Detections
Analytics

Item Search

NameAudit NamePluginCategory
3.4 Ensure Security Auditing Retention Is EnabledCIS Apple macOS 15.0 Sequoia Cloud-tailored v1.0.0 L1Unix

AUDIT AND ACCOUNTABILITY

4.1.1.2 Ensure auditd service is enabledCIS CentOS Linux 8 Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.2.3 Ensure system is disabled when audit logs are fullCIS CentOS Linux 8 Server L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.2.3 Ensure system is disabled when audit logs are fullCIS Fedora 28 Family Linux Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.1.1 Ensure rsyslog is installedCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

4.2.1.1 Ensure rsyslog is installedCIS CentOS Linux 8 Server L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.1.1 Ensure rsyslog is installedCIS Fedora 28 Family Linux Server L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.1.5 Ensure logging is configuredCIS Fedora 28 Family Linux Server L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.1.6 Ensure rsyslog is configured to send logs to a remote log hostCIS Fedora 28 Family Linux Server L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.2.1.1 Ensure systemd-journal-remote is installedCIS Fedora 28 Family Linux Workstation L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.2.2 Ensure journald service is enabledCIS Fedora 28 Family Linux Server L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.2.4 Ensure journald is configured to write logfiles to persistent diskCIS Fedora 28 Family Linux Server L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.2.6 Ensure journald log rotation is configured per site policyCIS Fedora 28 Family Linux Workstation L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

5.1.1.1.1 Ensure systemd-journal-remote is installedCIS Debian 10 Server L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

5.1.1.1.1 Ensure systemd-journal-remote is installedCIS Debian 10 Workstation L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

5.1.1.1.2 Ensure systemd-journal-remote is configuredCIS Debian 10 Workstation L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

5.2.1.2 Ensure auditd service is enabled and activeCIS Debian 10 Server L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

5.2.1.2 Ensure auditd service is enabled and activeCIS Debian 10 Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

5.2.1.4 Ensure auditd service is enabledCIS Red Hat Enterprise Linux 7 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

5.2.2.4 Ensure system warns when audit logs are low on spaceCIS Red Hat Enterprise Linux 7 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

5.2.5 Ensure SSH LogLevel is appropriateCIS CentOS Linux 8 Server L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

5.2.5 Ensure SSH LogLevel is appropriateCIS CentOS Linux 8 Workstation L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

6.2.1.1.5 Ensure journald Storage is configuredCIS AlmaLinux OS 8 v4.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.1.1.5 Ensure journald Storage is configuredCIS AlmaLinux OS 8 v4.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.1.2.1 Ensure systemd-journal-remote is installedCIS AlmaLinux OS 8 v4.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.1.3 Ensure journald log file rotation is configuredCIS Red Hat Enterprise Linux 10 v1.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.1.3 Ensure journald log file rotation is configuredCIS Red Hat Enterprise Linux 10 v1.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.1.4 Ensure audit_backlog_limit is sufficientCIS Debian Linux 12 v1.1.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.2.4 Ensure journald Storage is configuredCIS Ubuntu Linux 20.04 LTS v3.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.2.6 Ensure rsyslog is configured to send logs to a remote log hostCIS AlmaLinux OS 8 v4.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.3.1 Ensure rsyslog is installedCIS Red Hat Enterprise Linux 10 v1.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.3.1 Ensure rsyslog service is enabled and activeCIS Ubuntu Linux 20.04 LTS v3.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.1.3 Ensure audit_backlog_limit is configuredCIS Rocky Linux 8 v3.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.3.1.3 Ensure audit_backlog_limit is configuredCIS AlmaLinux OS 8 v4.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.3.1.4 Ensure auditd service is enabled and activeCIS Red Hat Enterprise Linux 9 v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.1.4 Ensure auditd service is enabled and activeCIS Rocky Linux 9 v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.1.4 Ensure auditd service is enabled and activeCIS Oracle Linux 9 v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.1.4 Ensure auditd service is enabled and activeCIS Rocky Linux 8 v3.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.3.1.4 Ensure auditd service is enabled and activeCIS Red Hat Enterprise Linux 10 v1.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.1.4 Ensure auditd service is enabled and activeCIS AlmaLinux OS 8 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.2.3 Ensure system is disabled when audit logs are fullCIS Rocky Linux 9 v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.2.4 Ensure system warns when audit logs are low on spaceCIS Rocky Linux 9 v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.3.2.4 Ensure system warns when audit logs are low on spaceCIS Rocky Linux 8 v3.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.2.4 Ensure system warns when audit logs are low on spaceCIS Red Hat Enterprise Linux 10 v1.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.2.4 Ensure system warns when audit logs are low on spaceCIS AlmaLinux OS 8 v4.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

9.1.4 (L1) Ensure 'Windows Firewall: Domain: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\domainfw.log'CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLockerWindows

AUDIT AND ACCOUNTABILITY

9.3.6 (L1) Ensure 'Windows Firewall: Public: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\publicfw.log'CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLockerWindows

AUDIT AND ACCOUNTABILITY

9.3.6 (L1) Ensure 'Windows Firewall: Public: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\publicfw.log'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NGWindows

AUDIT AND ACCOUNTABILITY

38.6 (L1) Ensure 'Enable Domain Network Firewall: Log File Path' is set to '%SystemRoot%\System32\logfiles\firewall\domainfw.log'CIS Microsoft Intune for Windows 11 v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

38.13 (L1) Ensure 'Enable Private Network Firewall: Log File Path' is set to '%SystemRoot%\System32\logfiles\firewall\privatefw.log'CIS Microsoft Intune for Windows 11 v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY