Detections
Analytics

Item Search

NameAudit NamePluginCategory
4.2.5 Ensure SSH LogLevel is appropriateCIS Ubuntu Linux 20.04 LTS Workstation L1 v2.0.1Unix

AUDIT AND ACCOUNTABILITY

4.2.13 Ensure sshd LogLevel is configuredCIS Red Hat EL8 Server L1 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.13 Ensure sshd LogLevel is configuredCIS Rocky Linux 8 Server L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

5.1.1.1 Ensure rsyslog is installedCIS Oracle Linux 8 Workstation L1 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

5.1.1.1.2 Ensure systemd-journal-remote is configuredCIS Ubuntu Linux 18.04 LTS v2.2.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.1.1.1.3 Ensure systemd-journal-remote is enabledCIS Debian 10 Workstation L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

5.1.1.2 Ensure journald service is enabledCIS Debian 10 Workstation L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

5.1.1.2 Ensure rsyslog service is enabledCIS Oracle Linux 8 Server L1 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

5.1.1.2 Ensure rsyslog service is enabledCIS Red Hat EL8 Workstation L1 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

5.1.1.6 Ensure journald log rotation is configured per site policyCIS Ubuntu Linux 20.04 LTS Server L1 v2.0.1Unix

AUDIT AND ACCOUNTABILITY

5.1.1.6 Ensure journald log rotation is configured per site policyCIS Ubuntu Linux 18.04 LTS v2.2.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

5.1.1.6 Ensure journald log rotation is configured per site policyCIS Debian 10 Workstation L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

5.1.2.1 Ensure rsyslog is installedCIS Ubuntu Linux 20.04 LTS Workstation L1 v2.0.1Unix

AUDIT AND ACCOUNTABILITY

5.1.2.1 Ensure rsyslog is installedCIS Ubuntu Linux 18.04 LTS v2.2.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.1.2.1 Ensure rsyslog is installedCIS Debian 10 Workstation L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

5.1.2.1.1 Ensure systemd-journal-remote is installedCIS Red Hat EL8 Workstation L1 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

5.1.2.1.2 Ensure systemd-journal-remote is configuredCIS Oracle Linux 8 Workstation L1 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

5.1.2.1.2 Ensure systemd-journal-remote is configuredCIS Red Hat EL8 Server L1 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

5.1.2.1.2 Ensure systemd-journal-remote is configuredCIS Rocky Linux 8 Server L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

5.1.2.4 Ensure journald is configured to write logfiles to persistent diskCIS Red Hat EL8 Server L1 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

5.1.2.4 Ensure journald is configured to write logfiles to persistent diskCIS Rocky Linux 8 Server L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

5.1.2.5 Ensure logging is configuredCIS Ubuntu Linux 20.04 LTS Server L1 v2.0.1Unix

AUDIT AND ACCOUNTABILITY

5.1.2.6 Ensure journald log rotation is configured per site policyCIS Red Hat EL8 Workstation L1 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

5.1.2.6 Ensure rsyslog is configured to send logs to a remote log hostCIS Ubuntu Linux 18.04 LTS v2.2.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

5.1.15 Ensure sshd LogLevel is configuredCIS Oracle Linux 9 v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

5.1.15 Ensure sshd LogLevel is configuredCIS Rocky Linux 9 v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.1.3.6 Ensure rsyslog is configured to send logs to a remote log hostCIS Debian Linux 12 v1.1.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.1.1 Ensure journald service is enabled and activeCIS Rocky Linux 9 v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.1.3 Ensure journald log file rotation is configuredCIS Oracle Linux 9 v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.1.3 Ensure journald log file rotation is configuredCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.1.3 Ensure journald log file rotation is configuredCIS Rocky Linux 9 v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.2.1.2 Ensure systemd-journal-upload authentication is configuredCIS Oracle Linux 9 v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.2.1.2 Ensure systemd-journal-upload authentication is configuredCIS Rocky Linux 9 v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.2.1.2 Ensure systemd-journal-upload authentication is configuredCIS Rocky Linux 9 v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.2.1.3 Ensure systemd-journal-upload is enabled and activeCIS Oracle Linux 9 v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.2.1.3 Ensure systemd-journal-upload is enabled and activeCIS Red Hat Enterprise Linux 9 v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.2.1.3 Ensure systemd-journal-upload is enabled and activeCIS Rocky Linux 9 v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.2.4 Ensure journald Storage is configuredCIS Oracle Linux 9 v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.2.4 Ensure journald Storage is configuredCIS Rocky Linux 9 v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.3.1 Ensure rsyslog is installedCIS Oracle Linux 9 v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.3.2 Ensure rsyslog service is enabled and activeCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.3.5 Ensure rsyslog logging is configuredCIS Oracle Linux 9 v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.3.6 Ensure rsyslog is configured to send logs to a remote log hostCIS Oracle Linux 9 v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.3.6 Ensure rsyslog is configured to send logs to a remote log hostCIS Oracle Linux 9 v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.3.6 Ensure rsyslog is configured to send logs to a remote log hostCIS Red Hat Enterprise Linux 9 v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

9.2.4 (L1) Ensure 'Windows Firewall: Private: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\privatefw.log'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

9.3.4 (L1) Ensure 'Windows Firewall: Public: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\publicfw.log'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BLWindows

AUDIT AND ACCOUNTABILITY

9.3.6 (L1) Ensure 'Windows Firewall: Public: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\publicfw.log'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 NGWindows

AUDIT AND ACCOUNTABILITY

9.3.6 (L1) Ensure 'Windows Firewall: Public: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\publicfw.log'CIS Microsoft Windows 11 Enterprise v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

38.22 (L1) Ensure 'Enable Public Network Firewall: Log File Path' is set to '%SystemRoot%\System32\logfiles\firewall\publicfw.log'CIS Microsoft Intune for Windows 11 v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY