Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.5 Ensure That the Log Metric Filter and Alerts Exist for Audit Configuration ChangesCIS Google Cloud Platform v3.0.0 L1GCP

AUDIT AND ACCOUNTABILITY

2.9 Ensure That the Log Metric Filter and Alerts Exist for VPC Network ChangesCIS Google Cloud Platform v3.0.0 L2GCP

AUDIT AND ACCOUNTABILITY

2.14 Ensure 'Access Transparency' is 'Enabled'CIS Google Cloud Platform v3.0.0 L2GCP

AUDIT AND ACCOUNTABILITY

3.8 Ensure that VPC Flow Logs is Enabled for Every Subnet in a VPC NetworkCIS Google Cloud Platform v3.0.0 L2GCP

AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY

4.1.3.3 Ensure session initiation information is collected - auditctl wtmpCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.1.3.3 Ensure session initiation information is collected - btmpCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.1.3.3 Ensure session initiation information is collected - wtmpCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.1.3.3 Ensure session initiation information is collected - wtmpCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

4.1.3.10 Ensure use of privileged commands is collectedCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.1.3.10 Ensure use of privileged commands is collected - auditctlCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.1.3.13 Ensure login and logout events are collectedCIS Amazon Linux 2 STIG v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.1.3.13 Ensure login and logout events are collected - /var/run/faillockCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

4.1.16 Ensure system administrator actions (sudolog) are collected - /var/log/sudo.logCIS Debian 8 Server L2 v2.0.2Unix

AUDIT AND ACCOUNTABILITY

4.2.2.5 Ensure journald is not configured to send logs to rsyslogCIS CentOS Linux 8 Workstation L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

5.1.1.3 Ensure journald is configured to send logs to rsyslogCIS Red Hat EL8 Server L1 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

5.1.1.3 Ensure journald is configured to send logs to rsyslogCIS Oracle Linux 7 v4.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.1.1.3 Ensure journald is configured to send logs to rsyslogCIS Amazon Linux 2 v3.0.0 L1Unix

AUDIT AND ACCOUNTABILITY

5.1.1.3 Ensure journald is configured to send logs to rsyslogCIS Oracle Linux 8 Server L1 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

5.1.1.3 Ensure journald is configured to send logs to rsyslogCIS Oracle Linux 8 Workstation L1 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

5.1.1.3 Ensure journald is configured to send logs to rsyslogCIS AlmaLinux OS 8 Workstation L1 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

5.1.1.5 Ensure journald is not configured to send logs to rsyslogCIS Ubuntu Linux 18.04 LTS v2.2.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

5.1.2.5 Ensure journald is not configured to send logs to rsyslogCIS Rocky Linux 8 Workstation L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

5.1.2.5 Ensure journald is not configured to send logs to rsyslogCIS AlmaLinux OS 8 Workstation L1 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

5.1.5 Ensure SSH LogLevel is appropriateCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

5.2.3.12 Ensure login and logout events are collectedCIS Oracle Linux 7 v4.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.2.3.12 Ensure login and logout events are collectedCIS Oracle Linux 8 Workstation L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

5.2.3.12 Ensure login and logout events are collectedCIS AlmaLinux OS 8 Workstation L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

5.2.3.12 Ensure login and logout events are collectedCIS Debian 10 Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

5.2.3.12 Ensure login and logout events are collectedCIS CentOS Linux 7 v4.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.2.3.12 Ensure login and logout events are collectedCIS Ubuntu Linux 20.04 LTS Server L2 v2.0.1Unix

AUDIT AND ACCOUNTABILITY

5.2.3.12 Ensure login and logout events are collectedCIS Red Hat EL8 Workstation L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

6.2.3.3 Ensure journald is configured to send logs to rsyslogCIS AlmaLinux OS 9 v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.3.3 Ensure journald is configured to send logs to rsyslogCIS Red Hat Enterprise Linux 9 v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.3.3 Ensure journald is configured to send logs to rsyslogCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.3.3 Ensure journald is configured to send logs to rsyslogCIS Rocky Linux 9 v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.3.12 Ensure login and logout events are collectedCIS Debian Linux 12 v1.1.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.3.3.12 Ensure login and logout events are collectedCIS Oracle Linux 9 v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.3.12 Ensure login and logout events are collectedCIS Oracle Linux 9 v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.4.3.12 Ensure login and logout events are collectedCIS Debian Linux 11 v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 14'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 15'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 18'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 20'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 102'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 103'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 106'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 115'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 132'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 153'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 176'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY