CMMC 1.0 Practice AU.3.048 Requirement:

Collect audit logs into one or more central repositories.

CMMC 1.0 AU.3.048 Requirement Explanation:

By collecting logs from your systems into a central repository (e.g. a syslog server) you can setup a SIEM. Using a security information and event management (SIEM) system you can better analyze logs in your system to identify security incidents.

Example CMMC 1.0 AU.3.048 Implementation:

Setup a syslog server and direct the logs collected by your systems to it. This can be accomplished by installing event log forwarders on your systems or by using existing settings to forward your logs.

CMMC 1.0 AU.3.048 Scenario(s):

- Scenario 1:

To collect logs into a central repository your company has setup a syslog server. You forward logs from your active directory server, network devices, and other servers to it.
 

Discover Our NIST SP 800-171 & CMMC 2.0 Solutions:

/assets/images/app/complaince_accelerator.gif

Compliance Accelerator

Power through compliance. Meet and maintain your NIST SP 800-171 & CMMC 2.0 compliance requirements.
Become Compliant
/assets/images/app/quantum_accelerator.gif

Quantum Assessor

Transform your business. Create new revenue streams and provide scalability for your NIST SP 800-171 and CMMC 2.0 services.
Provide Services
/assets/images/app/supply_chain_verifier.gif

Supply Chain Verifier

Trust is everything. Verify, monitor, and support subcontactor compliance.
Verify Subcontactors