat Name | COBIT_FortiOS_Attacks_by_Threat_Name | Displays FortiOS attacks by threat name. | DSS05.02 |
| 177 | COBIT: FortiOS: Attacks Detected | COBIT_FortiOS_Attacks_Detected | Displays attacks detected by FortiOS. | DSS05.02 |
| 178 | COBIT: FortiOS DLP Attacks Detected | COBIT_FortiOS_DLP_Attacks_Detected | Displays all DLP attacks detected by FortiOS. | DSS05.02 |
| 179 | COBIT: Group Activities on NetApp Filer Audit | COBIT_Group_Activities_on_NetApp_Filer_Audit | Displays all group activities on NetApp Filer Audit to ensure authorized and appropriate access. | APO01.02, APO07.01, DSS05.04, DSS05.04 |
| 180 | COBIT: Group Activities on
TIBCO ActiveMatrix Administrator |
COBIT_Group_Activities_on_TIBCO_ActiveMatrix_Administrator | Displays all group activities on TIBCO ActiveMatrix Administrator to ensure authorized and appropriate access. | APO01.02, APO07.01, DSS05.04, DSS05.04 |
| 181 | COBIT: Group Activities on
Symantec Endpoint Protection |
COBIT_Group_Activities_on_Symantec_Endpoint_Protection | Displays all group activities on Symantec Endpoint Protection to ensure authorized and appropriate access. | APO01.02, APO07.01, DSS05.04, DSS05.04 |
| 182 | Not Applicable | COBIT_Group_Activities_on_TIBCO_Spotfire | Displays all accounts added to groups to ensure appropriate access. | APO01.02, APO07.01, DSS05.04, DSS05.04 |
| 183 | COBIT: Group Activities on UNIX Servers | COBIT_Group_Activities_on_UNIX_Servers | Displays all group activities on UNIX servers to ensure authorized and appropriate access. | APO01.02, APO07.01, DSS05.04, DSS05.04 |
| 184 | COBIT: Group Activities on Windows Servers | COBIT_Group_Activities_on_Windows_Servers | Displays all group activities on Windows servers to ensure authorized and appropriate access. | APO01.02, APO07.01, DSS05.04, DSS05.04 |
| 185 | COBIT: Groups Created on NetApp Filer Audit | COBIT_Groups_Created_on_NetApp_Filer_Audit | Displays all groups created on NetApp Filer Audit to ensure authorized and appropriate access. | APO01.02, DSS05.04 |
| 186 | COBIT: Groups Created on TIBCO ActiveMatrix Administrator |
COBIT_Groups_Created_on_TIBCO_ActiveMatrix_Administrator | Displays all groups created on TIBCO ActiveMatrix Administrator to ensure authorized and appropriate access. | APO01.02, DSS05.04 |
| 187 | COBIT: Groups Created on UNIX Servers | COBIT_Groups_Created_on_UNIX_Servers | Displays all groups created on UNIX servers to ensure authorized and appropriate access. | APO01.02, DSS05.04 |
| 188 | COBIT: Groups Created on Windows Servers | COBIT_Groups_Created_on_Windows_Servers | Displays all groups created on Windows servers to ensure authorized and appropriate access. | APO01.02, DSS05.04 |
| 189 | COBIT: Groups Deleted on NetApp Filer Audit | COBIT_Groups_Deleted_on_NetApp_Filer_Audit | Displays all groups deleted on NetApp Filer Audit to ensure authorized and appropriate access. | APO01.02, DSS05.04, DSS05.04 |
| 190 | COBIT: Groups Deleted on TIBCO ActiveMatrix Administrator |
COBIT_Groups_Deleted_on_TIBCO_ActiveMatrix_Administrator | Displays all groups deleted on TIBCO ActiveMatrix Administrator to ensure authorized and appropriate access. | APO01.02, DSS05.04, DSS05.04 |
| 191 | COBIT: Groups Deleted on UNIX Servers | COBIT_Groups_Deleted_on_UNIX_Servers | Displays all groups deleted on UNIX servers to ensure authorized and appropriate access. | APO01.02, DSS05.04, DSS05.04 |
| 192 | COBIT: Groups Deleted on Windows Servers | COBIT_Groups_Deleted_on_Windows_Servers | Displays all groups deleted on Windows servers to ensure authorized and appropriate access. | APO01.02, DSS05.04, DSS05.04 |
| 193 | COBIT: Guardium SQL Guard
Audit Configuration Changes |
COBIT_Guardium_SQL_Guard_Audit_Configuration_Changes | Displays all configuration changes on the Guardium SQL Guard Audit database. | DSS03.10, BAI06.01, BAI06.02, BAI06.03, BAI06.04 |
| 194 | COBIT: Guardium SQL Guard Audit Data Access | COBIT_Guardium_SQL_Guard_Audit_Data_Access | Displays all select statements made on Guardium SQL Audit Server. | APO03.02 |
| 195 | COBIT: Guardium SQL Guard Audit Logins | COBIT_Guardium_SQL_Guard_Audit_Logins | Displays all login attempts to the Guardium SQL Server Audit database. | APO01.02, APO07.01, DSS05.04, DSS05.02, BAI10.04, BAI10.05, BAI02.05 |
| 196 | COBIT: Guardium SQL Guard
Audit Startup or Shutdown |
COBIT_Guardium_SQL_Guard_Audit_Startup_or_Shutdown | Displays all startup and shutdown events on Guardium SQL Audit Server. | DSS03.10, BAI06.01, BAI06.02, BAI06.03, BAI06.04, APO09.05, APO10.05, BAI04.04 |
| 197 | COBIT: Guardium SQL Guard Configuration Changes | COBIT_Guardium_SQL_Guard_Configuration_Changes | Displays all configuration changes on the Guardium SQL Guard database. | DSS03.10, BAI06.01, BAI06.02, BAI06.03, BAI06.04 |
| 198 | COBIT: Guardium SQL Guard Data Access | COBIT_Guardium_SQL_Guard_Data_Access | Displays all select statements made on Guardium SQL Server. | APO03.02 |
| 199 | COBIT: Guardium SQL Guard Logins | COBIT_Guardium_SQL_Guard_Logins | Displays all login attempts to the Guardium SQL Server database. | APO01.02, APO07.01, DSS05.04, DSS05.02, BAI10.04, BAI10.05, BAI02.05 |
| 200 | COBIT: Guardium SQL Guard Startup or Shutdown | COBIT_Guardium_SQL_Guard_Startup_or_Shutdown | Displays all startup and shutdown events on Guardium SQL Server. | DSS03.10, BAI06.01, BAI06.02, BAI06.03, BAI06.04, APO09.05, APO10.05, BAI04.04 |
| 201 | COBIT: HP NonStop Audit Configuration Changes | COBIT_HP_NonStop_Audit_Configuration_Changes | Displays all audit configuration changes on HP NonStop. | DSS03.10, BAI06.01, BAI06.02, BAI06.03, BAI06.04 |
| 202 | COBIT: HP NonStop Audit Login Failed | COBIT_HP_NonStop_Audit_Login_Failed | Displays all HP NonStop Audit login events which have failed. | APO07.01, DSS05.04 |
| 203 | COBIT: HP NonStop Audit Login Successful | COBIT_HP_NonStop_Audit_Login_Successful | Displays all HP NonStop Audit login events which have succeeded. | APO01.02, APO07.01, DSS05.04, DSS05.02, BAI10.04, BAI10.05, BAI02.05 |
| 204 | COBIT: HP NonStop Audit Object Access | COBIT_HP_NonStop_Audit_Object_Access | Displays HP NonStop Audit events related to object access. | APO03.02 |
| 205 | COBIT: HP NonStop Audit Object Changes | COBIT_HP_NonStop_Audit_Object_Changes | Displays HP NonStop Audit events related to object changes. | DSS05.04, DSS05.04 |
| 206 | COBIT: HP NonStop Audit Permissions Changed | COBIT_HP_NonStop_Audit_Permissions_Changed | Displays all permission modification activities on HP NonStop Audit to ensure authorized access. | APO01.02, APO07.01, BAI03.05, BAI03.01, BAI03.02, BAI03.02, BAI03.05, DSS05.04, DSS05.04 |
| 207 | COBIT: i5/OS Access Control List Modifications | COBIT_i5_OS_Access_Control_List_Modifications | Displays i5/OS events related to access control list modification. | APO01.02, APO07.01, BAI03.05, BAI03.01, BAI03.02, BAI03.02, BAI03.05, DSS05.04, DSS05.04 |
| 208 | COBIT: i5/OS Audit Configuration Changes | COBIT_i5_OS_Audit_Configuration_Changes | Displays all audit configuration changes on i5/OS. | BAI06.01, BAI06.02, BAI06.03, BAI06.04, DSS05.04 |
| 209 | COBIT: i5/OS DST Password Reset | COBIT_i5_OS_DST_Password_Reset | Displays i5/OS events related to the reset of the DST (Dedicated Service Tools) password. | DSS05.04 |
