| 1.1.10 Set 'aaa accounting system' | CIS Cisco IOS XE 17.x v2.1.1 L2 | Cisco | AUDIT AND ACCOUNTABILITY |
| 1.7.4 Configure NTP Authentication | CIS Cisco NX-OS L2 v1.1.0 | Cisco | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.1.13 Ensure malware trends are reviewed at least weekly | CIS Microsoft 365 Foundations E3 L1 v3.1.0 | microsoft_azure | AUDIT AND ACCOUNTABILITY |
| 2.2 Ensure monitoring and alerting exist for MANAGE GRANTS privilege grants | CIS Snowflake Foundations v1.0.0 L1 | Snowflake | AUDIT AND ACCOUNTABILITY |
| 2.4 Ensure monitoring and alerting exist for password sign-in without MFA | CIS Snowflake Foundations v1.0.0 L1 | Snowflake | AUDIT AND ACCOUNTABILITY |
| 2.6 Ensure monitoring and alerting exist for changes to network policies and associated objects | CIS Snowflake Foundations v1.0.0 L1 | Snowflake | AUDIT AND ACCOUNTABILITY |
| 2.8 Ensure monitoring and alerting exists for new share exposures | CIS Snowflake Foundations v1.0.0 L1 | Snowflake | AUDIT AND ACCOUNTABILITY |
| 3.1.10 Ensure the correct syslog facility is selected | CIS PostgreSQL 17 v1.0.0 L1 PostgreSQL | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 4.1.1.1 Ensure auditd is installed - audit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.1.2 Ensure auditd service is enabled | CIS CentOS Linux 8 Server L2 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.2.3 Ensure system is disabled when audit logs are full | CIS Fedora 28 Family Linux Server L2 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.1 Ensure rsyslog is installed | CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.1 Ensure rsyslog is installed | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.1 Ensure rsyslog service is enabled | CIS Debian 9 Workstation L1 v1.0.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.1 Ensure rsyslog Service is enabled - /etc/sysconfig/syslog | CIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.2 Ensure logging is configured | CIS Debian 9 Server L1 v1.0.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.2 Ensure logging is configured | CIS SUSE Linux Enterprise Server 11 L1 v2.1.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.2 Ensure rsyslog service is enabled | CIS Fedora 19 Family Linux Workstation L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.2 Ensure rsyslog service is enabled | CIS Debian Family Server L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.2 Ensure rsyslog service is enabled | CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.2 Ensure rsyslog service is enabled | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.4 Ensure rsyslog is configured to send logs to a remote log host | CIS Debian 8 Workstation L1 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.5 Ensure logging is configured | CIS Debian Family Server L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.5 Ensure logging is configured | CIS Debian Family Workstation L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.5 Ensure logging is configured | CIS CentOS Linux 8 Server L1 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.5 Ensure logging is configured - '*.emerg :omusrmsg:*' | CIS Debian Family Server L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.6 Ensure rsyslog is configured to send logs to a remote log host | CIS Debian Family Workstation L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.2.1.1 Ensure systemd-journal-remote is installed | CIS CentOS Linux 8 Server L1 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.2.1.3 Ensure systemd-journal-remote is enabled | CIS CentOS Linux 8 Server L1 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.2.1.3 Ensure systemd-journal-remote is enabled | CIS Fedora 28 Family Linux Workstation L1 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.2.4 Ensure journald is configured to write logfiles to persistent disk | CIS CentOS Linux 8 Server L1 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.2.4 Ensure syslog-ng is configured to send logs to a remote log host | CIS SUSE Linux Enterprise Server 11 L1 v2.1.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.3 Ensure usage of the 'root' account is monitored | CIS Amazon Web Services Foundations v5.0.0 L1 | amazon_aws | AUDIT AND ACCOUNTABILITY |
| 4.5 Ensure CloudTrail configuration changes are monitored | CIS Amazon Web Services Foundations v5.0.0 L1 | amazon_aws | AUDIT AND ACCOUNTABILITY |
| 4.6 Ensure AWS Management Console authentication failures are monitored | CIS Amazon Web Services Foundations v5.0.0 L2 | amazon_aws | AUDIT AND ACCOUNTABILITY |
| 4.7 Ensure disabling or scheduled deletion of customer created CMKs is monitored | CIS Amazon Web Services Foundations v5.0.0 L2 | amazon_aws | AUDIT AND ACCOUNTABILITY |
| 4.8 Ensure S3 bucket policy changes are monitored | CIS Amazon Web Services Foundations v5.0.0 L1 | amazon_aws | AUDIT AND ACCOUNTABILITY |
| 4.11 Ensure Network Access Control List (NACL) changes are monitored | CIS Amazon Web Services Foundations v5.0.0 L2 | amazon_aws | AUDIT AND ACCOUNTABILITY |
| 5.1.1.6 Ensure rsyslog is configured to send logs to a remote log host | CIS Oracle Linux 7 v4.0.0 L1 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.2.1.2 Ensure systemd-journal-remote is configured | CIS Oracle Linux 7 v4.0.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.2.6 Ensure journald log rotation is configured per site policy | CIS Oracle Linux 7 v4.0.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.2.6 Ensure journald log rotation is configured per site policy | CIS Oracle Linux 7 v4.0.0 L1 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.5.1 Ensure the Application Usage report is reviewed at least weekly | CIS Microsoft 365 Foundations E3 L1 v3.1.0 | microsoft_azure | AUDIT AND ACCOUNTABILITY |
| 5.2.1.4 Ensure auditd service is enabled | CIS Oracle Linux 8 Server L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.2.4 Ensure system warns when audit logs are low on space | CIS Oracle Linux 7 v4.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.5 Ensure SSH LogLevel is appropriate | CIS Fedora 28 Family Linux Workstation L1 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 6.1 Ensure 'log_error' is configured correctly | CIS Oracle MySQL Community Server 8.4 v1.0.0 L1 Database | MySQLDB | AUDIT AND ACCOUNTABILITY |
| 9.2.4 (L1) Ensure 'Windows Firewall: Private: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\privatefw.log' | CIS Microsoft Windows 11 Stand-alone v3.0.0 L1 + BL | Windows | AUDIT AND ACCOUNTABILITY |
| 9.2.4 (L1) Ensure 'Windows Firewall: Private: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\privatefw.log' | CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BL + NG | Windows | AUDIT AND ACCOUNTABILITY |
| 9.2.4 (L1) Ensure 'Windows Firewall: Private: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\privatefw.log' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL | Windows | AUDIT AND ACCOUNTABILITY |
