Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.10.11 Ensure 'logging trap severity ' is greater than or equal to '5'Tenable Cisco Firepower Best Practices AuditCisco

AUDIT AND ACCOUNTABILITY

3 - Audit Logging - LoggerTNS Best Practice JBoss 7 LinuxUnix

AUDIT AND ACCOUNTABILITY

3.2 Enable Stack Protection - set noexec_user_stack_log = 1CIS Solaris 11 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

3.3 Configure Security Auditing Flags - 'audit all failed events across all audit classes'CIS Apple OSX 10.11 El Capitan L2 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

4.2 Enable Auditing of Incoming Network Connections - AUE_ACCEPT : cisCIS Solaris 11 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

4.2 Enable Auditing of Incoming Network Connections - AUE_CONNECT : cisCIS Solaris 11 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

4.2 Enable Auditing of Incoming Network Connections - AUE_SOCKCONNECT : cisCIS Solaris 11 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

4.3 Enable auditing - sp_configure 'auditing'CIS Sybase 15.0 L1 DB v1.1.0SybaseDB

AUDIT AND ACCOUNTABILITY

4.3 Enable Auditing of File Metadata Modification Events - AUE_CHMOD : cisCIS Solaris 11 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

4.3.3 Ensure 'AUDIT SYSTEM' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 11g R2 DB v2.2.0OracleDB

AUDIT AND ACCOUNTABILITY

4.4 Enable Auditing of Process and Privilege Events - AUE_NICE : cisCIS Solaris 11 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

4.4 Enable Auditing of Process and Privilege Events - AUE_PFEXEC : cisCIS Solaris 11 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

4.4 Enable Auditing of Process and Privilege Events - AUE_SETEGID : cisCIS Solaris 11 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

4.4 Enable Auditing of Process and Privilege Events - AUE_SETEUID : cisCIS Solaris 11 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

4.4 Enable Auditing of Process and Privilege Events - AUE_SETSID : cisCIS Solaris 11 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

4.5 Configure Solaris Auditing - active non-attributable audit flagsCIS Solaris 11.2 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

4.5 Configure Solaris Auditing - audit_flags root = lo,ad,ft,ex,cis:noCIS Solaris 11 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

4.5 Configure Solaris Auditing - var/audit/*.not_terminated.*CIS Solaris 11 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

5.2 - Storage Administrative System Auditing - Event NotificationsNetApp Security Hardening Guide for ONTAP 9 v1.7.0Netapp_API

AUDIT AND ACCOUNTABILITY

5.2 Ensure that audit filters are configured properlyCIS MongoDB L1 Unix Audit v1.0.0Unix

AUDIT AND ACCOUNTABILITY

5.3 Enable 'DROP USER' Audit OptionCIS Oracle Server 11g R2 DB v2.2.0OracleDB

AUDIT AND ACCOUNTABILITY

5.4 CIFS - 'cifs.audit.autosave.ontime.interval has been configured'TNS NetApp Data ONTAP 7GNetApp

AUDIT AND ACCOUNTABILITY

5.4 Ensure that new entries are appended to the end of the log fileCIS MongoDB L2 Unix Audit v1.0.0Unix

AUDIT AND ACCOUNTABILITY

5.13 Enable 'GRANT DIRECTORY' Audit OptionCIS Oracle Server 11g R2 DB v2.2.0OracleDB

AUDIT AND ACCOUNTABILITY

5.17 Enable 'DROP ANY PROCEDURE' Audit OptionCIS Oracle Server 11g R2 DB v2.2.0OracleDB

AUDIT AND ACCOUNTABILITY

8.1.10 Collect Discretionary Access Control Permission Modification Events- '32bit chmod/fchmod/fchmodat'CIS Ubuntu 12.04 LTS Benchmark L2 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

8.2.1 Install the rsyslog packageCIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

Audit Account LockoutMSCT Windows Server 2025 DC v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Authentication Policy ChangeMSCT Windows Server 2025 DC v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Credential ValidationMSCT Windows Server 2025 DC v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit File ShareMSCT Windows 11 v24H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit File ShareMSCT Windows 11 v23H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Group MembershipMSCT Windows 11 v24H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Kerberos Service Ticket OperationsMSCT Windows Server 2025 DC v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Other Logon/Logoff EventsMSCT Windows 11 v24H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Other Object Access EventsMSCT Windows 11 v24H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Other Policy Change EventsMSCT Windows 11 v22H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit PNP ActivityMSCT Windows 11 v22H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Sensitive Privilege UseMSCT Windows 11 v22H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Special LogonMSCT Windows 11 v24H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit System IntegrityMSCT Windows 11 v24H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Brocade - Bottleneck alerts must be enabledTenable Best Practices Brocade FabricOSBrocade

AUDIT AND ACCOUNTABILITY

Ensure 'logging buffered severity ' is greater than or equal to '3'Tenable Cisco Firepower Threat Defense Best Practices AuditCisco_Firepower

AUDIT AND ACCOUNTABILITY

Ensure 'logging to Serial console' is disabledTenable Cisco Firepower Best Practices AuditCisco

AUDIT AND ACCOUNTABILITY

Ensure 'logging trap' is enabledTenable Cisco Firepower Threat Defense Best Practices AuditCisco_Firepower

AUDIT AND ACCOUNTABILITY

Ensure 'SNMP traps' is enabled - coldstartTenable Cisco Firepower Threat Defense Best Practices AuditCisco_Firepower

AUDIT AND ACCOUNTABILITY

Ensure 'SNMP traps' is enabled - linkdownTenable Cisco Firepower Threat Defense Best Practices AuditCisco_Firepower

AUDIT AND ACCOUNTABILITY

Ensure 'SNMP traps' is enabled - linkupTenable Cisco Firepower Threat Defense Best Practices AuditCisco_Firepower

AUDIT AND ACCOUNTABILITY

IBM i : Auditing Control (QAUDCTL) - '!= *NONE'IBM System i Security Reference for V7R2AS/400

AUDIT AND ACCOUNTABILITY

Windows Defender Firewall: Allow logging - Domain Profile - LogDroppedPacketsMSCT Windows 11 v22H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY