RSA Admin

PCI "Daily Review" Reports?

Discussion created by RSA Admin Employee on Jul 11, 2008
Latest reply on Jul 21, 2008 by RSA Admin

Hi all,

 

I'm new to this forum, so I apologize is this has been covered, but I was unable to find anything via a search.

 

I am looking for some guidance on what reports organizations are using to satisfy the PCI "Daily log review" requirement.  I have gone through the canned PCI reports and found most of them add very little value...in fact many are missing some critical fields that I have been adding to custom reports.  We will be experiencing our first PCI audit in the coming months and I am just trying to understand specifically what others are viewing to satisfy this requirement.  I can come up with lots of useful reports from a security standpoint, but the reality is that the sheer volume will prohibit effective remediation, so I am planning a phased approach to those: my immediate goal is compliance, security will take time.

 

Sorry for the long winded description and thanks in advance for any help/advice you can offer.

 

Thanks! 

 

-Adam 

Outcomes