Detections
Analytics

CIS CentOS 7 v3.1.2 Server L2

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: CIS CentOS 7 v3.1.2 Server L2

Updated: 4/12/2024

Authority: CIS

Plugin: Unix

Revision: 1.12

Estimated Item Count: 122

File Details

Filename: CIS_CentOS_7_v3.1.2_Server_L2.audit

Size: 344 kB

MD5: 93854ced9d4b8879226a842be0b9a7d2
SHA256: 5d76d4bf92c2b11039801ce4937f5f71586ab9a55112d53a37a4b58a0c9ae002

Audit Changelog

 
Revision 1.12

Apr 12, 2024

Miscellaneous
  • Audit deprecated.
  • Metadata updated.
  • References updated.
Revision 1.11

Oct 6, 2023

Functional Update
  • 4.1.15 Ensure system administrator command executions (sudo) are collected - auditctl
  • 4.1.15 Ensure system administrator command executions (sudo) are collected - auditctl (64 bit)
Miscellaneous
  • Metadata updated.
Revision 1.10

Jul 5, 2023

Functional Update
  • 4.1.2.2 Ensure audit logs are not automatically deleted
  • 4.1.2.3 Ensure system is disabled when audit logs are full - 'action_mail_acct = root'
  • 4.1.2.3 Ensure system is disabled when audit logs are full - 'admin_space_left_action = halt'
  • 4.1.2.3 Ensure system is disabled when audit logs are full - 'space_left_action = email'
Revision 1.9

Apr 12, 2023

Miscellaneous
  • Metadata updated.
  • Platform check updated.
  • Variables updated.
Revision 1.8

Apr 10, 2023

Functional Update
  • 4.1.15 Ensure system administrator command executions (sudo) are collected - auditctl
  • 4.1.15 Ensure system administrator command executions (sudo) are collected - auditctl (64 bit)
  • 4.1.8 Ensure session initiation information is collected - btmp
  • 4.1.8 Ensure session initiation information is collected - wtmp
Revision 1.7

Mar 7, 2023

Miscellaneous
  • Metadata updated.
  • References updated.
Revision 1.6

Jan 4, 2023

Miscellaneous
  • Metadata updated.
  • Variables updated.
Revision 1.5

Dec 7, 2022

Miscellaneous
  • Metadata updated.
Revision 1.4

Oct 4, 2022

Functional Update
  • 4.1.15 Ensure system administrator command executions (sudo) are collected
  • 4.1.15 Ensure system administrator command executions (sudo) are collected - auditctl
Added
  • 4.1.15 Ensure system administrator command executions (sudo) are collected - (64 bit)
  • 4.1.15 Ensure system administrator command executions (sudo) are collected - auditctl (64 bit)
  • 4.1.7 Ensure login and logout events are collected - /var/run/faillock
  • 4.1.7 Ensure login and logout events are collected - auditctl /var/run/faillock
Removed
  • 4.1.5 Ensure events that modify the system's network environment are collected - /etc/sysconfig/network-scripts
  • 4.1.5 Ensure events that modify the system's network environment are collected - auditctl network-scripts
  • 4.1.7 Ensure login and logout events are collected - /var/log/faillog
  • 4.1.7 Ensure login and logout events are collected - /var/log/tallylog
  • 4.1.7 Ensure login and logout events are collected - /var/run/faillock/
  • 4.1.7 Ensure login and logout events are collected - auditctl /var/log/faillog
  • 4.1.7 Ensure login and logout events are collected - auditctl /var/log/tallylog
  • 4.1.7 Ensure login and logout events are collected - auditctl /var/run/faillock/
Revision 1.3

Sep 19, 2022

Functional Update
  • 4.1.5 Ensure events that modify the system's network environment are collected - sethostname (32-bit)
  • 4.1.5 Ensure events that modify the system's network environment are collected - sethostname (64-bit)
Miscellaneous
  • References updated.