| 210 | COBIT: i5/OS Internet Security Management Events | COBIT_i5_OS_Internet_Security_Management_Events | Displays i5/OS events related to Internet Security Management (IPSec/VPN). | DSS05.02 |
| 211 | COBIT: i5/OS Key Ring File Events | COBIT_i5_OS_Key_Ring_File_Events | Displays i5/OS key ring file events (cryptographic key management). | DSS05.03 |
| 212 | COBIT: i5/OS Network Authentication Events | COBIT_i5_OS_Network_Authentication_Events | Displays i5/OS network authentication events. | APO07.01, DSS05.04 |
| 213 | COBIT: i5/OS Object Access | COBIT_i5_OS_Object_Access | Displays i5/OS events related to object access. | APO03.02 |
| 214 | COBIT: i5/OS Object Creation and Deletion | COBIT_i5_OS_Object_Creation_and_Deletion | Displays i5/OS events related to object creation and deletion. | DSS02.03 |
| 215 | COBIT: i5/OS Restore Events | COBIT_i5_OS_Restore_Events | Displays i5/OS events related to object, program, and profile restoration. | DSS06.04, DS11.5 |
| 216 | COBIT: i5/OS Server Security User Information Actions | COBIT_i5_OS_Server_Security_User_Information_Actions | Displays i5/OS events related to server security user information actions. | DSS05.04 |
| 217 | COBIT: i5/OS System Management Changes | COBIT_i5_OS_System_Management_Changes | Displays i5/OS events related to system management changes. | DSS03.10, BAI06.01, BAI06.02, BAI06.03, BAI06.04 |
| 218 | COBIT: i5/OS User Profile Creation, Modification, or Restoration |
COBIT_i5_OS_User_Profile_ Creation_Modification_ or_Restoration |
Displays i5/OS events related to user profile creation, modification, or restoration. | DSS05.04, DSS05.04 |
| 219 | COBIT: Juniper SSL VPN (Secure Access) Policy Changed | COBIT_Juniper_SSL_VPN_Secure_Access_Policy_Changed | Displays all configuration changes to the Juniper SSL VPN (Secure Access) policies. | BAI10.04, BAI10.05, BAI02.05 |
| 220 | COBIT: Juniper SSL VPN (Secure Access) Successful Logins | COBIT_Juniper_SSL_VPN_Secure_Access_Successful_Logins | Displays all successful logins through the Juniper SSL VPN (Secure Access). | APO01.02, APO07.01, DSS05.04, DSS05.02, BAI10.04, BAI10.05, BAI02.05 |
| 221 | COBIT: Juniper SSL VPN Successful Logins | Not Applicable | Displays successful connections through the Juniper SSL VPN. | APO01.02, APO07.01, DSS05.04, DSS05.02, BAI10.04, BAI10.05, BAI02.05 |
| 222 | COBIT: Last Activities Performed by Administrators | Not Applicable | Displays the latest activities performed by administrators and root users to ensure appropriate access. | APO01.02, APO07.01 |
| 223 | COBIT: Last Activities Performed by All Users | Not Applicable | Displays the latest activities performed by all users to ensure appropriate access. | APO01.02, APO07.01 |
| 224 | COBIT: Logins by Authentication Type | Not Applicable | Displays all logins categorized by the authentication type. | APO01.02, APO07.01, DSS05.04, DSS05.02, BAI10.04, BAI10.05, BAI02.05 |
| 225 | COBIT: LogLogic File Retrieval Errors | COBIT_LogLogic_File_Retrieval_Errors | Displays all errors while retrieving log files from devices, servers and applications. | BAI03.05, DSS03.02, DSS01.03 |
| 226 | COBIT: LogLogic Management Center Account Activities | COBIT_LogLogic_Management_Center_Account_Activities | Displays all accounts activities on LogLogic management center to ensure authorized and appropriate access. | APO01.02, APO07.01, DSS05.04, DSS05.04 |
| 227 | COBIT: LogLogic Management Center Backup Activities | COBIT_LogLogic_Management_Center_Backup_Activities | Displays all backup activities on LogLogic management center. | DSS04.05, DSS06.04, DS11.5 |
| 228 | COBIT: LogLogic Management Center Login | COBIT_LogLogic_Management_Center_Login | Displays all login events to the LogLogic management center. | APO01.02, APO07.01, DSS05.04, DSS05.02, BAI10.04, BAI10.05, BAI02.05 |
| 229 | COBIT: LogLogic Management
Center Password Changes |
COBIT_LogLogic_Management_Center_Password_Changes | Displays all password change activities on LogLogic management center to ensure authorized and appropriate access. | DSS05.04 |
| 230 | COBIT: LogLogic Management
Center Restore Activities |
COBIT_LogLogic_Management_Center_Restore_Activities | Displays all restore activities on LogLogic management center. | DSS04.05, DSS06.04, DS11.5 |
| 231 | COBIT: LogLogic Management Center Upgrade Success | COBIT_LogLogic_Management_Center_Upgrade_Success | Displays all successful events related to the system's upgrade. | DSS03.10, BAI06.01, BAI06.02, BAI06.03, BAI06.04 |
| 232 | COBIT: LogLogic Message Routing Errors | COBIT_LogLogic_Message_Routing_Errors | Displays all log forwarding errors on the LogLogic appliance to ensure all logs are archived properly. | BAI03.05, DSS03.02, DSS01.03 |
| 233 | COBIT: LogLogic Universal
Collector Configuration Changes |
COBIT_LogLogic_Universal_Collector_Configuration_Changes | Displays LogLogic universal collector configuration changes. | DSS03.10, BAI06.01, BAI06.02, BAI06.03, BAI06.04 |
| 234 | COBIT: McAfee AntiVirus: Attacks by Event ID | COBIT_McAfee_AntiVirus_Attacks_by_Event_ID | Displays McAfee AntiVirus attacks by Event ID. | DSS05.02 |
| 235 | COBIT: McAfee AntiVirus: Attacks by Threat Name | COBIT_McAfee_AntiVirus_Attacks_by_Threat_Name | Displays McAfee AntiVirus attacks by threat name. | DSS05.02 |
| 236 | COBIT: McAfee AntiVirus: Attacks Detected | COBIT_McAfee_AntiVirus_Attacks_Detected | Displays attacks detected by McAfee AntiVirus. | DSS05.02 |
| 237 | COBIT: Microsoft Operations
Manager - Failed Windows Events |
COBIT_Microsoft_Operations_Manager_Failed_Windows_Events | Displays summary of all failed access-related Windows events. | APO09.05, BAI04.04 |
| 238 | COBIT: Microsoft Operations
Manager - Windows Accounts Activities |
COBIT_Microsoft_Operations_Manager_Windows_Accounts_Activities | Displays all accounts activities on Windows servers to ensure authorized and appropriate access. | APO01.02, APO07.01, DSS05.04, DSS05.04 |
| 239 | COBIT: Microsoft Operations
Manager - Windows Accounts Changed |
COBIT_Microsoft_Operations_Manager_Windows_Accounts_Changed | Displays all accounts changed on Windows servers to ensure authorized and appropriate access. | APO07.01, DSS05.04 |
| 240 | COBIT: Microsoft Operations
Manager - Windows Accounts Created |
COBIT_Microsoft_Operations_Manager_Windows_Accounts_Created | Displays all accounts created on Windows servers to ensure authorized and appropriate access. | APO01.02, APO07.01, DSS05.04, DSS05.04 |
| 241 | COBIT: Microsoft Operations
Manager - Windows Accounts Enabled |
COBIT_Microsoft_Operations_Manager_Windows_Accounts_Enabled | Displays all accounts enabled on Windows servers to ensure authorized and appropriate access. | APO07.01 |
| 242 | COBIT: Microsoft Operations
Manager - Windows Events by Users |
COBIT_Microsoft_Operations_Manager_Windows_Events_by_Users | Displays a summary of access-related Windows events by source and target users. | DSS05.04 |
| 243 | COBIT: Microsoft Operations
Manager - Windows Events Summary |
COBIT_Microsoft_Operations_Manager_Windows_Events_Summary | Displays a summary of access-related Windows events by count. | APO09.05, BAI04.04 |
| 244 | COBIT: Microsoft Operations
Manager - Windows Password Changes |
