> ## Documentation Index
> Fetch the complete documentation index at: https://docs.levelblue.com/llms.txt
> Use this file to discover all available pages before exploring further.
# NIST CSF Control PR.AC-1: Identities and Credentials are Managed for Authorized Devices and Users
**Access Control (PR.AC)**: Access to assets and associated facilities is limited to authorized users, processes, or devices, and to authorized activities and transactions. Showing user login events will satisfy this control.
**Associated Frameworks**: CCS CSC 16, COBIT 5 DSS05.04, DSS06.03, ISA 62443-2-1:2009 4.3.3.5.1, ISA 62443-3-3:2013 SR 1.1, SR 1.2, SR 1.3, SR 1.4, SR 1.5, SR 1.7, SR 1.8, SR 1.9, ISO/IEC 27001:2013 A.9.2.1, A.9.2.2, A.9.2.4, A.9.3.1, A.9.4.2, A.9.4.3, NIST SP 800-53 Rev. 4 AC-2, IA Family
This report provides a list of all identities and credentials that are managed in USM Anywhere and have been authorized for users and managed devices.
**Filters used by NIST CSF Control PR.AC-1: Identities and Credentials are Managed for Authorized Devices and Users**
| Filter | Value |
| ---------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| Event Name | "A logon was attempted using explicit credentials", "AUTHN\_LOGIN\_EVENT", "Admin - Change Password On Next Login", "Admin login", "Admin login failed", "Admin login successful", "Agent login succeeded", "Attempt to login using a non-existent user", "Audit Event Dispatcher: login message", "Console Login", "Console user login", "FTP login", "LOGIN", "LOGON", Login", "Login - Login Challenge", "Login - Login Failure", "Login - Successful Login", "Login OK", "Login Success", "Login attempt", "Login failed", "Login succeeded", "Login success", "Login successful. Accepted password", "Logon", "Multiple Windows Logon Failures", "Multiple failed logins", "Network Security Manager Login succeeded", "PasswordLogonInitialAuthUsingPassword", "Secure Shell: LOGINFAIL", "Special privileges assigned to new logon", "UNSUCCESSFUL\_LOGIN", "USER\_LOGIN", "USER\_LOGINx", "USER\_Login: Failed", "User Logon", "User login", "User login failed", "User login successful", "User logon detected Account", "UserLoginFailed", "VPN zone remote user login allowed", "Windows DC Logon Failure", "Windows Logon Success", "event: LoginFailed", "load balancer: SSH Login failed", "load balancer: SSH login accepted", "login", "login query", "Logon event", "Logon/Logoff", "Other Logon/Logoff Events", "Logon Cache", "\[S106] Identity Assertion Logon.", "A logon was attempted using explicit credentials.", "Failed Logon" |
| Suppressed | False |
**To generate the NIST CSF Control PR.AC-1 report**
1. Go to **Reports > Compliance Templates**.
2. On the left navigation pane, click **NIST CSF**.
3. Click **Generate Report** on the specific line for this report. The **Configure Report** dialog box appears.
4. Click **Edit Filters** if you want to modify the selected filters, and then click **Continue to Filters**.
5. Make the required modifications, and then click **Edit Report**.
6. Click the date field if you want to choose a different date range. Select **Last Hour**, **Last 24 Hours**, **Last 7 Days**, **Last 30 Days**, **Last 90 Days**, or **Custom Range** to set a particular date range.
7. Select the **Format** of the report. It can either be **CSV** or **PDF**.
8. Select a **Schedule** for the report if you want to generate it again: **Daily**, **Weekly**, **Bi-weekly**, and **Monthly**. Otherwise, select **Never**.
9. Enter an email address in which to send the report. You may also select the **Send to my Email Address** option to add your email address automatically.
10. Select the **Enable link expiration** option.
This link is delivered by email and expires in 14 days.
11. Click **Next**.
12. In the **Report Name** field, enter a name for the report. This name will be displayed on the **Saved Reports** page.
13. **(OPTIONAL)** Enter a **Report Description**.
14. Under the **Number of Records** section, select the maximum number of records to include in the report: **20**, **50**, **100**, **500**, **1000**, or **2500**.
15. If you have previously chosen the **PDF** format, you will see the **Graphs** section, which you can use to include additional views. You can add to or remove graphs from the report by clicking the 
and 
icons.
16. Click **Run** to run the report.
Click **Save & Run** if you wish to keep the report in your [Saved Reports on USM Anywhere](/documentation/usm-anywhere/user-guide/reports/saved-reports) page and receive the report in the indicated email.