Blog

PCI Requirement 10.3.2 – Type of Event

by Randy Bartels / December 20, 2022

What Type of Event Occurred? PCI Requirement 10.3 defines what information logs should contain. PCI Requirement 10.3.2, a part of PCI Requirement 10.3, relates to detailing which types of events go into logs. To comply with PCI Requirement 10.3.2, every log that’s generated must contain the type of event that happened during that log event. By doing so, an organization can always identify what type of event occurred and…

PCI Requirement 10.3.1 – User Identification

by Randy Bartels / December 20, 2022

Who Did What? Where PCI Requirement 10.2 talked about what events should cause a log to be created, PCI Requirement 10.3 defines what information a log should contain. One sub-requirement of PCI Requirement 10.3 relates to user identification in logging. To comply with PCI Requirement 10.3.1, user identification must be included in all log entries. By doing so, an organization can always identify which person performed which action. This…

PCI Requirement 10.3 – Record at Least the Following Audit Trail Entries for All System Components for Each Event

by Randy Bartels / December 20, 2022

Who, What, Where, When, and How Where PCI Requirement 10.2 talked about what events should cause a log to be created, PCI Requirement 10.3 defines what information a log should contain. It requires that organizations record at least the following audit trail entries for all system components for each event: User identification Type of event Date and time Success or failure indication Origination of event Identity or name of…

PCI Requirement 10.2.7 – Creation and Deletion of System-Level Objects

by Randy Bartels / December 20, 2022

What is a System-Level Object? PCI Requirement 10.2.7 requires that audit trails can reconstruct the creation and deletion of system-level objects. The PCI SSC defines a system-level object as anything on a system component that is required for its operation, including but not limited to database tables, stored procedures, application executables and configuration files, system configuration files, static and shared libraries and DLLs, system executables, device drivers and device…

PCI Requirement 10.2.6 – Initialization, Stopping, or Pausing of the Audit Logs

by Randy Bartels / December 20, 2022

What Does the Initialization, Stopping, or Pausing of Audit Logs Indicate? Stopping or pausing audit logs prior to performing malicious activities is a common practice for users hoping to avoid detection, and initialization of audit logs could indicate that the log function was disabled by a user. This is why PCI Requirement 10.2.6 requires that audit trails can reconstruct the initialization, stopping, or pausing of audit logs. To demonstrate…

PCI Requirement 10.3.2 – Type of Event

PCI Requirement 10.3.1 – User Identification

PCI Requirement 10.3 – Record at Least the Following Audit Trail Entries for All System Components for Each Event

PCI Requirement 10.2.7 – Creation and Deletion of System-Level Objects

PCI Requirement 10.2.6 – Initialization, Stopping, or Pausing of the Audit Logs

Categories

Newsletter

Learn what you need to get started with our Audit Readiness Guide.

BLOG

PCI Requirement 10.3.2 – Type of Event

PCI Requirement 10.3.1 – User Identification

PCI Requirement 10.3 – Record at Least the Following Audit Trail Entries for All System Components for Each Event

PCI Requirement 10.2.7 – Creation and Deletion of System-Level Objects

PCI Requirement 10.2.6 – Initialization, Stopping, or Pausing of the Audit Logs

Categories

Newsletter

Our Cybersecurity Mission