Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.2 Ensure the Log Config Module Is EnabledCIS Apache HTTP Server 2.2 L1 v3.6.0 MiddlewareUnix

AUDIT AND ACCOUNTABILITY

2.2.2 Ensure 'AUDIT_TRAIL' Is Set to 'DB', 'XML', 'OS', 'DB,EXTENDED', or 'XML,EXTENDED'CIS Oracle Server 18c DB Traditional Auditing v1.1.0OracleDB

AUDIT AND ACCOUNTABILITY

2.2.5 Set 'logging trap informational'CIS Cisco IOS 15 L1 v4.1.1Cisco

AUDIT AND ACCOUNTABILITY

3.1.2 Ensure the log destinations are set correctlyCIS PostgreSQL 9.5 DB v1.1.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.5 Ensure the filename pattern for log files is set correctlyCIS PostgreSQL 9.6 DB v1.0.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.2.4 Ensure suspicious packets are logged - 'net.ipv4.conf.all.log_martians = 1'CIS Distribution Independent Linux Workstation L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

3.2.4 Ensure suspicious packets are logged - 'net.ipv4.conf.default.log_martians' (sysctl.conf/sysctl.d)CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

3.2.4 Ensure suspicious packets are logged - sysctl net.ipv4.conf.default.log_martiansCIS Distribution Independent Linux Server L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

3.3.4 Ensure suspicious packets are logged - 'net.ipv4.conf.all.log_martians = 1 /etc/sysctl.conf /etc/sysctl.d/*'CIS CentOS 6 Server L1 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

3.3.4 Ensure suspicious packets are logged - 'net.ipv4.conf.all.log_martians = 1 /etc/sysctl.conf /etc/sysctl.d/*'CIS Oracle Linux 6 Server L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

3.3.4 Ensure suspicious packets are logged - 'net.ipv4.conf.all.log_martians = 1 /sbin/sysctl'CIS Oracle Linux 6 Server L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

3.3.4 Ensure suspicious packets are logged - 'net.ipv4.conf.all.log_martians = 1 /sbin/sysctl'CIS Oracle Linux 6 Workstation L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

3.3.4 Ensure suspicious packets are logged - 'net.ipv4.conf.all.log_martians' (sysctl.conf/sysctl.d)CIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0Unix

AUDIT AND ACCOUNTABILITY

3.3.4 Ensure suspicious packets are logged - 'net.ipv4.conf.default.log_martians = 1 /etc/sysctl.conf /etc/sysctl.d/*'CIS Red Hat 6 Server L1 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

3.3.4 Ensure suspicious packets are logged - 'net.ipv4.conf.default.log_martians = 1 /sbin/sysctl'CIS CentOS 6 Workstation L1 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

3.3.4 Ensure suspicious packets are logged - 'net.ipv4.conf.default.log_martians = 1 /sbin/sysctl'CIS Oracle Linux 6 Workstation L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

3.3.4 Ensure suspicious packets are logged - 'sysctl net.ipv4.conf.default.log_martians'CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.1.4 Ensure auditing for processes that start prior to auditd is enabledCIS Oracle Linux 6 Server L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.3 Ensure auditing for processes that start prior to auditd is enabledCIS Debian 8 Workstation L2 v2.0.2Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure auditing for processes that start prior to auditd is enabledCIS Distribution Independent Linux Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.17 Ensure the audit configuration is immutableCIS Red Hat 6 Workstation L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.17 Ensure the audit configuration is immutableCIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.17 Ensure the audit configuration is immutableCIS CentOS 6 Server L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.17 Ensure the audit configuration is immutableCIS Oracle Linux 6 Server L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.1.1 Ensure rsyslog Service is enabledCIS Aliyun Linux 2 L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.1.3 Ensure logging is configuredCIS Red Hat 6 Server L1 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.1.3 Ensure logging is configuredCIS CentOS 6 Workstation L1 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.2.1 Ensure syslog-ng service is enabledCIS Debian 9 Server L1 v1.0.1Unix

AUDIT AND ACCOUNTABILITY

5.2 Ensure 'Default Trace Enabled' Server Configuration Option is set to '1'CIS SQL Server 2012 Database L1 DB v1.6.0MS_SQLDB

