Reports in the Splunk App for PCI Compliance

This section contains information on how to configure reports in the Splunk App for PCI Compliance to get correct data flowing into the app.

The Splunk App for PCI Compliance includes reports that you can configure for best results. For each report, there is a description, configuration information, and troubleshooting steps. Use the links in the table to go to the information for a specific report.


R1: Network Traffic	R2: Default Configurations	R3: Protect Data At Rest
R4: Protect Data in Motion	R5: Antimalware Protection	R6: Patch Update Protection
R7: Access Monitoring	R8: Activity Accountability	R10: Cardholder Data Access
R11: Vulnerability Testing
Firewall Rule Activity Network Traffic Activity Prohibited Services	Default Account Access Insecure Authentication Attempts PCI System Inventory Primary Functions Prohibited Services System Misconfigurations Wireless Network Misconfigurations	Credit Card Data Found
Credit Card Data Found	Endpoint Product Deployment Endpoint Product Versions Malware Activity Malware Signature Updates	Anomalous System Uptime Default Account Access Patch Service Status System Patch Status
PCI Command History PCI Resource Access	Default Account Access PCI Resource Access	Endpoint Changes PCI Asset Logging PCI Resource Access Privileged User Activity System Time Synchronization
Endpoint Changes Rogue Wireless Access Point Protection Vulnerability Scan Details IDS/IPS Alert Activity

Documentation

Reports in the Splunk App for PCI Compliance