PCI-DSS Compliance Events

Key Security Events for PCI-DSS Compliance

Account Logon

Credential Validation

4776

The computer attempted to validate the credentials for an account

Kerberos Authentication Service

4768

This event generates every time Key Distribution Center issues a Kerberos Ticket Granting Ticket (TGT).

4771

Kerberos pre-authentication failed

Account Management

User Account Management

4720

A user account was created

4722

A user account was enabled

4725

A user account was disabled

4726

A user account was deleted

Logon/Logoff

Logon, Account Lockout

4625

An account failed to log on

Other Logon/Logoff Events

4649

A replay attack was detected

Object Access

Other Object Access Events

4698

A scheduled task was created

4699

A scheduled task was deleted

4702

A scheduled task was updated

System

Other System Events

1100

The event logging service has shut down

1102

The audit log was cleared

Security State Change

4608

Windows is starting up

Are you compliant?

Check your audit settings now

Validator

PCI-DSS

Reference Documentation
Wikipedia

Audit Policy Requirements

Category	Subcategory	Audit Type
Account Logon	Credential Validation	Success, Failure
Account Logon	Kerberos Authentication Service	Failure
Logon/Logoff	Logon, Account Lockout	Failure
Logon/Logoff	Other Logon/Logoff Events	Success, Failure
Object Access	Other Object Access Events	Success
System	Other System Events	Success
System	Security State Change	Success
Account Management	User Account Management	Success