KellEngineering
/
open-cmmc-stack
0
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
open-cmmc-stack/evidence/05_monitoring/evidence.md

460 B
Raw Blame History

📡 Evidence Monitoring & SIEM Integration

Purpose

Evidence supporting logging, alerting, and forensic readiness using Wazuh and system-level audit mechanisms.

Included Artifacts

  • Wazuh agent and server logs
  • SIEM dashboard screenshots
  • Custom alert rules
  • Log forwarding rules (if applicable)

Review Checklist

  • Agent deployment logs available
  • Alerts fire on auth failures, sudo, etc.
  • Central log retention meets policy