Reporting

Documentation for PCI events?

patricktownsend
New Member

Hello,

Have searched community forum and developer area but haven't found resources for this. Is there documentation on how to create events that will be indexed into the Splunk PCI reports? The PCI reports are arranged in multiple sections and I would like to send events to the appropriate section. I imagine that there are name/value tags that can be used for this, but need some guidance. A pointer to documentation would be appreciated!

Thanks,
Patrick

Tags (1)
0 Karma
1 Solution

ChrisG
Splunk Employee
Splunk Employee

If you are using the Splunk App for PCI Compliance, the Installation and Configuration Manual contains instructions for each report that explain what data to index, how to map the data to the relevant Common Information Model fields, configure the report columns, and so on. See Reports in the Splunk App for PCI Compliance as the starting place.

View solution in original post

0 Karma

ChrisG
Splunk Employee
Splunk Employee

If you are using the Splunk App for PCI Compliance, the Installation and Configuration Manual contains instructions for each report that explain what data to index, how to map the data to the relevant Common Information Model fields, configure the report columns, and so on. See Reports in the Splunk App for PCI Compliance as the starting place.

0 Karma

patricktownsend
New Member

Thanks Chris, this is the reference I needed. I will need to spend some time understanding the Common Information Model fields.

0 Karma

woodcock
Esteemed Legend

Are you using the free or paid app?

0 Karma

patricktownsend
New Member

Splunk Enterprise - paid app.

0 Karma
Get Updates on the Splunk Community!

Earn a $35 Gift Card for Answering our Splunk Admins & App Developer Survey

Survey for Splunk Admins and App Developers is open now! | Earn a $35 gift card!      Hello there,  Splunk ...

Continuing Innovation & New Integrations Unlock Full Stack Observability For Your ...

You’ve probably heard the latest about AppDynamics joining the Splunk Observability portfolio, deepening our ...

Monitoring Amazon Elastic Kubernetes Service (EKS)

As we’ve seen, integrating Kubernetes environments with Splunk Observability Cloud is a quick and easy way to ...