Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.2.7.1 Ensure separate partition exists for /var/log/auditCIS Oracle Linux 7 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

1.1.2.7.1 Ensure separate partition exists for /var/log/auditCIS CentOS Linux 7 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

1.1.2.7.1 Ensure separate partition exists for /var/log/auditCIS CentOS Linux 7 v4.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

1.1.2.7.1 Ensure separate partition exists for /var/log/auditCIS AlmaLinux OS 8 Server L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

1.1.2.7.1 Ensure separate partition exists for /var/log/auditCIS Red Hat Enterprise Linux 7 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

1.1.2.7.1 Ensure separate partition exists for /var/log/auditCIS Oracle Linux 7 v4.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

1.1.2.7.1 Ensure separate partition exists for /var/log/auditCIS Red Hat EL8 Server L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

1.1.2.7.1 Ensure separate partition exists for /var/log/auditCIS Amazon Linux 2 v3.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

1.1.2.7.1 Ensure separate partition exists for /var/log/auditCIS Red Hat Enterprise Linux 7 v4.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

1.1.2.7.1 Ensure separate partition exists for /var/log/auditCIS Red Hat EL8 Workstation L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

1.1.2.7.1 Ensure separate partition exists for /var/log/auditCIS Rocky Linux 8 Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

1.1.6.1 Ensure separate partition exists for /var/log/auditCIS Fedora 28 Family Linux Server L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

1.1.6.1 Ensure separate partition exists for /var/log/auditCIS CentOS Linux 8 Server L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

1.1.6.1 Ensure separate partition exists for /var/log/auditCIS Debian 10 Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

1.1.6.1 Ensure separate partition exists for /var/log/auditCIS Ubuntu Linux 20.04 LTS Workstation L2 v2.0.1Unix

AUDIT AND ACCOUNTABILITY

1.1.6.1 Ensure separate partition exists for /var/log/auditCIS Ubuntu Linux 20.04 LTS Server L2 v2.0.1Unix

AUDIT AND ACCOUNTABILITY

4.1.1.3 Ensure audit logs are not automatically deletedCIS Distribution Independent Linux Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.1.3 Ensure audit logs are not automatically deletedCIS SUSE Linux Enterprise Workstation 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.1.3 Ensure audit logs are not automatically deletedCIS SUSE Linux Enterprise Server 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.1.3 Ensure audit logs are not automatically deletedCIS Amazon Linux v2.1.0 L2Unix

AUDIT AND ACCOUNTABILITY

4.1.3.27 Ensure audit of unlink syscall - 64 bitCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

4.1.3.28 Ensure audit unlinkat syscall - 64 bitCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

5.36 (L2) Ensure 'Windows Event Collector (Wecsvc)' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L2 BL NGWindows

CONFIGURATION MANAGEMENT

5.36 (L2) Ensure 'Windows Event Collector (Wecsvc)' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L2 NGWindows

CONFIGURATION MANAGEMENT

6.1.2 (L1) Ensure mailbox audit actions are configuredCIS Microsoft 365 Foundations v5.0.0 L1 E3microsoft_azure

AUDIT AND ACCOUNTABILITY

18.8.3.1 Ensure 'Include command line in process creation events' is set to 'Disabled'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

IDENTIFICATION AND AUTHENTICATION

Big Sur - Configure Audit Log Files to Mode 440 or Less PermissiveNIST macOS Big Sur v1.4.0 - 800-53r5 HighUnix

AUDIT AND ACCOUNTABILITY

Catalina - Configure Audit Log Files to Mode 440 or Less PermissiveNIST macOS Catalina v1.5.0 - 800-171Unix

AUDIT AND ACCOUNTABILITY

Catalina - Configure Audit Log Files to Mode 440 or Less PermissiveNIST macOS Catalina v1.5.0 - 800-53r4 HighUnix

AUDIT AND ACCOUNTABILITY

DB2X-00-001800 - DB2 must include additional, more detailed, organization-defined information in the audit records for audit events identified by type, location, or subject.DISA STIG IBM DB2 v10.5 LUW v2r1 DatabaseIBM_DB2DB

AUDIT AND ACCOUNTABILITY

GEN002752 - The audit system must be configured to audit account disabling - '/etc/security/audit/config USER_Locked exists'DISA STIG AIX 6.1 v1r14Unix

