Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.2 Ensure the Log Config Module Is EnabledCIS Apache HTTP Server 2.4 v2.2.0 L1Unix

AUDIT AND ACCOUNTABILITY

4.1.1.1 Ensure rsyslog is installedCIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.1.3 Ensure auditing for processes that start prior to auditd is enabledCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.1.2 Ensure auditd service is enabledCIS SUSE Linux Enterprise Server 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.2.1.1 Ensure rsyslog is installedCIS Debian Family Workstation L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.1.1 Ensure rsyslog Service is enabled - /etc/sysconfig/syslogCIS SUSE Linux Enterprise Server 11 L1 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.2.1.2 Ensure logging is configuredCIS Debian 8 Server L1 v2.0.2Unix

AUDIT AND ACCOUNTABILITY

4.2.1.2 Ensure rsyslog service is enabledCIS Fedora 19 Family Linux Server L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.1.2 Ensure rsyslog service is enabledCIS CentOS Linux 8 Server L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.1.2 Ensure rsyslog service is enabled and runningCIS Fedora 19 Family Linux Workstation L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.1.2 Ensure rsyslog service is enabled and runningCIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.1.4 Ensure logging is configuredCIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.1.4 Ensure rsyslog is configured to send logs to a remote log hostCIS Debian 9 Workstation L1 v1.0.1Unix

AUDIT AND ACCOUNTABILITY

4.2.1.5 Ensure logging is configuredCIS Fedora 28 Family Linux Workstation L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.1.5 Ensure rsyslog is configured to send logs to a remote log hostCIS Fedora 19 Family Linux Server L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.1.6 Ensure rsyslog is configured to send logs to a remote log hostCIS Debian Family Server L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.2.1.2 Ensure systemd-journal-remote is configuredCIS CentOS Linux 8 Server L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.2.2 Ensure journald service is enabledCIS CentOS Linux 8 Server L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.2.3 Ensure journald is configured to write logfiles to persistent diskCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

4.7.3.10 Ensure sshd LogLevel is configuredCIS IBM AIX 7 v1.0.0 L1Unix

AUDIT AND ACCOUNTABILITY

5.1.14 Ensure sshd LogLevel is configuredCIS Ubuntu Linux 22.04 LTS v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

5.1.15 Ensure sshd LogLevel is configuredCIS Rocky Linux 9 v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

5.2.1.2 Ensure auditd service is enabled and activeCIS Ubuntu Linux 20.04 LTS Workstation L2 v2.0.1Unix

AUDIT AND ACCOUNTABILITY

5.2.1.4 Ensure audit_backlog_limit is sufficientCIS Ubuntu Linux 20.04 LTS Server L2 v2.0.1Unix

AUDIT AND ACCOUNTABILITY

5.2.1.4 Ensure auditd service is enabledCIS Oracle Linux 7 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

5.2.1.4 Ensure auditd service is enabledCIS Red Hat Enterprise Linux 7 v4.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.2.1.4 Ensure auditd service is enabledCIS Oracle Linux 8 Workstation L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

5.2.1.4 Ensure auditd service is enabledCIS Red Hat EL8 Workstation L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

6.2.1 Ensure the 'CREATE USER' Action Audit Is EnabledCIS Oracle Server 18c DB Unified Auditing v1.1.0OracleDB

AUDIT AND ACCOUNTABILITY

6.2.1.1 Ensure journald service is enabled and activeCIS Rocky Linux 9 v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.1.1.1 Ensure journald service is enabled and activeCIS Ubuntu Linux 22.04 LTS v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.1.1.5 Ensure journald Storage is configuredCIS Ubuntu Linux 22.04 LTS v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.1.2 Ensure auditd service is enabled and activeCIS Ubuntu Linux 24.04 LTS v1.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.1.2.2 Ensure systemd-journal-remote authentication is configuredCIS Ubuntu Linux 22.04 LTS v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.1.3 Ensure journald log file rotation is configuredCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.1.3 Ensure journald log file rotation is configuredCIS Rocky Linux 9 v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.2.1.2 Ensure systemd-journal-upload authentication is configuredCIS Rocky Linux 9 v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.2.1.2 Ensure systemd-journal-upload authentication is configuredCIS Rocky Linux 9 v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.2.1.3 Ensure systemd-journal-upload is enabled and activeCIS Red Hat Enterprise Linux 9 v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.2.1.3 Ensure systemd-journal-upload is enabled and activeCIS Rocky Linux 9 v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.2.4 Ensure journald Storage is configuredCIS Rocky Linux 9 v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.3 Ensure the 'DROP USER' Audit Option Is EnabledCIS Oracle Server 12c DB Unified Auditing v3.0.0OracleDB

AUDIT AND ACCOUNTABILITY

6.2.3.2 Ensure rsyslog service is enabled and activeCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.3.5 Ensure rsyslog logging is configuredCIS Oracle Linux 9 v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.3.6 Ensure rsyslog is configured to send logs to a remote log hostCIS Oracle Linux 9 v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.3.6 Ensure rsyslog is configured to send logs to a remote log hostCIS Red Hat Enterprise Linux 9 v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3 Ensure the Server Access Log Is Configured CorrectlyCIS Apache HTTP Server 2.4 v2.2.0 L1Unix

AUDIT AND ACCOUNTABILITY

6.3.1.4 Ensure auditd service is enabled and activeCIS SUSE Linux Enterprise 15 v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

9.1.4 (L1) Ensure 'Windows Firewall: Domain: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\domainfw.log'CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

9.2.4 (L1) Ensure 'Windows Firewall: Private: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\privatefw.log'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 NGWindows

AUDIT AND ACCOUNTABILITY