Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.6.1 Ensure separate partition exists for /var/log/auditCIS Ubuntu Linux 18.04 LTS v2.2.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

1.1.6.1 Ensure separate partition exists for /var/log/auditCIS Amazon Linux 2023 Server L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

1.1.6.1 Ensure separate partition exists for /var/log/auditCIS CentOS Linux 8 Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

3.2.2 Ensure that the audit policy covers key security concernsCIS Kubernetes v1.20 Benchmark v1.0.1 L2 MasterUnix

AUDIT AND ACCOUNTABILITY

3.2.2 Ensure that the audit policy covers key security concernsCIS Kubernetes v1.23 Benchmark v1.0.1 L2 MasterUnix

AUDIT AND ACCOUNTABILITY

4.1.2.4 Ensure system notification is sent out when volume is 75% fullCIS Amazon Linux 2 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.1.2.4 Ensure system notification is sent out when volume is 75% full - SA and Information System Security Officer ISSO, at a minimum, when allocated audit record storage volume reaches 75% of the repository maximum audit record storage capacity.CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.1.3.26 Ensure audit of the rmdir syscallCIS Amazon Linux 2 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.1.7 Ensure Online Certificate Status Protocol (OCSP) stapling is enabledCIS NGINX Benchmark v2.1.0 L1 ProxyUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.2 AIX Auditing - /audit existsCIS IBM AIX 7.1 L2 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

6.2 AIX Auditing - /etc/security/audit/config updateCIS IBM AIX 7.1 L2 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

6.2 AIX Auditing - audit startupCIS IBM AIX 7.1 L2 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

6.2 AIX Auditing - auditclasses updateCIS IBM AIX 7.1 L2 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

7.1 Ensure 'Symmetric Key encryption algorithm' is set to 'AES_128' or higher in non-system databasesCIS SQL Server 2016 Database L1 DB v1.4.0MS_SQLDB

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

17.7.1 Ensure 'Audit Audit Policy Change' is set to include 'Success'CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

17.7.1 Ensure 'Audit Audit Policy Change' is set to include 'Success'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

AMLS-NM-000420 - The Arista Multilayer Switch must protect the audit records of nonlocal accesses to privileged accounts and the execution of privileged functions - logging hostDISA STIG Arista MLS DCS-7000 Series NDM v1r4Arista

CONFIGURATION MANAGEMENT

AOSX-15-001030 - The macOS system must provide an immediate warning to the System Administrator (SA) and Information System Security Officer (ISSO) (at a minimum) when allocated audit record storage volume reaches 75 percent of repository maximum audit record storage capacity.DISA STIG Apple Mac OSX 10.15 v1r10Unix

AUDIT AND ACCOUNTABILITY

Audit Authentication Policy ChangeMSCT Windows Server 2016 DC v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Other Account Management EventsMSCT Windows Server 2012 R2 MS v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Other Account Management EventsMSCT Windows Server 2012 R2 DC v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Other Account Management EventsMSCT Windows Server 2016 MS v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Other System EventsMSCT Windows Server 2016 DC v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Process CreationMSCT Windows Server 2016 MS v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Removable StorageMSCT Windows 10 v1507 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Removable StorageMSCT Windows Server 2016 MS v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Security Group ManagementMSCT Windows Server 2012 R2 MS v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Security State ChangeMSCT Windows Server 2012 R2 MS v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Sensitive Privilege UseMSCT Windows Server 2012 R2 MS v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Special LogonMSCT Windows Server 2016 DC v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Big Sur - Configure Audit Log Files to Mode 440 or Less PermissiveNIST macOS Big Sur v1.4.0 - 800-171Unix

AUDIT AND ACCOUNTABILITY

Big Sur - Configure Audit Log Files to Mode 440 or Less PermissiveNIST macOS Big Sur v1.4.0 - 800-53r4 HighUnix

AUDIT AND ACCOUNTABILITY

Big Sur - Configure Audit Log Files to Mode 440 or Less PermissiveNIST macOS Big Sur v1.4.0 - All ProfilesUnix

AUDIT AND ACCOUNTABILITY

Catalina - Configure Audit Log Files to Mode 440 or Less PermissiveNIST macOS Catalina v1.5.0 - 800-53r4 LowUnix

AUDIT AND ACCOUNTABILITY

Catalina - Configure Audit Log Files to Mode 440 or Less PermissiveNIST macOS Catalina v1.5.0 - 800-53r4 ModerateUnix

AUDIT AND ACCOUNTABILITY

Catalina - Configure Audit Log Files to Mode 440 or Less PermissiveNIST macOS Catalina v1.5.0 - CNSSI 1253Unix

AUDIT AND ACCOUNTABILITY

DB2X-00-008200 - DB2 must produce audit records of its enforcement of access restrictions associated with changes to the configuration of DB2 or database(s) - OS AuditingDISA STIG IBM DB2 v10.5 LUW v2r1 OS LinuxUnix

CONFIGURATION MANAGEMENT

DB2X-00-010600 - DB2 must generate audit records when categorized information (e.g., classification levels/security levels) is modifiedDISA STIG IBM DB2 v10.5 LUW v2r1 DatabaseIBM_DB2DB

AUDIT AND ACCOUNTABILITY

DB2X-00-011100 - DB2 must generate audit records when unsuccessful attempts to delete security objects occurDISA STIG IBM DB2 v10.5 LUW v2r1 DatabaseIBM_DB2DB

AUDIT AND ACCOUNTABILITY

DB2X-00-011400 - DB2 must generate audit records when successful logons or connections occurDISA STIG IBM DB2 v10.5 LUW v2r1 DatabaseIBM_DB2DB

AUDIT AND ACCOUNTABILITY

DB2X-00-011500 - DB2 must generate audit records when unsuccessful logons or connection attempts occurDISA STIG IBM DB2 v10.5 LUW v2r1 DatabaseIBM_DB2DB

AUDIT AND ACCOUNTABILITY

F5BI-DM-000087 - The BIG-IP appliance must be configured to use NIAP evaluated cryptographic mechanisms to protect the integrity of audit information at rest.DISA F5 BIG-IP Device Management STIG v2r4F5

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

GEN002740 - The audit system must be configured to audit file deletions - '/etc/security/audit/config FILE_Unlink exists'DISA STIG AIX 5.3 v1r2Unix

AUDIT AND ACCOUNTABILITY

GEN002860 - Audit logs must be rotated daily.DISA STIG for Red Hat Enterprise Linux 5 v1r18 AuditUnix

CONFIGURATION MANAGEMENT

Monterey - Configure Audit Log Files to Mode 440 or Less PermissiveNIST macOS Monterey v1.0.0 - 800-53r5 ModerateUnix

AUDIT AND ACCOUNTABILITY

O19C-00-002000 - Oracle Database must generate audit records for the DOD-selected list of auditable events, when successfully accessed, added, modified, or deleted, to the extent such information is available.DISA Oracle Database 19c STIG v1r1 DatabaseOracleDB

AUDIT AND ACCOUNTABILITY

OL6-00-000384 - Audit log files must be owned by root.DISA STIG Oracle Linux 6 v2r7Unix

AUDIT AND ACCOUNTABILITY

OL07-00-030321 - The Oracle Linux operating system must be configured so that the audit system takes appropriate action when there is an error sending audit records to a remote system.DISA Oracle Linux 7 STIG v3r2Unix

AUDIT AND ACCOUNTABILITY

RHEL-07-030321 - The Red Hat Enterprise Linux operating system must be configured so that the audit system takes appropriate action when there is an error sending audit records to a remote system.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

AUDIT AND ACCOUNTABILITY

SQL6-D0-015100 - SQL Server must generate audit records showing starting and ending time for user access to the database(s).DISA STIG SQL Server 2016 Instance DB Audit v3r4MS_SQLDB

AUDIT AND ACCOUNTABILITY