Event Log Monitoring and the PCI DSS
Getting the balance right between the need to meet the users mandatory obligations for PCI DSS, and the imperative of minimizing costs' of ownership, is a challenge. To the letter of the PCI DSS, users are obliged to make use of event and audit logs in order to track user activity for any device within scope of PCI i.e. all devices which either 'Touch' cardholder data or have access to cardholder data processing systems. The full heading of the Log Tracking section of the PCI DSS is as follows \"Requirement 10: Track and monitor all access to network resources and cardholder data\" Logging mechanisms and the ability to track user activities are critical in detecting and preventing the impact of a data compromise.