PCI Requirement 10.3 – Record at Least the Following Audit Trail Entries for All System Components for Each Event
Who, What, Where, When, and How Where PCI Requirement 10.2 talked about what events should cause a log to be created, PCI Requirement 10.3 defines what information a log should contain. It requires that organizations record at least the following audit trail entries for all system components for each event: User identification Type of event Date and time Success or failure indication Origination of event Identity or name of…