💼 AU-7 Audit Record Reduction and Report Generation (M)(H)

Contextual name: 💼 AU-7 Audit Record Reduction and Report Generation (M)(H)
ID: /frameworks/fedramp-high-security-controls/au/07
Located in: 💼 Audit and Accountability

Description

Provide and implement an audit record reduction and report generation capability that:

a. Supports on-demand audit record review, analysis, and reporting requirements and after-the-fact investigations of incidents; and

b. Does not alter the original content or time ordering of audit records.

Similar

Sections
- /frameworks/nist-sp-800-53-r5/au/07
Internal
- ID: dec-c-145729e5

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 NIST SP 800-53 Revision 5 → 💼 AU-7 Audit Record Reduction and Report Generation	2	1	18

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 FedRAMP Moderate Security Controls → 💼 AU-7 Audit Record Reduction and Report Generation (M)(H)	1		18

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags
💼 AU-7(1) Automatic Processing (M)(H)			1

Policies (17)

Policy	Logic Count	Flags
📝 Google Cloud Audit Logging is not configured properly 🟢	1	🟢 x6
📝 Google Cloud PostgreSQL Instance `Log_error_verbosity` Database Flag is not set to DEFAULT or stricter 🟢	1	🟢 x6
📝 Google Cloud PostgreSQL Instance Log_connections Database Flag is not set to On 🟢	1	🟢 x6
📝 Google Cloud PostgreSQL Instance Log_disconnections Database Flag is not set to On 🟢	1	🟢 x6
📝 Google Cloud PostgreSQL Instance Log_min_error_statement Database Flag is not set to Error or stricter 🟢	1	🟢 x6
📝 Google Cloud PostgreSQL Instance Log_min_messages Database Flag is not set at minimum to Warning 🟢	1	🟢 x6
📝 Google Cloud PostgreSQL Instance Log_statement Database Flag is not set appropriately 🟢	1	🟢 x6
📝 Google GCE Network DNS Policy Logging is not enabled 🟢	1	🟢 x6
📝 Google HTTP(S) Load Balancer Logging is not enabled 🟢	1	🟢 x6
📝 Google Logging Log Metric Filter and Alerts for Audit Configuration Changes do not exist 🟢	1	🟢 x6
📝 Google Logging Log Metric Filter and Alerts for Custom Role Changes do not exist 🟢	1	🟢 x6
📝 Google Logging Log Metric Filter and Alerts for Project Ownership Assignments Changes do not exist 🟢	1	🟢 x6
📝 Google Logging Log Metric Filter and Alerts for SQL Instance Configuration Changes do not exist 🟢	1	🟢 x6
📝 Google Logging Log Metric Filter and Alerts for VPC Network Changes do not exist 🟢	1	🟢 x6
📝 Google Logging Log Metric Filter and Alerts for VPC Network Firewall Rule Changes do not exist 🟢	1	🟢 x6
📝 Google Logging Log Metric Filter and Alerts for VPC Network Route Changes do not exist 🟢	1	🟢 x6
📝 Google Logging Log Sink for All Log Entries is not configured 🟢	1	🟢 x6

Description​

Similar​

Similar Sections (Take Policies From)​

Similar Sections (Give Policies To)​

Sub Sections​

Policies (17)​