Eleos | Home

Logging and Monitoring (LOG)

Security Monitoring and Alerting

Level N/A

Identify and monitor security-related events within applications and the underlying infrastructure. Define and implement a system to generate alerts to responsible stakeholders based on such events and corresponding metrics.

Parent

Compliance Framework

CCM v4.0.10

Control Number

LOG-03

Related

Compliance Framework

CIS v8.0

NIST 800-53 Rev 5

NIST CSF v1.1

Secure Controls Framework 2023.4

Control Number

8.5

AU-5

AU-5(2)

AU-13

DE.AE-1

DE.AE-2

DE.AE-3

DE.AE-5

DE.CM-1

DE.CM-2

DE.CM-3

DE.CM-4

DE.CM-5

DE.CM-6

DE.CM-7

DE.DP-1

DE.DP-4

DE.AE-4

MON-01.2

MON-01.4

MON-01.8

MON-01.12

MON-02

MON-02.1

MON-02.2

MON-02.7

Solutions
Community

Logging and Monitoring (LOG)

Audit Logs Access and Accountability

Level N/A

Restrict audit logs access to authorized personnel and maintain records that provide unique access accountability.

Parent

Compliance Framework

CCM v4.0.10

Control Number

LOG-04

Related

Compliance Framework

CIS v8.0

NIST 800-53 Rev 5

NIST CSF v1.1

Secure Controls Framework 2023.4

Control Number

3.14

AU-9

AU-9(4)

AU-9(6)

AU-10

PR.AC-1

PR.AC-4

MON-08.2

MON-08.3

MON-10

Solutions
Community

Logging and Monitoring (LOG)

Audit Logs Monitoring and Response

Level N/A

Monitor security audit logs to detect activity outside of typical or expected patterns. Establish and follow a defined process to review and take appropriate and timely actions on detected anomalies.

Parent

Compliance Framework

CCM v4.0.10

Control Number

LOG-05

Related

Compliance Framework

CIS v8.0

NIST 800-53 Rev 5

NIST CSF v1.1

Secure Controls Framework 2023.4

Control Number

8.8

8.11

AU-6

AU-6(1)

AU-6(5)

DE.AE-3

PR.PT-1

RS.AN-1

DE.AE-1

DE.AE-5

DE.DP-4

MON-01.13

MON-16

IRO-01

IRO-02

IRO-04

SAT-03.2

Solutions
Community

Logging and Monitoring (LOG)

Clock Synchronization

Level N/A

Use a reliable time source across all relevant information processing systems.

Parent

Compliance Framework

CCM v4.0.10

Control Number

LOG-06

Related

Compliance Framework

CIS v8.0

NIST 800-53 Rev 5

Secure Controls Framework 2023.4

Control Number

8.4

AU-8

MON-07

MON-07.1

Solutions
Community

Logging and Monitoring (LOG)

Logging Scope

Level N/A

Establish, document and implement which information meta/data system events should be logged. Review and update the scope at least annually or whenever there is a change in the threat environment.

Parent

Compliance Framework

CCM v4.0.10

Control Number

LOG-07

Related

Compliance Framework

CIS v8.0

NIST 800-53 Rev 5

NIST CSF v1.1

Secure Controls Framework 2023.4

Control Number

8.1

AU-1

AU-14

AU-16

ID.SC-3

ID.SC-4

PR.PT-1

ID.GV-1

MON-01

Solutions
Community

Logging and Monitoring (LOG)

Log Records

Level N/A

Generate audit records containing relevant security information.

Parent

Compliance Framework

CCM v4.0.10

Control Number

LOG-08

Related

Compliance Framework

CIS v8.0

NIST 800-53 Rev 5

NIST CSF v1.1

Secure Controls Framework 2023.4

Control Number

8.2

AU-3

AU-3(1)

AU-3(3)

AU-6

AU-6(8)

AU-12

AU-12(1)

AU-12(2)

AU-12(3)

PR.PT-1

DE.AE-3

DE.CM-1

DE.CM-2

DE.CM-3

DE.CM-6

DE.CM-7

MON-03

Solutions
Community

Logging and Monitoring (LOG)

Log Protection

Level N/A

The information system protects audit records from unauthorized access, modification, and deletion.

Parent

Compliance Framework

CCM v4.0.10

Control Number

LOG-09

Related

Compliance Framework

NIST 800-53 Rev 5

NIST CSF v1.1

Secure Controls Framework 2023.4

Control Number

AU-9

AU-9(2)

AU-9(3)

AU-9(4)

AU-12(3)

PR.AC-4

PR.IP-4

PR.IP-6

PR.PT-1

PR.DS-1

PR.DS-6

MON-02.5

MON-02.8

MON-08

MON-08.1

MON-08.3

MON-10

Solutions
Community

Logging and Monitoring (LOG)

Encryption Monitoring and Reporting

Level N/A

Establish and maintain a monitoring and internal reporting capability over the operations of cryptographic, encryption and key management policies, processes, procedures, and controls.

Parent

Compliance Framework

CCM v4.0.10

Control Number

LOG-10

Related

Compliance Framework

NIST 800-53 Rev 5

NIST CSF v1.1

Secure Controls Framework 2023.4

Control Number

AU-1