Skip to main content
Sumo Logic

Dashboards for PCI Compliance for AWS Cloud Trail

PCI Compliance for AWS CloudTrail Dashboards

The Sumo Logic PCI Compliance for AWS Cloud Trail App provides dashboards and sample queries that you can modify for your specific compliance needs.

  • Access Monitoring
  • Login Activity
  • Account and System Monitoring
  • Privileged Activity

PCI Compliance for AWS CloudTrail - PCI Req 01 - Access Monitoring

  • Security Group Activity. Pie chart of the security group activity over the last 24 hours.

  • Security Group Activity. Aggregation table of the security group activity over the last 24 hours.

  • Security Group Activity Over Time. Bar chart of security group activity time sliced by 30 minutes for the last 24 hours.

  • (All AWS Activities) Non Read Only Events. Aggregation table of the user, event, and count of non-read only events.

  • (All AWS Activities) Read Only Events. Aggregation table of the user, event, and count of read only events.

 

PCI Compliance for AWS CloudTrail - PCI Req 10 - Login Activity

PCI Compliance AWS Cloud Trail

  • Failed API Calls. Total number of failed API calls over the last 24 hours. Adjust time range as needed.

  • Failed API Calls- Reason - Login Credentials and Permission Issues. Aggregation table detailing failed API calls, source IP, destination user, event type, error code, region, and account ID.

  • Failed API Calls - Acct Breakup. Aggregation table of accounts with failed API calls and the number of events.

  • Console Login Failures. Aggregation table of failed logins from the console.

  • Successful Console Logins. Total number of successful logins over the last 24 hours. Adjust time range as needed.

  • Successful Console Logins.  For more details on successful console logins, see the aggregation table of the successful logins over the 24 hours.

PCI Compliance for AWS CloudTrail - PCI Req 08 - Account, System Monitoring

Search user account and IAM activity in compliance with PCI Requirement 08.

PCI Compliance AWS Cloud Trail Account System Monitoring

PCI Compliance AWS Cloud Trail IAM

 

  • Created Users. Aggregation table of users created in the last 24 hours.

  • Deleted Users. Aggregation table of users deleted in the last 24 hours.

  • Created Roles. Aggregation table of users created in the last 24 hours.

  • Deleted Roles. Aggregation table of users deleted in the last 24 hours.

  • Created Access Key. Aggregation table of access keys created in the last 24 hours.

  • Deleted Access Key.  Aggregation table of access keys deleted in the last 24 hours.

  • IAM Activity. Pie chart detailing the percentage of IAM Activity for policies and users over the last 24 hours.

  • IAM Activity. Aggregation table of IAM Activity for policies and users over the last 24 hours.

  • IAM Events Over Time. IAM events over the last 24 hours time sliced by every 30 minutes.

PCI Compliance for AWS CloudTrail - PCI Req 08, 10 - Privileged Activity

Review successful and failed configuration changes, and security group activity.

PCI Compliance AWS Cloud Trail Privileged Activity

PCI Compliance AWS Cloud Trail Priv Activity

 

  • Successful Configuration Changes. Pie chart of the successful configuration changes over the last 24 hours.

  • Successful Configuration Changes. Aggregation table of the successful configuration changes over the last 24 hours.

  • Failed Configuration Changes. Pie chart of the failed configuration changes over the last 24 hours.

  • Failed Configuration Changes. Aggregation table of the failed configuration changes over the last 24 hours.

  • Created Security Groups. Aggregation table of security groups created in the last 24 hours.

  • Deleted Security Groups. Aggregation table of security groups created in the last 24 hours.
  • Security Group Activity Over Time. Histogram of security group activity over the last 24 hours time sliced by hour.