Cisco ISR 4000 series, Configuration Manual

Page: 53 / 66

Cisco ISR 4000 Family Routers Administrator Guidance
Page 53 of 66
Requirement Auditable Events Additional
Audit Record
Contents
Sample Record
FTP_TRP.1 Initiation of the
trusted channel.
Termination of the
trusted channel.
Failures of the
trusted
path
functions.
Identification
of the claimed
user identity. AUDIT: See logs provided by
FCS_SSH_EXT.1
Table 8 Auditable Administrative Events
Requirement Management Action to
Log
Sample Log
FAU_GEN.1: Audit data
generation
Changing logging
settings.
Clearing logs.
Feb 17 2013 16:29:07: %PARSER-5-
CFGLOG_LOGGEDCMD:
User:test_admin logged
command:logging enable
Feb 17 2013 16:34:02: %PARSER-5-
CFGLOG_LOGGEDCMD:
User:test_admin logged
command:logging informational
Feb 17 2013 17:05:16: %PARSER-5-
CFGLOG_LOGGEDCMD:
User:test_admin logged command:clear
logging
FAU_GEN.2: User identity
association None N/A
FAU_STG_EXT.1: External
audit trail storage Configuration of syslog
export settings Feb 17 2013 17:05:16: %PARSER-5-
CFGLOG_LOGGEDCMD:
User:test_admin logged
command:logging host
FCS_CKM.1: Cryptographic
key generation (for
asymmetric keys) Manual key generation
Feb 17 2013 16:14:47: %PARSER-5-
CFGLOG_LOGGEDCMD:
User:test_admin logged command:crypto
key *****