Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.3 Ensure auditing is configured for the Docker daemonCIS Docker v1.8.0 L1 OS LinuxUnix

AUDIT AND ACCOUNTABILITY

4.1.2.3 Ensure system is disabled when audit logs are full - space_left_action = emailCIS Fedora 19 Family Linux Server L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.2.3 Ensure system is disabled when audit logs are full - space_left_action = rootCIS Fedora 19 Family Linux Server L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.5 Ensure events that modify the system's network environment are collected - /etc/hostsCIS Fedora 19 Family Linux Server L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

4.1.5 Ensure events that modify the system's network environment are collected - /etc/issueCIS Fedora 19 Family Linux Server L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

4.1.5 Ensure events that modify the system's network environment are collected - auditctl /etc/issueCIS Fedora 19 Family Linux Server L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

4.1.5 Ensure events that modify the system's network environment are collected - auditctl /etc/issue.netCIS CentOS 6 Workstation L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

4.1.5 Ensure events that modify the system's network environment are collected - auditctl /etc/sysconfig/networkCIS Fedora 19 Family Linux Server L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

4.1.5 Ensure events that modify the system's network environment are collected - auditctl b32 sethostnameCIS Fedora 19 Family Linux Server L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

4.1.5 Ensure events that modify the system's network environment are collected - auditctl b64 sethostnameCIS Fedora 19 Family Linux Server L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

4.1.5 Ensure events that modify the system's network environment are collected - auditctl sethostname setdomainname 32-bitCIS CentOS 6 Workstation L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

4.1.5 Ensure events that modify the system's network environment are collected - rules.d /etc/hostsCIS CentOS 6 Workstation L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

4.2.1.1 Ensure rsyslog is installedCIS Debian Family Workstation L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.1.4 Ensure logging is configuredCIS Fedora 19 Family Linux Workstation L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.1.5 Ensure logging is configuredCIS Debian Family Server L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.1.6 Ensure rsyslog is configured to send logs to a remote log hostCIS Debian Family Workstation L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.2.1.2 Ensure systemd-journal-remote is configuredCIS CentOS Linux 8 Workstation L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.2.6 Ensure journald log rotation is configured per site policyCIS CentOS Linux 8 Server L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.3 Ensure rsyslog or syslog-ng is installedCIS Debian 8 Workstation L1 v2.0.2Unix

AUDIT AND ACCOUNTABILITY

5.1.1.2 Ensure journald service is enabledCIS Debian Linux 10 v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

5.1.1.5 Ensure logging is configuredCIS CentOS Linux 7 v4.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.1.1.6 Ensure journald log rotation is configured per site policyCIS Debian Linux 10 v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

5.1.2.4 Ensure journald is configured to write logfiles to persistent diskCIS CentOS Linux 7 v4.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.1.2.6 Ensure journald log rotation is configured per site policyCIS CentOS Linux 7 v4.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.2.1.4 Ensure auditd service is enabledCIS CentOS Linux 7 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.1.1.1 Ensure journald service is enabled and activeCIS Ubuntu Linux 24.04 LTS v1.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.1.1.2.3 Ensure systemd-journal-upload is enabled and activeCIS Debian Linux 13 v1.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.1.1.3 Ensure journald log file rotation is configuredCIS Debian Linux 12 v1.1.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.1.2.1.1 Ensure systemd-journal-remote is installedCIS Ubuntu Linux 24.04 LTS v1.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.1.2.1.2 Ensure systemd-journal-upload authentication is configuredCIS Ubuntu Linux 24.04 LTS v1.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.1.2.1.3 Ensure systemd-journal-upload is enabled and activeCIS Debian Linux 12 v1.1.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.1.2.1.3 Ensure systemd-journal-upload is enabled and activeCIS Linux Mint 22 v1.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.1.2.1.3 Ensure systemd-journal-upload is enabled and activeCIS Ubuntu Linux 24.04 LTS v1.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.1.2.5 Ensure rsyslog logging is configuredCIS Debian Linux 13 v1.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.1.2.9 Ensure rsyslog-gnutls is installedCIS Debian Linux 13 v1.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.1.3.5 Ensure rsyslog logging is configuredCIS Ubuntu Linux 24.04 LTS v1.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.1.1.3 Ensure journald log file rotation is configuredCIS AlmaLinux OS 8 v4.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.1.1.3 Ensure journald log file rotation is configuredCIS Red Hat Enterprise Linux 8 STIG v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.1.2.1 Ensure systemd-journal-remote is installedCIS AlmaLinux OS 8 v4.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.1.2.1 Ensure systemd-journal-remote is installedCIS Debian Linux 11 v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.1.2.2 Ensure systemd-journal-remote authentication is configuredCIS Debian Linux 11 v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.1.2.3 Ensure systemd-journal-upload is enabled and activeCIS Red Hat Enterprise Linux 8 STIG v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.1.4 Ensure auditd service is enabled and activeCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.2.1.1 Ensure systemd-journal-remote is installedCIS Ubuntu Linux 20.04 LTS v3.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.2.1.2 Ensure systemd-journal-upload authentication is configuredCIS Ubuntu Linux 20.04 LTS v3.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.2.5 Ensure rsyslog logging is configuredCIS AlmaLinux OS 8 v4.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.3.21 Ensure the audit configuration is immutableCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.1.2 Ensure auditing for processes that start prior to auditd is enabledCIS Red Hat Enterprise Linux 8 STIG v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.3.3.18 Ensure successful and unsuccessful attempts to use the usermod command are collectedCIS Red Hat Enterprise Linux 8 STIG v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.3.37 Ensure successful and unsuccessful attempts to use the unix_update command are collectedCIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY