Appendix h: audit journal, Audit journal, Important information – Gasboy CFN III V3.6 and Later User Manual

MDE-4739A CFN III PCI Secure Controller Software Installation/Upgrade Instructions · July 2010

Page H-1

Audit Journal

Audit Journal

Appendix H: Audit Journal

Audit Journal

Daily audit files are required by PCI. The Gasboy CFN III Audit Journal uses the current
Journal.log events file, to create the Audit Journal files required by PCI. Therefore Disk
Journal in the CFN III must be enabled in Sys_par for the Audit Journal to function.

The Next Day or Nextday1 commands included in the POS and Shift Change Package controls
the Disk Journal (Journal.log) file storage. If the site is currently using the Shift Change
Package, the Journal.log file’s storage is already being properly controlled when the clerk
performs the End of Day close. Sites that did not have Disk Journal enable must choose and
properly setup one of the methods below to correctly handle Journal.log file storage.

The daily audit files must be saved to a secure location that can be used for recovery if
they are accidently erased. Retaining the latest 3 months of the audit files online, is
required by PCI standards.

IMPORTANT INFORMATION

A new directory C:\SC3AUDIT is used to store the audit files. Daily Audit Journal files are
created in this directory and are controlled by the two services “cfn3audit” and “sc3drv”. The
daily Audit files will have the extension .ADX. To meet PCI requirements, the audit
information must be protected and stored in the CFN III for a minimum of 90 days. To meet
PCI requirements the site’s PCI administrator must maintain a backup of at least one year
outside of the CFN III. Removable media may be used for this backup requirement.

The Audit Journal contains the following information:

• System access
• System actions executed
• Program execution
• User ID
• Actions taken by the user
• Channel device location of the user