CMMC Practice AU.3.048: Collect audit information (e.g., logs) into one or more central repositories.
CMMC CLARIFICATION (Ref CMMC – Appendix B)
Aggregate and store audit logs in a centralized location or locations within the organization. Storing audit logs in a centralized location supports orchestration, automation, correlation, and analysis activities by enabling a full picture of the audit logs, and can support automated analysis capabilities including correlation of events across the enterprise. Ensure that the central repository has the appropriate infrastructure, including protection mechanisms, and the capacity level to meet the logging requirements of the organization.