There is the following reports in the Session - Logs - Reports drowdown list box - PCI 10.2.x.
1. PCI 10.2.1 User Login
2. PCI 10.2.1 User Logout
3. PCI 10.2.4 Failed User login
Regarding the #1 and #2, they seem they are the log regarding the login and logout to PAM. As the PCI DSS requirement 10.2.1 "All the personal access to the card members' data", is there the way to verify the login/logoff to target server by a target account?
Regading the #3, the report does not show up anything. Why?
CA Privileged Access Manager 3.x.
Regarding the #1 and #2, The Session >> Logs >> Report button >> PCI* report is targeted the login/logout against the PAM UI itself, not against the target server by the target account.
Use the filter of the session log like the Transaction = Connection, Login, Recording, instead of using the PCI report.
Regarding #3 What nothing shows by the "PCI 10.2.4 Failed User Login" report is the known problem and DE397273 are handling by SE to fix in the future release.