Event Logging Overview

FAU_GEN.1

None

None

FAU_GEN.2

None

None

FAU_STG_EXT.1

None

None

FAU_STG.1

None

None

FCS_CKM.1

None

None

FCS_CKM.2

None

None

FCS_CKM.4

None

None

FCS_COP.1/DataEncryption

None

None

FCS_COP.1/SigGen

None

None

FCS_COP.1/Hash

None

None

FCS_COP.1/KeyedHash

None

None

FCS_RBG_EXT.1

None

None

FDP_RIP.2

None

None

FIA_AFL.1

Unsuccessful login attempts limit is met or exceeded.

Origin of the attempt (e.g., IP address).

FIA_PMG_EXT.1

None

None

FIA_UIA_EXT.1

All use of identification and authentication mechanism.

Provided user identity, origin of the attempt (e.g., IP address).

FIA_UAU_EXT.2

All use of identification and authentication mechanism.

Origin of the attempt (e.g., IP address).

FIA_UAU.7

None

None

FMT_MOF.1/ManualUpdate

Any attempt to initiate a manual update.

None

FMT_MTD.1/CoreData

All management activities of TSF data

None

FMT_SMF.1

None

None

FMT_SMR.2

None

None

FPT_SKP_EXT.1

None

None

FPT_APW_EXT.1

None

None

FPT_TST_EXT.1

None

None

FPT_TUD_EXT.1

Initiation of update; result of the update attempt (success or failure)

None

FPT_STM.1

Discontinuous changes to time - either Administrator actuated or changed through an automated process.

For discontinuous changes to time: The old and new values for the time. Origin of the attempt to change time for success and failure (such as, IP address).

FTA_SSL_EXT.1

The termination of a local interactive session by the session locking mechanism.

None

FTA_SSL.3

The termination of a remote session by the session locking mechanism.

None

FTA_SSL.4

The termination of an interactive session.

None

FTA_TAB.1

None

None

FCS_SSHS_EXT.1

Failure to establish an SSH session

Reason for failure

FTP_ITC.1

Initiation of the trusted channel. Termination of the trusted channel. Failure of the trusted channel functions.

Identification of the initiator and target of failed trusted channels establishment attempt.

FTP_TRP.1/Admin

Initiation of the trusted path. Termination of the trusted path. Failure of the trusted path functions.

None

FCS_SSHS_EXT.1

Failure to establish an SSH session

Reason for failure

FIA_X509_EXT.1/Rev

Unsuccessful attempt to validate a certificate

Reason for failure

FIA_X509_EXT.2

None

None

FIA_X509_EXT.3

None

None

FMT_MOF.1/Functions

Modification of the behaviour of the transmission of audit data to an external IT entity, the handling of audit data, the audit functionality when Local Audit Storage Space is full.

None

FMT_MOF.1/Services

Starting and stopping of services.

None

FMT_MTD.1/CryptoKeys

Management of cryptographic keys.

None

FFW_RUL_EXT.1

Application of rules configured with the ‘log’ operation

Source and destination addresses.Source and destination ports. Transport Layer Protocol TOE Interface.

Indication of packets dropped due to too much network traffic

TOE interface that is unable to process packets.Identifier of rule causing packet drop.

FFW_RUL_EXT.2

None

None

FCS_IPSEC_EXT.1

Session Establishment with peer

Entire packet contents of packets transmitted/received during session establishment.

FIA_X509_EXT.1

Session establishment with CA

Entire packet contents of packets transmitted/received during session establishment.

FPF_RUL_EXT.1

Application of rules configured with the ‘log’ operation

Source and destination addresses. Source and destination ports. Transport Layer Protocol TOE Interface.

Indication of packets dropped due to too much network traffic.

TOE interface that is unable to process packets.