💼 10.2.1 Audit logs are enabled and active for all system components and cardholder data.

• ID: /frameworks/pci-dss-v4.0.1/10/02/01

Description

Empty...

Similar

• Sections
  • /frameworks/pci-dss-v4.0/10/02/01
  • /frameworks/aws-fsbp-v1.0.0/ec2/51
  • /frameworks/aws-fsbp-v1.0.0/eks/08
  • /frameworks/aws-fsbp-v1.0.0/opensearch/05
  • /frameworks/aws-fsbp-v1.0.0/rds/09
  • /frameworks/aws-fsbp-v1.0.0/rds/34
  • /frameworks/aws-fsbp-v1.0.0/redshift/04
  • /frameworks/aws-fsbp-v1.0.0/s3/09

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [EC2.51] EC2 Client VPN endpoints should have client connection logging enabled					no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [EKS.8] EKS clusters should have audit logging enabled					no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [Opensearch.5] OpenSearch domains should have audit logging enabled					no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [RDS.9] RDS DB instances should publish logs to CloudWatch Logs					no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [RDS.34] Aurora MySQL DB clusters should publish audit logs to CloudWatch Logs					no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [Redshift.4] Amazon Redshift clusters should have audit logging enabled					no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [S3.9] S3 general purpose buckets should have server access logging enabled		1	2		no data
💼 PCI DSS v4.0 → 💼 10.2.1 Audit logs are enabled and active for all system components and cardholder data.	7	1	27		no data

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 PCI DSS v4.0 → 💼 10.2.1 Audit logs are enabled and active for all system components and cardholder data.	7	1	27		no data

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 10.2.1.1 Audit logs capture all individual user access to cardholder data.			14		no data
💼 10.2.1.2 Audit logs capture all actions taken by any individual with administrative access, including any interactive use of application or system accounts.			16		no data
💼 10.2.1.3 Audit logs capture all access to audit logs.			9		no data
💼 10.2.1.4 Audit logs capture all invalid logical access attempts.			14		no data
💼 10.2.1.5 Audit logs capture all changes to identification and authentication credentials.			16		no data
💼 10.2.1.6 Audit logs capture all initialization of new audit logs, starting, stopping, or pausing of the existing audit logs.			9		no data
💼 10.2.1.7 Audit logs capture all creation and deletion of system-level objects.			9		no data

Policies (20)

Policy	Logic Count	Flags	Compliance
🛡️ AWS CloudTrail S3 Bucket Access Logging is not enabled.🟢	1	🟢 x6	no data
🛡️ AWS S3 Bucket Server Access Logging is not enabled🟢	1	🟢 x6	no data
🛡️ Google Cloud Audit Logging is not configured properly🟢	1	🟢 x6	no data
🛡️ Google Cloud PostgreSQL Instance Log_error_verbosity Database Flag is not set to DEFAULT or stricter🟢	1	🟢 x6	no data
🛡️ Google Cloud PostgreSQL Instance Log_connections Database Flag is not set to On🟢	1	🟢 x6	no data
🛡️ Google Cloud PostgreSQL Instance Log_disconnections Database Flag is not set to On🟢	1	🟢 x6	no data
🛡️ Google Cloud PostgreSQL Instance Log_min_error_statement Database Flag is not set to Error or stricter🟢	1	🟢 x6	no data
🛡️ Google Cloud PostgreSQL Instance Log_min_messages Database Flag is not set at minimum to Warning🟢	1	🟢 x6	no data
🛡️ Google Cloud PostgreSQL Instance Log_statement Database Flag is not set appropriately🟢	1	🟢 x6	no data
🛡️ Google GCE Firewall Rule logging is disabled🟢	1	🟢 x6	no data
🛡️ Google GKE Cluster Monitoring is not enabled🟢	1	🟢 x6	no data
🛡️ Google HTTP(S) Load Balancer Logging is not enabled🟢	1	🟢 x6	no data
🛡️ Google Logging Log Metric Filter and Alerts for Audit Configuration Changes do not exist🟢	1	🟢 x6	no data
🛡️ Google Logging Log Metric Filter and Alerts for Custom Role Changes do not exist🟢	1	🟢 x6	no data
🛡️ Google Logging Log Metric Filter and Alerts for Project Ownership Assignments Changes do not exist🟢	1	🟢 x6	no data
🛡️ Google Logging Log Metric Filter and Alerts for SQL Instance Configuration Changes do not exist🟢	1	🟢 x6	no data
🛡️ Google Logging Log Metric Filter and Alerts for VPC Network Changes do not exist🟢	1	🟢 x6	no data
🛡️ Google Logging Log Metric Filter and Alerts for VPC Network Firewall Rule Changes do not exist🟢	1	🟢 x6	no data
🛡️ Google Logging Log Metric Filter and Alerts for VPC Network Route Changes do not exist🟢	1	🟢 x6	no data
🛡️ Google Logging Log Sink for All Log Entries is not configured🟢	1	🟢 x6	no data