AU-5: Response to Audit Logging Process Failures

From NIST's SP800-53:

a. Alert [Assignment: organization-defined personnel or roles] within [Assignment: organization-defined time period] in the event of an audit logging process failure; and b. Take the following additional actions: [Assignment: organization-defined additional actions].

Cyber Threat Graph Context

Explore how this control relates to the wider threat graph

MITRE ATT&CK Techniques

See which MITRE ATT&CK techniques this control helps to protect against.

ATT&CK ID	Title	Associated Tactics
T1649	Steal or Forge Authentication Certificates	Credential Access
T1593.003	Code Repositories	Reconnaissance