Item Search

Name	Audit Name	Plugin	Category
1.1.2.32 Set 'Audit Policy: Policy Change: Audit Policy Change' to 'Success and Failure'	CIS Windows 8 L1 v1.0.0	Windows	AUDIT AND ACCOUNTABILITY
1.1.2.35 Set 'Audit Policy: System: Other System Events' to 'No Auditing'	CIS Windows 8 L1 v1.0.0	Windows	AUDIT AND ACCOUNTABILITY
1.1.2.36 Set 'Audit Policy: Logon-Logoff: Other Logon/Logoff Events' to 'No Auditing'	CIS Windows 8 L1 v1.0.0	Windows	AUDIT AND ACCOUNTABILITY
1.1.2.46 Set 'Audit Policy: Object Access: Removable Storage' to 'No Auditing'	CIS Windows 8 L1 v1.0.0	Windows	AUDIT AND ACCOUNTABILITY
1.1.36 Ensure that the AdvancedAuditing argument is not set to false - AdvancedAuditing	CIS Kubernetes 1.8 Benchmark v1.2.0 L1	Unix	AUDIT AND ACCOUNTABILITY
1.6 Ensure auditing is configured for Docker files and directories - /var/lib/docker	CIS Docker Community Edition v1.1.0 L1 Linux Host OS	Unix	AUDIT AND ACCOUNTABILITY
1.10 Ensure auditing is configured for Docker files and directories - /etc/default/docker	CIS Docker Community Edition v1.1.0 L1 Linux Host OS	Unix	AUDIT AND ACCOUNTABILITY
1.12 Ensure auditing is configured for Docker files and directories - /usr/bin/docker-containerd	CIS Docker Community Edition v1.1.0 L1 Linux Host OS	Unix	AUDIT AND ACCOUNTABILITY
4.1.4 Ensure events that modify date and time information are collected - '/etc/localtime'	CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.4 Ensure events that modify date and time information are collected - 'adjtimex'	CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.4 Ensure events that modify date and time information are collected - 'auditctl adjtimex (64-bit)'	CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.4 Ensure events that modify date and time information are collected - 'auditctl clock_settime'	CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.4 Ensure events that modify date and time information are collected - auditctl clock_settime b64	CIS Amazon Linux v2.1.0 L2	Unix	AUDIT AND ACCOUNTABILITY
4.1.4 Ensure events that modify date and time information are collected - auditctl localtime	CIS Amazon Linux v2.1.0 L2	Unix	AUDIT AND ACCOUNTABILITY
4.1.4 Ensure events that modify date and time information are collected - clock_settime b32	CIS Amazon Linux v2.1.0 L2	Unix	AUDIT AND ACCOUNTABILITY
4.1.4 Ensure events that modify date and time information are collected - localtime	CIS Amazon Linux v2.1.0 L2	Unix	AUDIT AND ACCOUNTABILITY
4.1.5 Ensure events that modify user/group information are collected - '/etc/group'	CIS Amazon Linux v2.1.0 L2	Unix	AUDIT AND ACCOUNTABILITY
4.1.5 Ensure events that modify user/group information are collected - 'auditctl /etc/passwd'	CIS Amazon Linux v2.1.0 L2	Unix	AUDIT AND ACCOUNTABILITY
4.1.5 Ensure events that modify user/group information are collected - 'auditctl shadow'	CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.6 Ensure events that modify the system's network environment are collected - 'auditctl /etc/sysconfig/networks'	CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.6 Ensure events that modify the system's network environment are collected - 'auditctl hosts'	CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.6 Ensure events that modify the system's network environment are collected - 'auditctl networks'	CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.6 Ensure events that modify the system's network environment are collected - 'auditctl sethostname/setdomainname (64-bit)'	CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.6 Ensure events that modify the system's network environment are collected - 'auditctl sethostname/setdomainname'	CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.7 Ensure events that modify the system's Mandatory Access Controls are collected - '/etc/apparmor.d/'	CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.7 Ensure events that modify the system's Mandatory Access Controls are collected - '/usr/share/selinux/'	CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.7 Ensure events that modify the system's Mandatory Access Controls are collected - 'auditctl /etc/apparmor.d/'	CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.7 Ensure events that modify the system's Mandatory Access Controls are collected - 'auditctl /etc/apparmor.d/'	CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.7 Ensure events that modify the system's Mandatory Access Controls are collected - 'auditctl /usr/share/selinux/'	CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.7 Ensure events that modify the system's Mandatory Access Controls are collected - /usr/share/selinux	CIS Amazon Linux v2.1.0 L2	Unix	AUDIT AND ACCOUNTABILITY
4.1.10 Ensure discretionary access control permission modification events are collected - 'chown' (64-bit)	CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.10 Ensure discretionary access control permission modification events are collected - auditctl b64 chmod/fchmod/fchmodat	CIS Amazon Linux v2.1.0 L2	Unix	AUDIT AND ACCOUNTABILITY
4.1.10 Ensure discretionary access control permission modification events are collected - b64 chown/fchown/fchownat/lchown	CIS Amazon Linux v2.1.0 L2	Unix	AUDIT AND ACCOUNTABILITY
4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - EACCES	CIS Amazon Linux v2.1.0 L2	Unix	AUDIT AND ACCOUNTABILITY
4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - EPERM	CIS Amazon Linux v2.1.0 L2	Unix	AUDIT AND ACCOUNTABILITY
4.1.13 Ensure successful file system mounts are collected - auditctl mounts	CIS Amazon Linux v2.1.0 L2	Unix	AUDIT AND ACCOUNTABILITY
4.1.13 Ensure successful file system mounts are collected - b64 mounts	CIS Amazon Linux v2.1.0 L2	Unix	AUDIT AND ACCOUNTABILITY
4.1.15 Ensure changes to system administration scope (sudoers) is collected - '/etc/sudoers.d'	CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.15 Ensure changes to system administration scope (sudoers) is collected - 'auditctl sudoers.d'	CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.15 Ensure changes to system administration scope (sudoers) is collected - /etc/sudoers	CIS Amazon Linux v2.1.0 L2	Unix	AUDIT AND ACCOUNTABILITY
4.1.17 Ensure kernel module loading and unloading is collected - '/sbin/insmod'	CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.17 Ensure kernel module loading and unloading is collected - 'auditctl insmod'	CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.17 Ensure kernel module loading and unloading is collected - 'auditctl modprobe'	CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.17 Ensure kernel module loading and unloading is collected - auditctl modprobe	CIS Amazon Linux v2.1.0 L2	Unix	AUDIT AND ACCOUNTABILITY
4.1.17 Ensure kernel module loading and unloading is collected - modprobe	CIS Amazon Linux v2.1.0 L2	Unix	AUDIT AND ACCOUNTABILITY
4.2.1.2 Ensure logging is configured - 'mail.warning -/var/log/mail.warn'	CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0	Unix	AUDIT AND ACCOUNTABILITY
8.2 Configure a Logging File Channel - category security	CIS BIND DNS v3.0.1 Caching Only Name Server	Unix	AUDIT AND ACCOUNTABILITY
8.2 Configure a Logging File Channel - category update	CIS BIND DNS v3.0.1 Authoritative Name Server	Unix	AUDIT AND ACCOUNTABILITY
8.2 Configure a Logging File Channel - category xfer-in	CIS BIND DNS v3.0.1 Authoritative Name Server	Unix	AUDIT AND ACCOUNTABILITY
8.2 Configure a Logging File Channel - logging section	CIS BIND DNS v3.0.1 Caching Only Name Server	Unix	AUDIT AND ACCOUNTABILITY

Detections

Analytics

Item Search