COBIT_Microsoft_Operations_Manager_Windows_Password_Changes | Displays all password change activities on Windows servers to ensure authorized and appropriate access. | DSS05.04 |
| 245 | COBIT: Microsoft Operations
Manager - Windows Permissions Modified |
COBIT_Microsoft_Operations_Manager_Windows_Permissions_Modified | Displays all permission modification activities on Windows servers to ensure authorized access. | APO01.02, APO07.01, BAI03.05, BAI03.01, BAI03.02, BAI03.02, BAI03.05, DSS05.04, DSS05.04 |
| 246 | COBIT: Microsoft Operations
Manager - Windows Policies Modified |
COBIT_Microsoft_Operations_Manager_Windows_Policies_Modified | Displays all policy modification activities on Windows servers to ensure authorized and appropriate access. | DSS05.04, DSS06.05 |
| 247 | COBIT: Microsoft Operations
Manager - Windows Servers Restarted |
COBIT_Microsoft_Operations_Manager_Windows_Servers_Restarted | Displays all Windows server restart activities to detect unusual activities. | DSS03.10, BAI06.01, BAI06.02, BAI06.03, BAI06.04, APO09.05, APO10.05, BAI04.04 |
| 248 | COBIT: Microsoft Sharepoint Content Deleted | COBIT_Microsoft_Sharepoint_Content_Deleted | Displays all events when content has been deleted from Microsoft Sharepoint. | APO03.02, APO01.06 |
| 249 | COBIT: Microsoft Sharepoint Content Updates | COBIT_Microsoft_Sharepoint_Content_Updates | Displays all events when content is updated within Microsoft Sharepoint. | APO03.02, APO01.06 |
| 250 | COBIT: Microsoft Sharepoint Permissions Changed | COBIT_Microsoft_Sharepoint_Permissions_Changed | Displays all user/group permission events to Microsoft Sharepoint. | BAI03.05, BAI03.01, BAI03.02, BAI03.02, BAI03.05, APO01.02, DSS05.04, DSS05.04 |
| 251 | COBIT: Microsoft Sharepoint
Policy Add, Remove, or Modify |
COBIT_Microsoft_Sharepoint_Policy_Add_Remove_or_Modify | Displays all events when a Microsoft Sharepoint policy is added, removed, or modified. | BAI03.05, BAI03.01, BAI03.02, BAI03.02, BAI03.05, APO01.02, DSS05.04, DSS05.04 |
| 252 | COBIT: Microsoft SQL Server Backup Failed | COBIT_Microsoft_SQL_Server_Backup_Failed | Displays all Microsoft SQL Server backup failures. | DSS04.05, DSS06.04, DS11.5 |
| 253 | COBIT: Microsoft SQL Server Configuration Changes | COBIT_Microsoft_SQL_Server_Configuration_Changes | Displays Microsoft SQL database configuration changes. | DSS03.10, BAI06.01, BAI06.02, BAI06.03, BAI06.04 |
| 254 | COBIT: Microsoft SQL Server Data Access | COBIT_Microsoft_SQL_Server_Data_Access | Displays data access events on Microsoft SQL Server databases. | APO03.02 |
| 255 | COBIT: Microsoft SQL Server Database Failed Logins | COBIT_Microsoft_SQL_Server_Database_Failed_Logins | Displays failed Microsoft SQL Server database logins. | APO07.01, DSS05.04 |
| 256 | COBIT: Microsoft SQL Server Database Successful Logins |
COBIT_Microsoft_SQL_Server_Database_Successful_Logins | Displays successful Microsoft SQL Server database logins. | APO01.02, APO07.01, DSS05.04, DSS05.02, BAI10.04, BAI10.05, BAI02.05 |
| 257 | COBIT: Microsoft SQL Server Database Permission Events | COBIT_Microsoft_SQL_Server_Database_Permission_Events | Displays events related to Microsoft SQL Server database permission modifications. | APO01.02, BAI03.05, BAI03.01, BAI03.02, BAI03.02, BAI03.05 |
| 258 | COBIT: Microsoft SQL Server Database User Additions and Deletions |
COBIT_Microsoft_SQL_Server_Database_User_Additions_and_Deletions | Displays Microsoft SQL Server events related to creation and deletion of database users. | DSS05.04, DSS05.04 |
| 259 | COBIT: Microsoft SQL Server Password Changes | COBIT_Microsoft_SQL_Server_Password_Changes | Displays password changes for Microsoft SQL Server database accounts. | DSS05.04 |
| 260 | COBIT: Microsoft SQL Server Restore Failed | COBIT_Microsoft_SQL_Server_Restore_Failed | Displays all Microsoft SQL Server restore failure events. | DS11.5 |
| 261 | COBIT: Microsoft SQL Server Schema Corruption | COBIT_Microsoft_SQL_Server_Schema_Corruption | Displays all schema corruption events on Microsoft SQL Server databases. | APO03.02, APO01.06, DSS02.03, BAI10.04, BAI10.05, BAI02.05 |
| 262 | COBIT: Microsoft SQL Server Shutdown by Reason | COBIT_Microsoft_SQL_Server_Shutdown_by_Reason | Displays all Microsoft SQL Server shutdown events by reason. | DSS03.10, BAI06.01, BAI06.02, BAI06.03, BAI06.04, APO09.05, APO10.05, BAI04.04 |
| 263 | COBIT: Most Active Email Senders - Exchange 2000/2003 |
Not Applicable | Displays the most active email senders based on activity. | Does not map to any compliance regulation |
| 264 | COBIT: Most Active Ports Through Firewall - Check Point | Not Applicable | Displays the most active ports used through the Check Point firewall. | DSS05.02 |
| 265 | COBIT: Most Active Ports Through Firewall - Cisco ASA | Not Applicable | Displays the most active ports used through the Cisco ASA firewall. | DSS05.02 |
| 266 | COBIT: Most Active Ports Through Firewall - Cisco FWSM | Not Applicable | Displays the most active ports used through the Cisco FWSM firewall. | DSS05.02 |
| 267 | COBIT: Most Active Ports Through Firewall - Fortinet | Not Applicable | Displays the most active ports used through the Fortinet firewall. | DSS05.02 |
| 268 | COBIT: Most Active Ports Through Firewall - Nortel | Not Applicable | Displays the most active ports used through the Nortel firewall. | DSS05.02 |
| 269 | COBIT: Most Used Mail Commands - Exchange 2000/2003 |
Not Applicable | Displays the most used email protocol commands on Microsoft Exchange servers. | Does not map to any compliance regulation |
| 270 | COBIT: NetApp Filer Audit Accounts Enabled | COBIT_NetApp_Filer_Audit_Accounts_Enabled | Displays all accounts enabled on NetApp Filer Audit to ensure authorized and appropriate access. | DSS05.04 |
| 271 | COBIT: NetApp Filer Audit Logs Cleared | COBIT_NetApp_Filer_Audit_Logs_Cleared | Displays all audit logs clearing activities on NetApp Filer Audit to detect access violations or unusual activity. | DSS01.03 |
| 272 | COBIT: NetApp Filer Audit Group Members Added | COBIT_NetApp_Filer_Audit_Group_Members_Added | Displays all accounts added to groups on the NetApp Filer Audit to ensure appropriate access. | DSS05.04 |
| 273 | COBIT: NetApp Filer Audit Group Members Deleted | COBIT_NetApp_Filer_Audit_Group_Members_Deleted | Displays all accounts removed from groups on the NetApp Filer Audit to ensure appropriate access. | APO07.01, DSS05.04 |
| 274 | COBIT: NetApp Filer Snapshot Error | COBIT_NetApp_Filer_Snapshot_Error | Displays events that indicate backup on the NetApp Filer has failed. | DSS04.01, DSS04.02, DSS04.05, DSS06.04, DS11.5 |
| 275 | COBIT: NetApp Filer Audit Login Failed | COBIT_NetApp_Filer_Audit_Login_Failed | Displays all NetApp Filer Audit login events which have failed. | APO07.01, DSS05.04 |
| 276 | COBIT: NetApp Filer Audit Login Successful | COBIT_NetApp_Filer_Audit_Login_Successful | Displays all NetApp Filer Audit login events which have succeeded. | APO01.02, APO07.01, DSS05.04, DSS05.02, BAI10.04, BAI10.05, BAI02.05 |
| 277 | COBIT: NetApp Filer Audit Policies Modified | COBIT_NetApp_Filer_Audit_Policies_Modified | Displays all policy modification activities on NetApp Filer Audit to ensure authorized and appropriate access. | BAI10.04, BAI10.05, BAI02.05 |
| 278 | COBIT: NetApp Filer File Activity | COBIT_NetApp_Filer_File_Activity | Displays all file activities on NetApp Filer. | DSS04.01, DSS04.02, APO13.02, DSS05.04 |
| 279 | COBIT: NetApp Filer Login Failed | COBIT_NetApp_Filer_Login_Failed | Displays all NetApp Filer login events which have failed. | APO07.01, DSS05.04 |
| 280 | COBIT: NetApp Filer Login Successful | COBIT_NetApp_Filer_Login_Successful | Displays all NetApp Filer login events which have succeeded. | APO01.02, APO07.01, DSS05.04, DSS05.02, BAI10.04, BAI10.05, BAI02.05 |
| 281 | COBIT: NetApp Filer Password Changes | COBIT_NetApp_Filer_Password_Changes | Displays all password change activities on NetApp Filer to ensure authorized and appropriate access. | DSS05.04 |
| 282 | COBIT: Network Traffic per Rule - Check Point | Not Applicable | Displays all network traffic flowing through each rule in a network policy to ensure appropriate access. | DSS05.02 |
| 283 | COBIT: Network Traffic per Rule - Nortel | Not Applicable | Displays all network traffic flowing through each rule in a network policy to ensure appropriate access. | DSS05.02 |
| 284 | COBIT: Oracle Database Configuration Changes | COBIT_Oracle_Database_Configuration_Changes | Displays Oracle database configuration changes. | DSS03.10, BAI06.01, BAI06.02, BAI06.03, BAI06.04 |
| 285 | COBIT: Oracle Database Data Access | COBIT_Oracle_Database_Data_Access | Displays data access events on Oracle databases. | APO03.02 |
| 286 | COBIT: Oracle Database Failed Logins | COBIT_Oracle_Database_Failed_Logins | Displays all failed login attempts to the Oracle database. | APO07.01, DSS05.04 |
| 287 | COBIT: Oracle Database Successful Logins | COBIT_Oracle_Database_Successful_Logins | Displays successful Oracle database logins. | APO01.02, APO07.01, DSS05.04, DSS05.02, BAI10.04, BAI10.05, BAI02.05 |
| 288 | COBIT: Oracle Database Permission Events | COBIT_Oracle_Database_Permission_Events | Displays events related to Oracle Server database role and privilege management. | APO01.02, BAI03.05, BAI03.01, BAI03.02, BAI03.02, BAI03.05 |
| 289 | COBIT: Oracle Database Shutdown | COBIT_Oracle_Database_Shutdown | Displays Oracle database events related to shutting down the server. | DSS03.10, BAI06.01, BAI06.02, BAI06.03, BAI06.04, APO09.05, APO10.05, BAI04.04 |
| 290 | COBIT: Oracle Database User Additions and Deletions |
COBIT_Oracle_Database_User_Additions_and_Deletions | Displays Oracle database events related to creation and deletion of database users. | DSS05.04, DSS05.04 |
| 291 | COBIT: Password Changes on Windows Servers | COBIT_Password_Changes_on_Windows_Servers | Displays all password change activities on Windows servers to ensure authorized and appropriate access. | DSS05.04 |
| 292 | COBIT: PANOS: Attacks by Event ID | COBIT_PANOS_Attacks_by_Event_ID | Displays Palo Alto Networks attacks by Event ID. | DSS05.02 |
| 293 | COBIT: PANOS: Attacks by Threat Name | COBIT_PANOS_Attacks_by_Threat_Name | Displays Palo Alto Networks attacks by threat name. | DSS05.02 |
| 294 | COBIT: PANOS: Attacks Detected | COBIT_PANOS_Attacks_Detected | Displays attacks detected by Palo Alto Networks. | DSS05.02 |
| 295 | COBIT: Peer Servers and Status | Not Applicable | Displays all web servers providing data for cache servers and the status of requests. | DSS03.10, BAI06.01, BAI06.02, BAI06.03, BAI06.04, APO09.05, APO10.05, BAI04.04 |
| 296 | COBIT: Peer Servers and Status - Blue Coat | COBIT_Peer_Servers_and_Status_Blue_Coat | Displays all web servers providing data for cache servers and the status of requests on Blue Coat. | DSS03.10, BAI06.01, BAI06.02, BAI06.03, BAI06.04, APO09.05, APO10.05, BAI04.04 |
| 297 | COBIT: Peer Servers and Status - Cisco WSA | COBIT_Peer_Servers_and_Status_Cisco_WSA | Displays all web servers providing data for cache servers and the status of requests on Cisco WSA. | DSS03.10, BAI06.01, BAI06.02, BAI06.03, BAI06.04, APO09.05, APO10.05, BAI04.04 |
| 298 | COBIT: Peer Servers and Status - Microsoft IIS | Not Applicable | Displays all web servers providing data for cache servers and the status of requests on Microsoft IIS. | DSS03.10, BAI06.01, BAI06.02, BAI06.03, BAI06.04, APO09.05, APO10.05, BAI04.04 |
| 299 | COBIT: Periodic Review of Log Reports | COBIT_Periodic_Review_of_Log_Reports | Displays all review activities performed by administrators to ensure review for any access violations. | DSS03.10, BAI06.01, BAI06.02, BAI06.03, BAI06.04, APO09.05, APO10.05, BAI04.04, DSS05.07, DSS01.03 |
| 300 | COBIT: Periodic Review of User Access Logs | COBIT_Periodic_Review_of_User_Access_Logs | Displays all review activities performed by administrators to ensure review for any access violations. | DSS03.10, BAI06.01, BAI06.02, BAI06.03, BAI06.04, APO09.05, APO10.05, BAI04.04, DSS05.07, DSS01.03 |
| 301 | COBIT: Permissions Modified on Windows Servers | COBIT_Permissions_Modified_on_Windows_Servers | Displays all permission modification activities on Windows Servers to ensure authorized access. | APO01.02, APO07.01, BAI03.05, BAI03.01, BAI03.02, BAI03.02, BAI03.05, DSS05.04, DSS05.04 |
| 302 | COBIT: Policies Modified on Windows Servers | COBIT_Policies_Modified_on_Windows_Servers | Displays all policy modification activities on Windows servers to ensure authorized and appropriate access. | DSS05.04, DSS06.05 |
| 303 | COBIT: Ports Allowed Access - Check Point | COBIT_Ports_Allowed_Access_Check_Point | Displays all connections passed through the Check Point by port. | DSS05.02, DSS06.05 |
| 304 | COBIT: Ports Allowed Access - Cisco ASA | COBIT_Ports_Allowed_Access_Cisco_ASA | Displays all connections passed through the Cisco ASA by port. | DSS05.02, DSS06.05 |
| 305 | COBIT: Ports Allowed Access - Cisco FWSM | COBIT_Ports_Allowed_Access_Cisco_FWSM | Displays all connections passed through the Cisco FWSM by port. | DSS05.02, DSS06.05 |
| 306 | COBIT: Ports Allowed Access - Cisco IOS | COBIT_Ports_Allowed_Access_Cisco_IOS | Displays all connections passed through the Cisco IOS by port. | DSS05.02, DSS06.05 |
| 307 | COBIT: Ports Allowed Access - Cisco Netflow | COBIT_Ports_Allowed_Access_Cisco_Netflow | Displays all connections passed through the Cisco Netflow by port. | DSS05.02, DSS06.05 |
| 308 | COBIT: Ports Allowed Access - F5 BIG-IP TMOS | COBIT_Ports_Allowed_Access_F5_BIG-IP_TMOS | Displays all connections passed through the F5 BIG-IP TMOS by port. | DSS05.02, DSS06.05 |
| 309 | COBIT: Ports Allowed Access - Fortinet | COBIT_Ports_Allowed_Access_Fortinet | Displays all connections passed through the Fortinet by port. | DSS05.02, DSS06.05 |
| 310 | COBIT: Ports Allowed Access - Juniper JunOS | COBIT_Ports_Allowed_Access_Juniper_JunOS | Displays all connections passed through the Juniper JunOS by port. | DSS05.02, DSS06.05 |
| 311 | COBIT: Ports Allowed Access - Nortel | Not Applicable | Displays all connections passed through the Nortel by port. | DSS05.02, DSS06.05 |
| 312 | COBIT: Ports Allowed Access - PANOS | COBIT_Ports_Allowed_Access_PANOS | Displays all connections passed through the Palo Alto Networks by port. | DSS05.02, DSS06.05 |
| 313 | COBIT: Ports Denied Access - Check Point | COBIT_Ports_Denied_Access_Check_Point | Displays the applications that have been denied access the most by the Check Point. | DSS05.02 |
| 314 | COBIT: Ports Denied Access - Cisco ASA | COBIT_Ports_Denied_Access_Cisco_ASA | Displays the applications that have been denied access the most by the Cisco ASA. | DSS05.02 |
| 315 | COBIT: Ports Denied Access - Cisco FWSM | COBIT_Ports_Denied_Access_Cisco_FWSM | Displays the applications that have been denied access the most by the Cisco FWSM. | DSS05.02 |
| 316 | COBIT: Ports Denied Access - Cisco IOS | COBIT_Ports_Denied_Access_Cisco_IOS | Displays the applications that have been denied access the most by the Cisco IOS. | DSS05.02 |
| 317 | COBIT: Ports Denied Access - F5 BIG-IP TMOS | COBIT_Ports_Denied_Access_F5_BIG-IP_TMOS | Displays the applications that have been denied access the most by the F5 BIG-IP TMOS. | DSS05.02 |
| 318 | COBIT: Ports Denied Access - Cisco Router | Not Applicable | Displays the applications that have been denied access the most by the Cisco Router. | DSS05.02 |
| 319 | COBIT: Ports Denied Access - Fortinet | COBIT_Ports_Denied_Access_Fortinet | Displays the applications that have been denied access the most by the Fortinet. | DSS05.02 |
| 320 | COBIT: Ports Denied Access - Juniper JunOS | COBIT_Ports_Denied_Access_Juniper_JunOS | Displays the applications that have been denied access the most by the Juniper JunOS. | DSS05.02 |
| 321 | COBIT: Ports Denied Access - Nortel | Not Applicable | Displays the applications that have been denied access the most by the Nortel. | DSS05.02 |
| 322 | COBIT: Ports Denied Access - PANOS | COBIT_Ports_Denied_Access_PANOS | Displays the applications that have been denied access the most by the Palo Alto Networks. | DSS05.02 |
| 323 | COBIT: Pulse Connect Secure Policy Changed | COBIT_Pulse_Connect_Secure_Policy_Changed | Displays all configuration changes to the Pulse Connect Secure policies. | BAI10.04, BAI10.05, BAI02.05 |
| 324 | COBIT: Pulse Connect Secure Successful Logins | COBIT_Pulse_Connect_Secure_Successful_Logins | Displays all successful logins through the Pulse Connect Secure. | APO01.02, APO07.01, DSS05.04, DSS05.02, BAI10.04, BAI10.05, BAI02.05 |
| 325 | COBIT: Recipient Domains Experiencing Delay - Exchange 2000/2003 |
Not Applicable | Displays the recipient domains that have experienced the most delivery delays. | Does not map to any compliance regulation |
| 326 | COBIT: RACF Accounts Created | COBIT_RACF_Accounts_Created | Displays all accounts created on RACF servers to ensure authorized and appropriate access. | APO01.02, APO07.01, DSS05.04, DSS05.04 |
| 327 | COBIT: RACF Accounts Deleted | COBIT_RACF_Accounts_Deleted | Displays all accounts deleted on RACF servers to ensure authorized and appropriate access. | APO07.01, DSS05.04 |
| 328 | COBIT: RACF Accounts Modified | COBIT_RACF_Accounts_Modified | Displays all events when a network user profile has been modified. | APO07.01, DSS05.04 |
| 329 | COBIT: RACF Successful Logins | COBIT_RACF_Successful_Logins | Displays successful logins to ensure only authorized personnel have access. | APO01.02, APO07.01, DSS05.04, DSS05.02, BAI10.04, BAI10.05, BAI02.05 |
| 330 | COBIT: RACF Failed Logins | COBIT_RACF_Failed_Logins | Displays all failed login attempts to review any access violations or unusual activity. | APO07.01, DSS05.04 |
| 331 | COBIT: RACF Files Accessed | COBIT_RACF_Files_Accessed | Displays all files accessed on RACF servers to ensure appropriate access. | DSS04.01, DSS04.02, APO13.02, DSS05.04 |
| 332 | COBIT: RACF Permissions Changed | COBIT_RACF_Permissions_Changed | Displays all permission modification activities on RACF to ensure authorized access. | APO01.02, APO07.01, BAI03.05, BAI03.01, BAI03.02, BAI03.02, BAI03.05, DSS05.04, DSS05.04 |
| 333 | COBIT: RACF Password Changed | COBIT_RACF_Password_Changed | Displays all password change activities on RACF servers to ensure authorized and appropriate access. | DSS05.04 |
| 334 | COBIT: RACF Process Started | COBIT_RACF_Process_Started | Displays all processes started on the RACF servers. | BAI03.05, DSS03.10, BAI06.01, BAI06.02, BAI06.03, BAI06.04 |
| 335 | COBIT: Root Logins | Not Applicable | Displays root logins. | APO01.02 |
| 336 | COBIT: Sender and Recipients Exchanging the Most Emails - Exchange 2000/2003 |
Not Applicable | Displays the top email sender and recipient combinations. | Does not map to any compliance regulation |
| 337 | COBIT: Sensors Generating Alerts | Not Applicable | Displays the IDS sensors that generated the most alerts. | Does not map to any compliance regulation |
| 338 | COBIT: Sensors Generating Alerts - Cisco IOS | COBIT_Sensors_Generating_Alerts_Cisco_IOS | Displays the IDS sensors that generated the most alerts by Cisco IOS. | Does not map to any compliance regulation |
| 339 | COBIT: Sensors Generating Alerts - FireEye MPS | COBIT_Sensors_Generating_Alerts_FireEye_MPS | Displays the IDS sensors that generated the most alerts by FireEye MPS. | Does not map to any compliance regulation |
| 340 | COBIT: Sensors Generating Alerts - ISS SiteProtector | COBIT_Sensors_Generating_Alerts_ISS_SiteProtector | Displays the IDS sensors that generated the most alerts by ISS SiteProtector. | Does not map to any compliance regulation |
| 341 | COBIT: Sensors Generating Alerts - SiteProtector | COBIT_Sensors_Generating_Alerts_SiteProtector | Displays the IDS sensors that generated the most alerts by SiteProtector. | Does not map to any compliance regulation |
| 342 | COBIT: Sensors Generating
Alerts - Sourcefire Defense Center |
COBIT_Sensors_Generating_Alerts_Cisco_FirePower | Displays the IDS sensors that generated the most alerts by Cisco FirePower and Sourcefire Defense Center. | Does not map to any compliance regulation |
| 343 | COBIT: Servers Under Attack | Not Applicable | Displays all servers under attack. | DSS05.02 |
| 344 | COBIT: Servers Under Attack - Cisco IOS | COBIT_Servers_Under_Attack_Cisco_IOS | Displays all servers under attack by Cisco IOS. | DSS05.02 |
| 345 | COBIT: Servers Under Attack - FireEye MPS | COBIT_Servers_Under_Attack_FireEye_MPS | Displays all servers under attack by FireEye MPS. | DSS05.02 |
| 346 | COBIT: Servers Under Attack - HIPS | COBIT_Servers_Under_Attack_HIPS | Displays all servers under attack. | DSS05.02 |
| 347 | COBIT: Servers Under Attack - ISS SiteProtector | COBIT_Servers_Under_Attack_ISS_SiteProtector | Displays all servers under attack by ISS SiteProtector. | DSS05.02 |
| 348 | COBIT: Servers Under Attack - SiteProtector | COBIT_Servers_Under_Attack_SiteProtector | Displays all servers under attack by SiteProtector. | DSS05.02 |
| 349 | COBIT: Servers Under Attack - Sourcefire Defense Center |
COBIT_Servers_Under_Attack_Cisco_FirePower | Displays all servers under attack by Cisco Firepower and Sourcefire Defense Center. | DSS05.02 |
| 350 | COBIT: Source IP Sending To Most Recipients - Exchange 2000/2003 |
Not Applicable | Displays IP addresses that are sending to the most recipients. | Does not map to any compliance regulation |
| 351 | COBIT: Source of Attacks | Not Applicable | Displays the sources that have initiated the most attacks. | DSS05.02 |
| 352 | COBIT: Source of Attacks - Cisco IOS | COBIT_Source_of_Attacks_Cisco_IOS | Displays the sources that have initiated the most attacks by Cisco IOS. | DSS05.02 |
| 353 | COBIT: Source of Attacks - FireEye MPS | COBIT_Source_of_Attacks_FireEye_MPS | Displays the sources that have initiated the most attacks by FireEye MPS. | DSS05.02 |
| 354 | COBIT: Source of Attacks - HIPS | COBIT_Source_of_Attacks_HIPS | Displays the sources that have initiated the most attacks. | DSS05.02 |
| 355 | COBIT: Source of Attacks - ISS SiteProtector | COBIT_Source_of_Attacks_ISS_SiteProtector | Displays the sources that have initiated the most attacks by ISS SiteProtector. | DSS05.02 |
| 356 | COBIT: Source of Attacks - SiteProtector | COBIT_Source_of_Attacks_SiteProtector | Displays the sources that have initiated the most attacks by SiteProtector. | DSS05.02 |
| 357 | COBIT: Source of Attacks - Sourcefire Defense Center | COBIT_Source_of_Attacks_Cisco_FirePower | Displays the sources that have initiated the most attacks by Cisco Firepower and Sourcefire Defense Center. | DSS05.02 |
| 358 | COBIT: Successful Logins | Not Applicable | Displays successful logins to ensure only authorized personnel have access. | APO01.02, APO07.01, DSS05.04, DSS05.02, BAI10.04, BAI10.05, BAI02.05 |
| 359 | COBIT: Sybase ASE Database Backup and Restoration | COBIT_Sybase_ASE_Database_Backup_and_Restoration | Displays Sybase ASE DUMP and LOAD events. | DSS04.05, DSS06.04, DS11.5 |
| 360 | COBIT: Sybase ASE Database Configuration Changes | COBIT_Sybase_ASE_Database_Configuration_Changes | Displays configuration changes to the Sybase database. | DSS03.10, BAI06.01, BAI06.02, BAI06.03, BAI06.04 |
| 361 | COBIT: Sybase ASE Database Create Events | COBIT_Sybase_ASE_Database_Create_Events | Displays Sybase ASE events involving the CREATE statement. | DSS02.03 |
| 362 | COBIT: Sybase ASE Database Data Access | COBIT_Sybase_ASE_Database_Data_Access | Displays Sybase ASE events involving the SELECT statement. | APO03.02 |
| 363 | COBIT: Sybase ASE Database Drop Events | COBIT_Sybase_ASE_Database_Drop_Events | Displays Sybase ASE events involving the DROP statement. | DSS02.03 |
| 364 | COBIT: Sybase ASE Failed Logins | COBIT_Sybase_ASE_Failed_Logins | Displays failed Sybase ASE database logins. | APO07.01, DSS05.04 |
| 365 | COBIT: Sybase ASE Database Startup or Shutdown | COBIT_Sybase_ASE_Database_Startup_or_Shutdown | Displays all startup and shutdown events for the Sybase database. | DSS03.10, BAI06.01, BAI06.02, BAI06.03, BAI06.04, APO09.05, APO10.05, BAI04.04 |
| 366 | COBIT: Sybase ASE Successful Logins | COBIT_Sybase_ASE_Successful_Logins | Displays successful Sybase ASE database logins. | APO01.02, APO07.01, DSS05.04, DSS05.02, BAI10.04, BAI10.05, BAI02.05 |
| 367 | COBIT: Sybase ASE Database
User Additions and Deletions |
COBIT_Sybase_ASE_Database_User_Additions_and_Deletions | Displays Sybase database events related to creation and deletion of database users. | DSS05.04, DSS05.04 |
| 368 | COBIT: Symantec Endpoint
Protection: Attacks by Threat Name |
COBIT_Symantec_Endpoint_Protection_Attacks_by_Threat_Name | Displays Symantec Endpoint Protection attacks by threat name. | DSS05.02 |
| 369 | COBIT: Symantec Endpoint Protection: Attacks Detected | COBIT_Symantec_Endpoint_Protection_Attacks_Detected | Displays attacks detected by Symantec Endpoint Protection. | DSS05.02 |
| 370 | COBIT: Symantec Endpoint Protection: Scans | COBIT_Symantec_Endpoint_Protection_Scans | Displays scans using Symantec Endpoint Protection. | DSS05.02 |
| 371 | COBIT: Symantec Endpoint Protection: Updated | COBIT_Symantec_Endpoint_Protection_Updated | Displays updates to Symantec Endpoint Protection. | DSS03.10, BAI06.01, BAI06.02, BAI06.03, BAI06.04 |
| 372 | COBIT: Symantec Endpoint
Protection Configuration Changes |
COBIT_Symantec_Endpoint_Protection_Configuration_Changes | Displays Symantec Endpoint Protection configuration changes. | DSS03.10, BAI06.01, BAI06.02, BAI06.03, BAI06.04 |
| 373 | COBIT: Symantec Endpoint
Protection Password Changes |
COBIT_Symantec_Endpoint_Protection_Password_Changes | Displays all password change activities on Symantec Endpoint Protection to ensure authorized and appropriate access. | DSS05.04 |
| 374 | COBIT: Symantec Endpoint
Protection Policy Add, Remove, or Modify |
COBIT_Symantec_Endpoint_Protection_Policy_Add_Remove_or_Modify | Displays all events when a Symantec Endpoint Protection policy is added, removed, or modified. | BAI10.04, BAI10.05, BAI02.05 |
| 375 | COBIT: TIBCO Administrator
Password Changes |
COBIT_TIBCO_Administrator_Password_Changes | Displays all password change activities on TIBCO Administrator to ensure authorized and appropriate access. | DSS05.04 |
| 376 | COBIT: TIBCO Administrator Permission Changes | COBIT_TIBCO_Administrator_Permission_Changes | Displays events related to TIBCO Administrator permission modifications. | APO01.02, APO07.01, BAI03.05, BAI03.01, BAI03.02, BAI03.02, BAI03.05, DSS05.04, DSS05.04 |
| 377 | COBIT: TIBCO ActiveMatrix
Administrator Failed Logins |
COBIT_TIBCO_ActiveMatrix_Administrator_Failed_Logins | Displays all TIBCO ActiveMatrix Administrator login events which have failed. | APO07.01, DSS05.04 |
| 378 | COBIT: TIBCO ActiveMatrix
Administrator Permission Changes |
COBIT_TIBCO_ActiveMatrix_Administrator_Permission_Changes | Displays events related to TIBCO ActiveMatrix Administrator permission modifications. | APO01.02, APO07.01, BAI03.05, BAI03.01, BAI03.02, BAI03.02, BAI03.05, DSS05.04, DSS05.04 |
| 379 | COBIT: TIBCO ActiveMatrix
Administrator Successful Logins |
COBIT_TIBCO_ActiveMatrix_Administrator_Successful_Logins | Displays successful logins to TIBCO ActiveMatrix Administrator to ensure only authorized personnel have access. | APO01.02, APO07.01, DSS05.04, DSS05.02, BAI10.04, BAI10.05, BAI02.05 |
| 380 | Not Applicable | COBIT_TIBCO_Spotfire_Failed_Logins | Failed logins to the TIBCO Spotfire. | APO07.01, DSS05.04 |
| 381 | Not Applicable | COBIT_TIBCO_Spotfire_Group_Members_Deleted | Displays all accounts deleted to groups to ensure appropriate access. | APO01.06, DSS02.03, DSS05.05, BAI10.04, BAI10.05, BAI02.05 |
| 382 | Not Applicable | COBIT_TIBCO_Spotfire_Password_Changes | Displays all password change activities on TIBCO Spotfire to ensure authorized and appropriate access. | DSS05.04 |
| 383 | Not Applicable | COBIT_TIBCO_Spotfire_Successful_Logins | Successful logins to the TIBCO Spotfire. | APO01.02, APO07.01, DSS05.04, DSS05.02, BAI10.04, BAI10.05, BAI02.05 |
| 384 | Not Applicable | COBIT_TIBCO_Spotfire_User_Permission_Change | A permission role has been added, changed, removed, or applied to a user on TIBCO Spotfire server. | APO01.02, APO07.01, BAI03.05, BAI03.01, BAI03.02, BAI03.02, BAI03.05, DSS05.04, DSS05.04 |
| 385 | COBIT: TrendMicro Control
Manager: Attacks Detected |
COBIT_TrendMicro_Control_Manager_Attacks_Detected | Displays attacks detected by TrendMicro Control Manager. | DSS05.02 |
| 386 | COBIT: TrendMicro Control
Manager: Attacks Detected by Threat Name |
COBIT_TrendMicro_Control_Manager_Attacks_Detected_by_Threat_Name | Displays attacks detected by TrendMicro Control Manager by threat name. | DSS05.02 |
| 387 | COBIT: TrendMicro OfficeScan:
Attacks Detected |
COBIT_TrendMicro_OfficeScan_Attacks_Detected | Displays attacks detected by TrendMicro OfficeScan. | DSS05.02 |
| 388 | COBIT: TrendMicro OfficeScan:
Attacks Detected by Threat Name |
COBIT_TrendMicro_OfficeScan_Attacks_Detected_by_Threat_Name | Displays attacks detected by TrendMicro OfficeScan by threat name. | DSS05.02 |
| 389 | COBIT: Tripwire Modifications, Additions, and Deletions |
COBIT_Tripwire_Modifications_Additions_and_Deletions | Displays system modifications, additions, and deletions detected by Tripwire. | APO01.06, DSS02.03, DSS05.05, BAI10.04, BAI10.05, BAI02.05 |
| 390 | COBIT: Trusted Domain Created on Windows Servers | COBIT_Trusted_Domain_Created_on_Windows_Servers | Displays all trusted domains created on Windows servers to ensure authorized and appropriate access. | DSS02.03, BAI06.01, BAI06.02, BAI06.03, BAI06.04 |
| 391 | COBIT: Trusted Domain Deleted on Windows Servers |
COBIT_Trusted_Domain_Deleted_on_Windows_Servers | Displays all trusted domains deleted on Windows servers to ensure authorized and appropriate access. | DSS02.03, BAI06.01, BAI06.02, BAI06.03, BAI06.04 |
| 392 | COBIT: Unauthorized Logins | Not Applicable | Displays all logins from unauthorized users to ensure appropriate access to data. | APO01.02, DSS05.04 |
| 393 | COBIT: Unencrypted Logins | Not Applicable | Displays all unencrypted logins to ensure secure access to data. | APO01.02, APO07.01, DSS05.04, DSS05.02, BAI10.04, BAI10.05, BAI02.05 |
| 394 | COBIT: Unencrypted Network Services - Check Point | COBIT_Unencrypted_Network_Services_Check_Point | Displays Check Point firewall traffic containing unencrypted network services. | DSS05.02, DSS06.05 |
| 395 | COBIT: Unencrypted Network Services - Cisco ASA | COBIT_Unencrypted_Network_Services_Cisco_ASA | Displays Cisco ASA firewall traffic containing unencrypted network services. | DSS05.02, DSS06.05 |
| 396 | COBIT: Unencrypted Network Services - Cisco FWSM | COBIT_Unencrypted_Network_Services_Cisco_FWSM | Displays Cisco FWSM firewall traffic containing unencrypted network services. | DSS05.02, DSS06.05 |
| 397 | COBIT: Unencrypted Network Services - Cisco IOS | COBIT_Unencrypted_Network_Services_Cisco_IOS | Displays Cisco IOS firewall traffic containing unencrypted network services. | DSS05.02, DSS06.05 |
| 398 | COBIT: Unencrypted Network Services - Cisco Netflow | COBIT_Unencrypted_Network_Services_Cisco_Netflow | Displays Cisco Netflow traffic containing unencrypted network services. | DSS05.02, DSS06.05 |
| 399 | COBIT: Unencrypted Network Services - F5 BIG-IP TMOS | COBIT_Unencrypted_Network_Services_F5_BIG-IP_TMOS | Displays F5 BIG-IP TMOS firewall traffic containing unencrypted network services. | DSS05.02, DSS06.05 |
| 400 | COBIT: Unencrypted Network Services - Fortinet | COBIT_Unencrypted_Network_Services_Fortinet | Displays Fortinet firewall traffic containing unencrypted network services. | DSS05.02, DSS06.05 |
| 401 | COBIT: Unencrypted Network Services - Juniper JunOS | COBIT_Unencrypted_Network_Services_Juniper_JunOS | Displays Juniper JunOS firewall traffic containing unencrypted network services. | DSS05.02, DSS06.05 |
| 402 | COBIT: Unencrypted Network Services - Nortel | Not Applicable | Displays Nortel firewall traffic containing unencrypted network services. | DSS05.02, DSS06.05 |
| 403 | COBIT: Unencrypted Network Services - PANOS | COBIT_Unencrypted_Network_Services_PANOS | Displays Palo Alto Networks firewall traffic containing unencrypted network services. | DSS05.02, DSS06.05 |
| 404 | COBIT: UNIX Failed Logins | COBIT_UNIX_Failed_Logins | Displays failed UNIX logins for known and unknown users. | APO07.01, DSS05.04 |
| 405 | COBIT: Users Created on Servers | Not Applicable | Displays all users created on servers to ensure authorized and appropriate access. | DSS05.04 |
| 406 | COBIT: Users Removed from Servers | Not Applicable | Displays all users removed from servers to ensure timely removal of terminated users. | APO07.01, DSS05.04 |
| 407 | COBIT: Users Using the Proxies | Not Applicable | Displays users who have been surfing the web through the proxy servers. | DSS05.02 |
| 408 | COBIT: Users Using the Proxies - Blue Coat | COBIT_Users_Using_the_Proxies_Blue_Coat | Displays users who have been surfing the web through the proxy servers on Blue Coat. | DSS05.02 |
| 409 | COBIT: Users Using the Proxies - Cisco WSA | COBIT_Users_Using_the_Proxies_Cisco_WSA | Displays users who have been surfing the web through the proxy servers on Cisco WSA. | DSS05.02 |
| 410 | COBIT: Users Using the Proxies - Microsoft IIS | Not Applicable | Displays users who have been surfing the web through the proxy servers on Microsoft IIS. | DSS05.02 |
| 411 | COBIT: vCenter Change Attributes | COBIT_vCenter_Change_Attributes | Modification of VMware vCenter and VMware ESX properties. | BAI10.04, BAI10.05, BAI02.05 |
| 412 | COBIT: vCenter Datastore Events | COBIT_vCenter_Datastore_Events | Displays create, modify, and delete datastore events on VMware vCenter. | DSS04.01, DSS04.02, APO13.02, DSS05.04 |
| 413 | COBIT: vCenter Data Move | COBIT_vCenter_Data_Move | Entity has been moved within the VMware vCenter infrastructure. | DSS04.01, DSS04.02, APO13.02, DSS05.04 |
| 414 | COBIT: vCenter Failed Logins | COBIT_vCenter_Failed_Logins | Failed logins to the VMware vCenter console. | APO07.01, DSS05.04 |
| 415 | COBIT: vCenter Modify Firewall Policy | COBIT_vCenter_Modify_Firewall_Policy | Displays changes to the VMware ESX allowed services firewall policy. | BAI10.04, BAI10.05, BAI02.05 |
| 416 | COBIT: vCenter Restart ESX Services | COBIT_vCenter_Restart_ESX_Services | VMware vCenter restarted services running on VMware ESX Server. | BAI03.05, BAI10.04, BAI10.05, BAI02.05 |
| 417 | COBIT: vCenter Resource Usage Change | COBIT_vCenter_Resource_Usage_Change | Resources have changed on VMware vCenter. | BAI10.04, BAI10.05, BAI02.05 |
| 418 | COBIT: vCenter Shutdown or Restart of ESX Server |
COBIT_vCenter_Shutdown_or_Restart_of_ESX_Server | VMware ESX Server is shutdown or restarted from VMware vCenter console. | DSS03.10, AI6, APO09.05, APO10.05, BAI04.04 |
| 419 | COBIT: vCenter Successful Logins | COBIT_vCenter_Successful_Logins | Successful logins to the VMware vCenter console. | APO01.02, APO07.01, DSS05.04, DSS05.02, BAI10.04, BAI10.05, BAI02.05 |
| 420 | COBIT: vCenter User Permission Change | COBIT_vCenter_User_Permission_Change | A permission role has been added, changed, removed, or applied to a user on VMware vCenter server. | BAI03.05, BAI03.01, BAI03.02, BAI03.02, BAI03.05, APO01.02, DSS05.04, DSS05.04 |
| 421 | COBIT: vCenter Virtual Machine Created | COBIT_vCenter_Virtual_Machine_Created | Virtual machine has been created from VMware vCenter console. | APO01.02, BAI03.05, BAI03.05, BAI03.01, BAI03.02, BAI03.02, BAI03.05, DSS02.03, DSS03.10, AI6, BAI10.04, BAI10.05, BAI02.05 |
| 422 | COBIT: vCenter Virtual Machine Deleted | COBIT_vCenter_Virtual_Machine_Deleted | Virtual machine has been deleted or removed from VMware vCenter console. | APO01.02, BAI03.05, BAI03.05, BAI03.01, BAI03.02, BAI03.02, BAI03.05, DSS02.03, DSS03.10, AI6, BAI10.04, BAI10.05, BAI02.05 |
| 423 | COBIT: vCenter Virtual Machine Shutdown | COBIT_vCenter_Virtual_Machine_Shutdown | Virtual machine has been shutdown or paused from VMware vCenter console. | DSS03.10, AI6, APO09.05, APO10.05, BAI04.04 |
| 424 | COBIT: vCenter Virtual Machine Started | COBIT_vCenter_Virtual_Machine_Started | Virtual machine has been started or resumed from VMware vCenter console. | DSS03.10, AI6, APO09.05, APO10.05, BAI04.04 |