ACCESS CONTROL

GEN002752 - The audit system must be configured to audit account disabling - 'User audit class assignments should be reviewed'DISA STIG AIX 5.3 v1r2Unix

ACCESS CONTROL

GEN002800 - System must be configured to audit login, logout, and session initiation - '/etc/security/audit/config INIT_Start exists'DISA STIG AIX 5.3 v1r2Unix

AUDIT AND ACCOUNTABILITY

GEN002800 - System must be configured to audit login, logout, and session initiation - '/etc/security/audit/config USER_Logout exists'DISA STIG AIX 6.1 v1r14Unix

AUDIT AND ACCOUNTABILITY

GEN002800 - System must be configured to audit login, logout, and session initiation - '/etc/security/audit/config USER_Logout exists'DISA STIG AIX 5.3 v1r2Unix

AUDIT AND ACCOUNTABILITY

GEN002800 - System must be configured to audit login, logout, and session initiation - '/etc/security/audit/config USER_SU exists'DISA STIG AIX 5.3 v1r2Unix

AUDIT AND ACCOUNTABILITY

GEN002800 - System must be configured to audit login, logout, and session initiation - '/etc/security/audit/events INIT_End exists'DISA STIG AIX 5.3 v1r2Unix

AUDIT AND ACCOUNTABILITY

GEN002800 - System must be configured to audit login, logout, and session initiation - '/etc/security/audit/events USER_Login exists'DISA STIG AIX 6.1 v1r14Unix

AUDIT AND ACCOUNTABILITY

GEN002800 - System must be configured to audit login, logout, and session initiation - '/etc/security/audit/events USER_SU exists'DISA STIG AIX 5.3 v1r2Unix

AUDIT AND ACCOUNTABILITY

GEN002800 - System must be configured to audit login, logout, and session initiation - '/etc/security/audit/events USER_SU exists'DISA STIG AIX 6.1 v1r14Unix

AUDIT AND ACCOUNTABILITY

GEN002820 - Audit system is configured to audit all access control permission modifications - 'FILE_Acl'DISA STIG AIX 6.1 v1r14Unix

AUDIT AND ACCOUNTABILITY

GEN002820 - Audit system is configured to audit all access control permission modifications - 'FILE_Fchmod'DISA STIG AIX 6.1 v1r14Unix

AUDIT AND ACCOUNTABILITY

GEN002820 - Audit system is configured to audit all access control permission modifications - 'FILE_Owner'DISA STIG AIX 6.1 v1r14Unix

AUDIT AND ACCOUNTABILITY

GEN002825 - System must be configured to audit load/unload dynamic kernel modules - '/etc/security/audit/config DEV_Create exists'DISA STIG AIX 6.1 v1r14Unix

AUDIT AND ACCOUNTABILITY

GEN002825 - System must be configured to audit load/unload dynamic kernel modules - '/etc/security/audit/config DEV_Remove exists'DISA STIG AIX 5.3 v1r2Unix

AUDIT AND ACCOUNTABILITY

GEN002825 - System must be configured to audit load/unload dynamic kernel modules - '/etc/security/audit/config DEV_Remove exists'DISA STIG AIX 6.1 v1r14Unix

AUDIT AND ACCOUNTABILITY

GEN002825 - System must be configured to audit load/unload dynamic kernel modules - '/etc/security/audit/events DEV_Configure exists'DISA STIG AIX 5.3 v1r2Unix

AUDIT AND ACCOUNTABILITY

GEN002825 - System must be configured to audit load/unload dynamic kernel modules - '/etc/security/audit/events DEV_Remove exists'DISA STIG AIX 6.1 v1r14Unix

AUDIT AND ACCOUNTABILITY

GEN002825 - System must be configured to audit load/unload dynamic kernel modules - '/etc/security/audit/events FILE_Mknod exists'DISA STIG AIX 5.3 v1r2Unix

AUDIT AND ACCOUNTABILITY

SLES-15-030600 - The SUSE operating system must protect audit rules from unauthorized modification.DISA SUSE Linux Enterprise Server 15 STIG v2r4Unix

AUDIT AND ACCOUNTABILITY