AU-2 - Event Logging

AU-2 requires the organization to define what types of events are to be recorded, configure logging mechanisms to capture those events, and ensure logs are protected, retained, and reviewed. It specifies that logs must include sufficient detail such as timestamps, source identifiers, and outcome information to support investigation and accountability. The control also mandates procedures for coordinating log generation across system components and for periodic assessment of logging effectiveness.