Login
    Contents x
    Secure Logging and Monitoring
    • 21 Mar 2025
    • 1 Minute to read
    • Print
    • Dark
      Light
    Contents

    Secure Logging and Monitoring

    • Updated on 21 Mar 2025
    • 1 Minute to read
    • Print
    • Dark
      Light
    Article summary

    WHAT IS SECURE LOGGING AND MONITORING AND WHY IS IT IMPORTANT?

    The Security Logging and Monitoring dashboard reports on logs being collected for your assets, and if logs have been received from each asset within an organization specified number of days. This helps to ensure coverage (logs being received from all expected sources), and timeliness (logs have been received within some previous number of days).

    The collection and retention of log records is necessary input for the detection of anomalies and suspicious activities. Logs are also needed for forensic analysis of security events and incidents.

     

    CONTROLS THIS DASHBOARD REPORTS ON

    This dashboard reports on your organization’s level of compliance with these controls:

    NIST CSF v2.0: Subcategory PR.PS-04, Log records are generated and made available for continuous monitoring

    PCI-DSS v4.0.1: Requirement 10.2 Audit logs are implemented to support the detection of anomalies and suspicious activity, and the forensic analysis of events.

    CIS CSC v8.1: Control 8   Audit Log Management and, Safeguard 8.2 Collect Audit Logs


    PRIMARY KEY PERFORMANCE INDICATOR (KPI)

    The dashboard reports on this Primary KPI:

    Numerator: Number of assets successfully logged to DataBee in the last 7 (customer adjustable) days.

    Denominator: Number of assets (by hostname)

     

    COLUMNS DISPLAYED ON THE DETAIL DASHBOARD

    • Compliance Status
    • Is Logged In, Logged In Date
    • Hostname, IP, MAC, IEMI, Asset First Seen Date, Asset Last Seen Date, OS Name, Device Type – asset information
    • PCI Context – whether the device is in scope for PCI DSS
    • Inventory Source – feed source for information about this device
    • Owner Email Address, Owner Full Name, Owner Emp ID, Owner Job Title – Asset Owner information
    • Manager Employee ID, Manager Full Name, Manager Email Address - Employee's (Owner’s) manager
    • Executive VP, Senior VP, VP / Executive Director - Management chain for the Employee
    • Level 5, Level 6 - Additional levels of management for the Employee


    OCSF TABLES USED BY THE DASHBOARD

    • Authentication [3002]
    • Device Inventory Info [5001]
    • User Inventory Info [5003]


    Was this article helpful?
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout
    ESC

    Eddy AI, facilitating knowledge discovery through conversational intelligence