PCI DSS requirement 10.2.5 requires organizations to log the use of and changes to identification and authentication mechanisms, which are typically used by administrators.mechanisms. These mechanisms include (but are not limited to activities such as:as 1.creation Addingof new accounts and deletingelevation userof IDs;privileges, 2.and Assigningall userchanges, IDsadditions, or deletions to tokens;accounts and,with 3.root Addingor andadministrative deleting tokens access.

PCI DSS requirement 10.2.6 requires organizations to log each instance where the audit log is initialized (started(started), stopped, or stopped)paused, to ensure a malicious user is not covering his/her actions or events by stoppinginterfering orwith startinglogging logging.functions.