Hi,
Just wanna ask if splunk has the ability to backup audit trailes to a centralized log server or media as indicated in pci dss 10.5.3?? Please someone reponse to my query. Thanks!
We are currently working on PCI Compliance project and need to monitor the Azure Data Logs. What app would you recommend to do this?
Would it be
1. Splunk add-on for Cloud Services - https://s...
We are implementing the Splunk PCI app and the indexer is supposed to be in PCI app and report to the PCI app.
However, in the PCIassetlogging report we see that the indexer is not reporting....
We need to propose PCI Compliance app on Splunk for one of our customer. I would like to ask you how to do logs sizing PCI app, what kinds of data sources require PCI compliance?
...iff between what hosts I have in the asset list verses everything that is logging. Here is my attempt so far:
[| metadata type=hosts
| eval "Last Logged Date"=strftime(recentTime, "%+")
| e...
Hi,
Does splunk log all audit information relating to requirement 10.2 in PCI DSS (Successful and Failed access to splunk, initialization of logs etc.. )
Our auditor wants to see all this a...
Wanted to check how the asset and identity lists that PCI need are different from the ES app. Does PCI need them in a different format, different fields? What are the critical fields that PCI need i...
How do I reduce the number of log messages and maintain PCI compliant auditing? The audit.rules generates too much data. The rules audit more than 50 system calls and can swamp my log server. T...
We are creating assets inventory using different logs in Splunk.
For this purpose, we first created list of “nt_host” and “owner” using Cisco ISE:
index=iseindex….. |table nt_host owner” | d...
Need a query to find credit card numbers in events. Please help. I have run queries but they don't seem to be right.
This one is for Master Card, but I need one for OVERALL credit card numbers. t...