Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.2.3 Set 'logging console critical'CIS Cisco IOS 15 L1 v4.1.1Cisco

AUDIT AND ACCOUNTABILITY

2.2.6 Set 'service timestamps debug datetime'CIS Cisco IOS XE 17.x v2.2.1 L1Cisco

AUDIT AND ACCOUNTABILITY

2.2.6 Set 'service timestamps debug datetime'CIS Cisco IOS 15 L1 v4.1.1Cisco

AUDIT AND ACCOUNTABILITY

2.2.7 Set 'logging source interface'CIS Cisco IOS XE 16.x v2.1.0 L1Cisco

AUDIT AND ACCOUNTABILITY

2.2.8 Set 'login success/failure logging'CIS Cisco IOS XE 16.x v2.1.0 L2Cisco

AUDIT AND ACCOUNTABILITY

3.1.13 Ensure the program name for PostgreSQL syslog messages is correctCIS PostgreSQL 14 DB v 1.2.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.13 Ensure the program name for PostgreSQL syslog messages is correctCIS PostgreSQL 16 DB v1.0.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.20 Ensure 'log_connections' is enabledCIS PostgreSQL 16 DB v1.0.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.20 Ensure 'log_connections' is enabled - log_connections is enabledCIS PostgreSQL 12 DB v1.1.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.22 Ensure 'log_error_verbosity' is set correctlyCIS PostgreSQL 14 DB v 1.2.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.24 Ensure 'log_line_prefix' is set correctlyCIS PostgreSQL 16 DB v1.0.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.24 Ensure 'log_line_prefix' is set correctly - log_line_prefix is set correctlyCIS PostgreSQL 12 DB v1.1.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.25 Ensure 'log_statement' is set correctlyCIS PostgreSQL 13 DB v1.2.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.26 Ensure 'log_timezone' is set correctlyCIS PostgreSQL 13 DB v1.2.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.2.2 Ensure that the audit policy covers key security concernsCIS Kubernetes v1.20 Benchmark v1.0.1 L2 MasterUnix

AUDIT AND ACCOUNTABILITY

4.1.3 Ensure events that modify date and time information are collectedCIS SUSE Linux Enterprise 12 v3.2.1 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

4.1.3.1 Ensure events that modify date and time information are collected - clock_settime (64-bit)CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.1.3.2 Ensure system administrator command executions (sudo) are collected - 32 bitCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.1.3.2 Ensure system administrator command executions (sudo) are collected - 32 bit auditctlCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.1.3.4 Ensure events that modify the system's Mandatory Access Controls are collected - /etc/selinux/CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.1.3.4 Ensure events that modify the system's Mandatory Access Controls are collected - /usr/share/selinux/CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.1.3.4 Ensure events that modify the system's Mandatory Access Controls are collected - auditctl /etc/selinux/CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.1.3.10 Ensure use of privileged commands is collected - auditctlCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

4.1.3.11 Ensure unsuccessful unauthorized file access attempts are collected - EACCESCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

4.1.3.12 Ensure discretionary access control permission modification events are collected - auditctl xattr (64-bit)CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

4.1.3.12 Ensure discretionary access control permission modification events are collected - chmod/fchmod/fchmodatCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify date and time information are collected - auditctl b32 clock_settimeCIS SUSE Linux Enterprise Server 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify date and time information are collected - auditctl b64 adjtimexCIS SUSE Linux Enterprise Server 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.5 Ensure events that modify user/group information are collected - /etc/gshadowCIS SUSE Linux Enterprise Server 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.5 Ensure events that modify user/group information are collected - /etc/security/opasswdCIS SUSE Linux Enterprise Server 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.7 Ensure events that modify the system's Mandatory Access Controls are collected - auditctl /usr/share/selinux/CIS SUSE Linux Enterprise Server 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.10 Ensure discretionary access control permission modification events are collected - auditctl b64 setxattrCIS SUSE Linux Enterprise Server 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.10 Ensure discretionary access control permission modification events are collected - b32 setxattrCIS SUSE Linux Enterprise Server 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - auditctl b64 EPERMCIS SUSE Linux Enterprise Server 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - b32 EPERMCIS SUSE Linux Enterprise Server 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - b64 EACCESCIS SUSE Linux Enterprise Server 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - b64 EPERMCIS SUSE Linux Enterprise Server 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.11 Ensure use of privileged commands is collectedCIS SUSE Linux Enterprise 12 v3.2.1 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.1.15 Ensure changes to system administration scope (sudoers) is collected - /etc/sudoers.dCIS SUSE Linux Enterprise Server 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.16 Ensure kernel module loading and unloading is collectedCIS SUSE Linux Enterprise 12 v3.2.1 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

4.2 Ensure 'Turn on administrator audit logging' is set to ''CIS Microsoft Exchange Server 2019 L1 Mailbox v1.0.0Windows

AUDIT AND ACCOUNTABILITY

5.2.3 Ensure sudo log file existsCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

5.3.9 Ensure SSH MaxAuthTries is set to 4 or lessCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

5.4 Ensure 'SQL Server Audit' is set to capture both 'failed' and 'successful logins'CIS SQL Server 2017 Database L1 DB v1.3.0MS_SQLDB

AUDIT AND ACCOUNTABILITY

6.2 AIX Auditing - cron audit rotationCIS IBM AIX 7.1 L2 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

7.2 Specify file handler in logging.properties files - check if java.util.logging.ConsoleHandler exists in web applicationCIS Apache Tomcat 10 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

7.2 Specify file handler in logging.properties files - check if java.util.logging.ConsoleHandler logging is enabled in defaultCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

AUDIT AND ACCOUNTABILITY

7.2 Specify file handler in logging.properties files - check if org.apache.juli.FileHandler exists in web applicationCIS Apache Tomcat 10 L1 v1.1.0 MiddlewareUnix

AUDIT AND ACCOUNTABILITY

7.2 Specify file handler in logging.properties files - check if org.apache.juli.FileHandler logging is enabled in web applicationCIS Apache Tomcat 9 L1 v1.2.0Unix

AUDIT AND ACCOUNTABILITY

10.18 Use the logEffectiveWebXml and metadata-complete settings for deploying applications in production - web.xmlCIS Apache Tomcat 10 L1 v1.1.0 MiddlewareUnix

AUDIT AND ACCOUNTABILITY