Skip to main content

💼 10.6.1 Review security events and critical system component logs at least daily.

ID: /frameworks/pci-dss-v3.2.1/10/06/01

Description

Including the following:

All security events
Logs of all system components that store, process, or transmit CHD and/or SAD
Logs of all critical system components
Logs of all servers and system components that perform security functions (for example, firewalls, intrusion-detection systems/intrusion-prevention systems (IDS/IPS), authentication servers, e-commerce redirection servers, etc.)

Similar

Sections
- /frameworks/pci-dss-v4.0/10/04/01/01
- /frameworks/pci-dss-v4.0/10/04/01
- /frameworks/pci-dss-v4.0/10/04/02/01
Internal
- ID: dec-c-d77d385a

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 PCI DSS v4.0 → 💼 10.4.1 The audit logs are reviewed at least once daily.	1		2		no data
💼 PCI DSS v4.0 → 💼 10.4.1.1 Automated mechanisms are used to perform audit log reviews.			2		no data
💼 PCI DSS v4.0 → 💼 10.4.2.1 The frequency of periodic log reviews for all other system components is defined in the entity's targeted risk analysis.			2		no data

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 PCI DSS v4.0 → 💼 10.4.1 The audit logs are reviewed at least once daily.	1		2		no data
💼 PCI DSS v4.0 → 💼 10.4.1.1 Automated mechanisms are used to perform audit log reviews.			2		no data
💼 PCI DSS v4.0 → 💼 10.4.2.1 The frequency of periodic log reviews for all other system components is defined in the entity's targeted risk analysis.			2		no data

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance

Policies (2)

Policy	Logic Count	Flags	Compliance
🛡️ Google Cloud Audit Logging is not configured properly🟢	1	🟢 x6	no data
🛡️ Google GCE Network DNS Policy Logging is not enabled🟢	1	🟢 x6	no data

Description
Similar
Similar Sections (Take Policies From)
Similar Sections (Give Policies To)
Sub Sections
Policies (2)