NIST 800-53 Rev 5
424 controls available
AU-7moderatehigh
Audit Record Reduction and Report Generation
Audit and Accountability
Control Statement
Provide and implement an audit record reduction and report generation capability that:
Discussion
Audit record reduction is a process that manipulates collected audit log information and organizes it into a summary format that is more meaningful to analysts. Audit record reduction and report generation capabilities do not always emanate from the same system or from the same organizational entities that conduct audit logging activities. The audit record reduction capability includes modern data mining techniques with advanced data filters to identify anomalous behavior in audit records. The report generation capability provided by the system can generate customizable reports. Time ordering of audit records can be an issue if the granularity of the timestamp in the record is insufficient.
- Framework
- NIST SP 800-53 Rev 5
- Family
- Audit and Accountability
- Baselines
- moderate, high
Related Frameworks
17 paths across 2 frameworks
Related Frameworks
NIST 800-1711 mapping
3.3.6
1.00
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI16 mappings
CCI-001875
1.00
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-001876
1.00
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-001877
1.00
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-001878
1.00
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-001879
1.00
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-001880
1.00
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-001881
1.00
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-001882
1.00
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-003822
1.00
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-003823
1.00
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-003824
1.00
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-003825
1.00
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-003826
1.00
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-003827
1.00
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-003828
1.00
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-003829
1.00
- DISA · 2025-01-23 · disa_cci_list · equivalent
Related STIGs
26 STIGs reach this control through 23 CCIs. Expand a row to see the responsible NICE and O*NET roles.
Operating System — Server
9 STIGs
Operating System — Server
9 STIGsGeneral Purpose Operating System Security Requirements Guide
32024-12-049 of 198 findings match
M4L5
General Purpose Operating System Security Requirements Guide
V3R32025-09-229 of 203 findings match
M4L5
Solaris 11 SPARC Security Technical Implementation Guide
32025-05-053 of 217 findings match
M3
Solaris 11 SPARC Security Technical Implementation Guide
V3R52026-02-193 of 217 findings match
M3
Solaris 11 X86 Security Technical Implementation Guide
32025-05-053 of 216 findings match
M3
Solaris 11 X86 Security Technical Implementation Guide
V3R52026-02-193 of 216 findings match
M3
IBM AIX 7.x Security Technical Implementation Guide
32024-08-162 of 283 findings match
M2
IBM AIX 7.x Security Technical Implementation Guide
V3R22026-02-062 of 283 findings match
M2
Show 1 more STIG in this category →Hide additional STIGs
SUSE Linux Enterprise Server 12 Security Technical Implementation Guide
32025-05-141 of 211 findings match
L1
Operating System — Mainframe
5 STIGs
Operating System — Mainframe
5 STIGsMainframe Product Security Requirements Guide
32024-12-059 of 193 findings match
M9
Mainframe Product Security Requirements Guide
V3R42025-09-109 of 194 findings match
M9
IBM z/OS RACF Security Technical Implementation Guide
92025-06-241 of 224 findings match
M1
IBM z/OS RACF Security Technical Implementation Guide
V9R82026-03-091 of 222 findings match
M1
IBM zVM Using CA VM:Secure Security Technical Implementation Guide
V2R22022-08-311 of 77 findings match
M1
Web / Application Server
4 STIGs
Web / Application Server
4 STIGsApplication Security and Development Security Technical Implementation Guide
62025-02-129 of 286 findings match
M9
Application Security and Development Security Technical Implementation Guide
V6R42025-09-099 of 286 findings match
M9
Application Server Security Requirements Guide
42025-02-111 of 128 findings match
M1
Application Server Security Requirements Guide
V4R42025-09-101 of 137 findings match
M1
Virtualization / Container
4 STIGs
Virtualization / Container
4 STIGsVirtual Machine Manager Security Requirements Guide
22024-12-069 of 193 findings match
M9
Virtual Machine Manager Security Requirements Guide
V2R32025-09-109 of 198 findings match
M9
Container Platform Security Requirements Guide
22025-05-151 of 187 findings match
M1
Container Platform Security Requirements Guide
V2R42025-09-101 of 188 findings match
M1
Endpoint Security Management
4 STIGs
Endpoint Security Management
4 STIGsCentral Log Server Security Requirements Guide
32024-12-0420 of 125 findings match
M11L9
Central Log Server Security Requirements Guide
V3R42026-02-1220 of 127 findings match
M11L9
Tanium 7.x Application on TanOS Security Technical Implementation Guide
V2R22025-02-111 of 75 findings match
M1
Tanium 7.x Security Technical Implementation Guide
V2R32025-05-141 of 98 findings match
M1