Detections
Analytics

Item Search

NameAudit NamePluginCategory
4.1.1.1 Ensure auditd is installedCIS SUSE Linux Enterprise 12 v3.2.1 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.1.1.2 Ensure auditd service is enabled and runningCIS SUSE Linux Enterprise 12 v3.2.1 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

4.2.1.1 Ensure rsyslog is installedCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

4.2.1.1 Ensure rsyslog is installedCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

4.2.1.1 Ensure rsyslog service is enabledCIS Debian 9 Workstation L1 v1.0.1Unix

AUDIT AND ACCOUNTABILITY

4.2.1.2 Ensure rsyslog service is enabledCIS Fedora 19 Family Linux Server L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.1.2 Ensure rsyslog service is enabledCIS Fedora 19 Family Linux Workstation L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.1.2 Ensure rsyslog service is enabledCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

4.2.1.2 Ensure rsyslog service is enabled and runningCIS Fedora 19 Family Linux Workstation L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.1.4 Ensure logging is configuredCIS Fedora 19 Family Linux Server L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.1.4 Ensure logging is configuredCIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.2.1 Ensure syslog-ng service is enabledCIS SUSE Linux Enterprise Server 11 L1 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.2.2.3 Ensure journald is configured to write logfiles to persistent diskCIS SUSE Linux Enterprise 12 v3.2.1 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

4.2.2.4 Ensure journald is configured to write logfiles to persistent diskCIS Fedora 28 Family Linux Server L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.2.4 Ensure journald is configured to write logfiles to persistent diskCIS Fedora 28 Family Linux Workstation L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.3 Ensure rsyslog or syslog-ng is installedCIS SUSE Linux Enterprise Server 11 L1 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

5.1 Ensure that system activity is auditedCIS MongoDB 7 v1.2.0 L1 UnixUnix

AUDIT AND ACCOUNTABILITY

5.1 Ensure that system activity is auditedCIS MongoDB 8 v1.0.0 L1 UnixUnix

AUDIT AND ACCOUNTABILITY

5.1.1.1 Ensure rsyslog is installedCIS Oracle Linux 7 v4.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

5.1.1.2 Ensure rsyslog service is enabledCIS Oracle Linux 7 v4.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

5.1.1.2 Ensure rsyslog service is enabledCIS Red Hat Enterprise Linux 7 v4.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.1.1.5 Ensure logging is configuredCIS Oracle Linux 7 v4.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.1.1.6 Ensure rsyslog is configured to send logs to a remote log hostCIS Red Hat Enterprise Linux 7 v4.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.1.1.6 Ensure rsyslog is configured to send logs to a remote log hostCIS Amazon Linux 2023 v1.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

5.1.2.1.1 Ensure systemd-journal-remote is installedCIS Amazon Linux 2023 v1.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

5.1.2.1.2 Ensure systemd-journal-remote is configuredCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

5.2.1.4 Ensure auditd service is enabledCIS Amazon Linux 2023 v1.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.1.1 Ensure journald service is enabled and activeCIS Oracle Linux 9 v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.1.1 Ensure journald service is enabled and activeCIS SUSE Linux Enterprise 15 v2.0.1 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.1.1 Ensure journald service is enabled and activeCIS AlmaLinux OS 9 v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.2.1.1 Ensure systemd-journal-remote is installedCIS SUSE Linux Enterprise 15 v2.0.1 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.2.1.2 Ensure systemd-journal-upload authentication is configuredCIS Oracle Linux 9 v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.2.1.2 Ensure systemd-journal-upload authentication is configuredCIS SUSE Linux Enterprise 15 v2.0.1 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.2.1.2 Ensure systemd-journal-upload authentication is configuredCIS AlmaLinux OS 9 v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.3 Ensure the 'DROP USER' Audit Option Is EnabledCIS Oracle Server 18c DB Unified Auditing v1.1.0OracleDB

AUDIT AND ACCOUNTABILITY

6.2.3.5 Ensure rsyslog logging is configuredCIS AlmaLinux OS 9 v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.4 Ensure the 'CREATE ROLE' Action Audit Is EnabledCIS Oracle Server 18c DB Unified Auditing v1.1.0OracleDB

AUDIT AND ACCOUNTABILITY

6.2.5 Ensure the 'ALTER ROLE' Action Audit Is EnabledCIS Oracle Server 18c DB Unified Auditing v1.1.0OracleDB

AUDIT AND ACCOUNTABILITY

6.2.6 Ensure the 'DROP ROLE' Action Audit Is EnabledCIS Oracle Server 12c DB Unified Auditing v3.0.0OracleDB

AUDIT AND ACCOUNTABILITY

6.2.27 Ensure the 'LOGON' AND 'LOGOFF' Actions Audit Is EnabledCIS Oracle Server 18c DB Unified Auditing v1.1.0OracleDB

AUDIT AND ACCOUNTABILITY

9.1.4 (L1) Ensure 'Windows Firewall: Domain: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\domainfw.log'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BLWindows

AUDIT AND ACCOUNTABILITY

9.2.4 (L1) Ensure 'Windows Firewall: Private: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\privatefw.log'CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

9.2.4 (L1) Ensure 'Windows Firewall: Private: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\privatefw.log'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NGWindows

AUDIT AND ACCOUNTABILITY

9.3.6 (L1) Ensure 'Windows Firewall: Public: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\publicfw.log'CIS Microsoft Windows 10 Enterprise v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

9.3.6 (L1) Ensure 'Windows Firewall: Public: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\publicfw.log'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BLWindows

AUDIT AND ACCOUNTABILITY

9.3.6 (L1) Ensure 'Windows Firewall: Public: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\publicfw.log'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NGWindows

AUDIT AND ACCOUNTABILITY

17.2.3 Ensure 'Audit User Account Management' is set to 'Success and Failure'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION

17.5.1 Ensure 'Audit Account Lockout' is set to include 'Failure'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION

17.6.3 Ensure 'Audit Other Object Access Events' is set to 'Success and Failure'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

AUDIT AND ACCOUNTABILITY

38.13 (L1) Ensure 'Enable Private Network Firewall: Log File Path' is set to '%SystemRoot%\System32\logfiles\firewall\privatefw.log'CIS Microsoft Intune for Windows 11 v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY