Requirement
Auditable
Failure of the
trusted channel
functions.
FTP_TRP.1
Initiation of the
trusted channel.
Termination of
the trusted
channel.
Failures of the
trusted path
functions.
Requirement
FAU_GEN.1: Audit data
generation
FAU_GEN.2: User identity
association
FAU_STG_EXT.1: Protected
Audit Event Storage
FCS_CKM.1: Cryptographic
key generation (refined)
Additional Audit
Events
Record Contents
Identification of
the claimed user
identity.
Table 8 Auditable Administrative Events
Management Action to
Log
Changing logging settings.
Clearing logs.
None
Configuration of syslog
export settings
Manual key generation
Sample Record
AUDIT: See logs provided by FCS_SSHS_EXT.1.
Sample Log
Feb 17 2013 16:29:07: %PARSER-5-
CFGLOG_LOGGEDCMD: User:test_admin
logged command:logging enable
Feb 17 2013 16:34:02: %PARSER-5-
CFGLOG_LOGGEDCMD: User:test_admin
logged command:logging informational
Feb 17 2013 17:05:16: %PARSER-5-
CFGLOG_LOGGEDCMD: User:test_admin
logged command:clear logging
N/A
Feb 17 2013 17:05:16: %PARSER-5-
CFGLOG_LOGGEDCMD: User:test_admin
logged command:logging host
Feb 17 2013 16:14:47: %PARSER-5-
CFGLOG_LOGGEDCMD: User:test_admin
logged command:crypto key *****
Page 55 of 72