💼 10.6.1 Review security events and critical system component logs at least daily.

• Contextual name: 💼 10.6.1 Review security events and critical system component logs at least daily.

• ID: /frameworks/pci-dss-v3.2.1/10/06/01

• Located in: 💼 10.6 Review logs and security events for all system components to identify anomalies or suspicious activity.

Description

Including the following:

• All security events
• Logs of all system components that store, process, or transmit CHD and/or SAD
• Logs of all critical system components
• Logs of all servers and system components that perform security functions (for example, firewalls, intrusion-detection systems/intrusion-prevention systems (IDS/IPS), authentication servers, e-commerce redirection servers, etc.)

Similar

• Sections
  • /frameworks/pci-dss-v4.0/10/04/01/01
  • /frameworks/pci-dss-v4.0/10/04/01
  • /frameworks/pci-dss-v4.0/10/04/02/01
• Internal
  • ID: dec-c-d77d385a

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 PCI DSS v4.0 → 💼 10.4.1 The audit logs are reviewed at least once daily.	1		2
💼 PCI DSS v4.0 → 💼 10.4.1.1 Automated mechanisms are used to perform audit log reviews.			2
💼 PCI DSS v4.0 → 💼 10.4.2.1 The frequency of periodic log reviews for all other system components is defined in the entity's targeted risk analysis.			2

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 PCI DSS v4.0 → 💼 10.4.1 The audit logs are reviewed at least once daily.	1		2
💼 PCI DSS v4.0 → 💼 10.4.1.1 Automated mechanisms are used to perform audit log reviews.			2
💼 PCI DSS v4.0 → 💼 10.4.2.1 The frequency of periodic log reviews for all other system components is defined in the entity's targeted risk analysis.			2

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags

Policies (2)

Policy	Logic Count	Flags
📝 Google Cloud Audit Logging is not configured properly 🟢	1	🟢 x6
📝 Google GCE Network DNS Policy Logging is not enabled 🟢	1	🟢 x6