| 425 | COBIT: vCenter vSwitch Added, Changed or Removed | COBIT_vCenter_vSwitch_Added_Changed_or_Removed | vSwitch on VMware ESX server has been added, modified or removed from the VMware vCenter console. | BAI10.04, BAI10.05, BAI02.05 |
| 426 | COBIT: VPN Connection Average Bandwidth | Not Applicable | Displays the average bandwidth for VPN connections. | BAI04.04 |
| 427 | COBIT: VPN Connections by Users | Not Applicable | Displays users who are made the most connections. | DSS05.02 |
| 428 | COBIT: VPN Connection Average Duration | Not Applicable | Displays the average duration of VPN connections. | BAI04.04 |
| 429 | COBIT: VPN Connection Disconnect Reasons | Not Applicable | Displays the disconnect reasons for VPN connections. | BAI04.04 |
| 430 | COBIT: VPN Denied Connections by Users | Not Applicable | Displays users with the most denied connections. | DSS05.02 |
| 431 | COBIT: VPN Sessions by Destination IPs | Not Applicable | Displays all VPN sessions categorized by destination IP addresses. | DSS05.02 |
| 432 | COBIT: VPN Sessions by Source Ips | Not Applicable | Displays all VPN sessions categorized by source IP addresses. | DSS05.02 |
| 433 | COBIT: VPN Sessions by Users | Not Applicable | Displays all VPN sessions categorized by authenticated users. | DSS05.02 |
| 434 | COBIT: VPN Users Accessing Corporate Network | Not Applicable | Displays all users logging into the corporate network via Virtual Private Network to ensure appropriate access. | DSS05.04 |
| 435 | COBIT: Web Access from All Users | Not Applicable | Displays all web-based access by all users for regular reviews and updates. | DSS05.02 |
| 436 | COBIT: Web Access from All Users - F5 BIG-IP TMOS |
COBIT_Web_Access_from_All_Users_F5_BIG-IP_TMOS | Displays all web-based access by all users for regular reviews and updates on F5 BIG-IP TMOS. | DSS05.02 |
| 437 | COBIT: Web Access from All Users - Microsoft IIS | Not Applicable | Displays all web-based access by all users for regular reviews and updates on Microsoft IIS. | DSS05.02 |
| 438 | COBIT: Web Access from All Users - PANOS | COBIT_Web_Access_from_All_Users_PANOS | Displays all web-based access by all users for regular reviews and updates on Palo Alto Networks. | DSS05.02 |
| 439 | COBIT: Web Access from All Users - Fortinet | COBIT_Web_Access_from_All_Users_Fortinet | Displays all web-based access by all users for regular reviews and updates on Fortinet. | DSS05.02 |
| 440 | COBIT: Web Access to Applications | Not Applicable | Displays all web-based access to applications to ensure appropriate and authorized access. | DSS05.02 |
| 441 | COBIT: Web Access to Applications - F5 BIG-IP TMOS | COBIT_Web_Access_to_Applications_F5_BIG-IP_TMOS | Displays all web-based access to applications to ensure appropriate and authorized access on F5 BIG-IP TMOS. | DSS05.02 |
| 442 | COBIT: Web Access to Applications - Microsoft IIS | Not Applicable | Displays all web-based access to applications to ensure appropriate andauthorized access on Microsoft IIS. | DSS05.02 |
| 443 | COBIT: Web Access to Applications - PANOS | COBIT_Web_Access_to_Applications_PANOS | Displays all web-based access to applications to ensure appropriate andauthorized access on Palo Alto Networks. | DSS05.02 |
| 444 | COBIT: Web Access to Applications - Fortinet | COBIT_Web_Access_to_Applications_Fortinet | Displays all web-based access to applications to ensure appropriate and authorized access on Fortinet. | DSS05.02 |
| 445 | COBIT: Web URLs Visited | Not Applicable | Displays URLs that have been visited. | DSS05.02 |
| 446 | COBIT: Web URLs Visited - F5 BIG-IP TMOS | COBIT_Web_URLs_Visited_F5_BIG-IP_TMOS | Displays URLs that have been visited onF5 BIG-IP TMOS. | DSS05.02 |
| 447 | COBIT: Web URLs Visited - Microsoft IIS | Not Applicable | Displays URLs that have been visited on Microsoft IIS. | DSS05.02 |
| 448 | COBIT: Web URLs Visited - PANOS | COBIT_Web_URLs_Visited_PANOS | Displays URLs that have been visited on Palo Alto Networks. | DSS05.02 |
| 449 | COBIT: Web URLs Visited - Fortinet | COBIT_Web_URLs_Visited_Fortinet | Displays URLs that have been visited on Fortinet. | DSS05.02 |
| 450 | COBIT: Web URLs Visited via Proxy | Not Applicable | Displays URLs that have been visited via a proxy server. | DSS05.02 |
| 451 | COBIT: Web URLs Visited via Proxy - Blue Coat |
COBIT_Web_URLs_Visited_via_Proxy_Blue_Coat | Displays URLs that have been visited via a proxy server on Blue Coat. | DSS05.02 |
| 452 | COBIT: Web URLs Visited via Proxy - Cisco WSA |
COBIT_Web_URLs_Visited_via_Proxy_Cisco_WSA | Displays URLs that have been visited via a proxy server on Cisco WSA. | DSS05.02 |
| 453 | COBIT: Web URLs Visited via Proxy - Microsoft IIS |
Not Applicable | Displays URLs that have been visited via a proxy server on Microsoft IIS. | DSS05.02 |
| 454 | COBIT: Windows Accounts Enabled | COBIT_Windows_Accounts_Enabled | Displays all accounts enabled on Windows servers to ensure authorized and appropriate access. | DSS05.04 |
| 455 | COBIT: Windows Audit Logs Cleared | COBIT_Windows_Audit_Logs_Cleared | Displays all audit logs clearing activities on Windows servers to detect access violations or unusual activity. | DSS01.03 |
| 456 | COBIT: Windows Events by Users | COBIT_Windows_Events_by_Users | Displays a summary of access-related Windows events by source and target users. | DSS05.04 |
| 457 | COBIT: Windows Events Summary | COBIT_Windows_Events_Summary | Displays summary of all failed access-related Windows events. | APO09.05, BAI04.04 |
| 458 | COBIT: Windows Group Members Added | COBIT_Windows_Group_Members_Added | Displays all accounts added to groups on the Windows servers to ensure appropriate access. | DSS05.04 |
| 459 | COBIT: Windows Group Members Deleted | COBIT_Windows_Group_Members_Deleted | Displays all accounts removed from groups on the Windows servers to ensure appropriate access. | APO07.01, DSS05.04 |
| 460 | COBIT: Windows New Services Installed | COBIT_Windows_New_Services_Installed | Displays a list of new services installed on Windows servers to ensure authorized access. | BAI03.05, DSS03.10, BAI06.01, BAI06.02, BAI06.03, BAI06.04 |
| 461 | COBIT: Windows Programs Accessed | COBIT_Windows_Programs_Accessed | Displays all programs started and stopped on servers to ensure appropriate access. | DSS05.04, BAI10.04, BAI10.05, BAI02.05 |
| 462 | COBIT: Windows Servers Restarted | COBIT_Windows_Servers_Restarted | Displays all Windows server restart activities to detect unusual activities. | DSS03.10, BAI06.01, BAI06.02, BAI06.03, BAI06.04, APO09.05, APO10.05, BAI04.04 |
| 463 | COBIT: Windows Software
Update Activities |
COBIT_Windows_Software_Update_Activities | Displays all events related to the system's software or patch update. | DSS03.10, BAI06.01, BAI06.02, BAI06.03, BAI06.04 |
| 464 | COBIT: Windows Software Update Failures |
COBIT_Windows_Software_Update_Failures | Displays all failed events related to the system's software or patch update. | DSS03.10, BAI06.01, BAI06.02, BAI06.03, BAI06.04 |
| 465 | COBIT: Windows Software
Update Successes |
COBIT_Windows_Software_Update_Successes | Displays all successful events related to the system's software or patch update. | DSS03.10, BAI06.01, BAI06.02, BAI06.03, BAI06.04 |