AU-12 - Audit Record Generation
Control requirements
AU-12 (a)
Provide audit record generation capability for the event types the system is capable of auditing as defined in AU-2a on [IBM Assignment: all information system and network components where audit capability is deployed/available].
AU-12 (b)
Allow [Assignment: organization-defined personnel or roles] to select the event types that are to be logged by specific components of the system.
AU-12 (c)
Generate audit records for the event types defined in AU-2c that include the audit record content defined in AU-3.
NIST supplemental guidance
Audit records can be generated from many different system components. The event types specified in AU-2d are the event types for which audit logs are to be generated and are a subset of all event types for which the system can generate audit records.