AUDIT AND ACCOUNTABILITY

5.2.5 Ensure SSH LogLevel is appropriateCIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

5.3.3.1.14 Ensure audit is set on the pam_faillock moduleCIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIGUnix

ACCESS CONTROL

6.1 Ensure the Error Log Filename and Severity Level Are Configured Correctly - 'httpd.conf LogLevel = notice info or debug'CIS Apache HTTP Server 2.2 L1 v3.6.0Unix

AUDIT AND ACCOUNTABILITY

6.1.4 Ensure the 'PROFILE' Audit Option Is EnabledCIS Oracle Server 12c DB Traditional Auditing v3.0.0OracleDB

AUDIT AND ACCOUNTABILITY

6.1.5 Ensure the 'DATABASE LINK' Audit Option Is EnabledCIS Oracle Server 12c DB Traditional Auditing v3.0.0OracleDB

AUDIT AND ACCOUNTABILITY

6.1.6 Ensure the 'PUBLIC DATABASE LINK' Audit Option Is EnabledCIS Oracle Server 18c DB Traditional Auditing v1.1.0OracleDB

AUDIT AND ACCOUNTABILITY

6.1.7 Ensure the 'PUBLIC SYNONYM' Audit Option Is EnabledCIS Oracle Server 18c DB Traditional Auditing v1.1.0OracleDB

AUDIT AND ACCOUNTABILITY

6.1.8 Ensure the 'SYNONYM' Audit Option Is EnabledCIS Oracle Server 18c DB Traditional Auditing v1.1.0OracleDB

AUDIT AND ACCOUNTABILITY

6.1.13 Ensure the 'DROP ANY PROCEDURE' Audit Option Is EnabledCIS Oracle Server 12c DB Traditional Auditing v3.0.0OracleDB

AUDIT AND ACCOUNTABILITY

6.1.15 Ensure the 'PROCEDURE' Audit Option Is EnabledCIS Oracle Server 18c DB Traditional Auditing v1.1.0OracleDB

AUDIT AND ACCOUNTABILITY

6.2.11 Ensure the 'DROP PROFILE' Action Audit Is EnabledCIS Oracle Server 12c DB Unified Auditing v3.0.0OracleDB

AUDIT AND ACCOUNTABILITY

6.2.14 Ensure the 'DROP DATABASE LINK' Action Audit Is EnabledCIS Oracle Server 12c DB Unified Auditing v3.0.0OracleDB

AUDIT AND ACCOUNTABILITY

6.2.15 Ensure the 'CREATE SYNONYM' Action Audit Is EnabledCIS Oracle Server 12c DB Unified Auditing v3.0.0OracleDB

AUDIT AND ACCOUNTABILITY

6.2.17 Ensure the 'DROP SYNONYM' Action Audit Is EnabledCIS Oracle Server 12c DB Unified Auditing v3.0.0OracleDB

AUDIT AND ACCOUNTABILITY

6.2.23 Ensure the 'ALTER SYSTEM' Privilege Audit Is EnabledCIS Oracle Server 12c DB Unified Auditing v3.0.0OracleDB

AUDIT AND ACCOUNTABILITY

6.2.26 Ensure the 'DROP TRIGGER' Action Audit Is EnabledCIS Oracle Server 12c DB Unified Auditing v3.0.0OracleDB

AUDIT AND ACCOUNTABILITY

6.3 Ensure the Server Access Log Is Configured Correctly - 'httpd.conf LogFormat is configured'CIS Apache HTTP Server 2.2 L2 v3.6.0Unix

AUDIT AND ACCOUNTABILITY

9.2 Configure a Logging File Channel - category updateCIS BIND DNS v1.0.0 L1 Authoritative Name ServerUnix

AUDIT AND ACCOUNTABILITY

9.2 Configure a Logging File Channel - category xfer-inCIS BIND DNS v1.0.0 L1 Caching Only Name ServerUnix

AUDIT AND ACCOUNTABILITY

9.2 Configure a Logging File Channel - logging sectionCIS BIND DNS v1.0.0 L1 Authoritative Name ServerUnix

AUDIT AND ACCOUNTABILITY

17.7.2 (L1) Ensure 'Audit Authentication Policy Change' is set to include 'Success'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT