Reports in the Splunk App for PCI Compliance

This section contains information on how to configure reports in the Splunk App for PCI Compliance to get correct data flowing into the app.

The Splunk App for PCI Compliance includes reports that you can configure for best results. For each report, there is a description, configuration information, and troubleshooting steps. Use the links in the table to go to the information for a specific report.

R1: Network Traffic	R2: Default Configurations	R3: Protect Data At Rest
Firewall Rule Activity Network Traffic Activity Prohibited Services	Default Account Access Insecure Authentication Attempts PCI System Inventory Primary Functions Prohibited Services System Misconfigurations Wireless Network Misconfigurations	Credit Card Data Found
R4: Protect Data in Motion	R5: Antimalware Protection	R6: Patch Update Protection
Credit Card Data Found	Endpoint Product Deployment Endpoint Product Versions Malware Activity Malware Signature Updates	Anomalous System Uptime Default Account Access Patch Service Status System Patch Status
R7: Access Monitoring	R8: Activity Accountability	R10: Cardholder Data Access
PCI Command History PCI Resource Access	Default Account Access PCI Resource Access	Endpoint Changes PCI Asset Logging PCI Resource Access Privileged User Activity System Time Synchronization
R11: Vulnerability Testing
Endpoint Changes Rogue Wireless Access Point Protection Vulnerability Scan Details IDS/IPS Alert Activity

Related answers from Splunk Community

Reports in the Splunk App for PCI Compliance

Comments

Was this topic useful?