| 1.7 Ensure logging data is monitored | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | AUDIT AND ACCOUNTABILITY |
| 1.10.10 Ensure email logging is configured for critical to emergency | CIS Cisco ASA 9.x Firewall L1 v1.1.0 | Cisco | AUDIT AND ACCOUNTABILITY |
| 2.1 Ensure That Cloud Audit Logging Is Configured Properly | CIS Google Cloud Platform v3.0.0 L1 | GCP | AUDIT AND ACCOUNTABILITY |
| 2.12 Ensure That Cloud DNS Logging Is Enabled for All VPC Networks | CIS Google Cloud Platform v3.0.0 L1 | GCP | AUDIT AND ACCOUNTABILITY |
| 2.12.8 - Miscellaneous Config - enable sar accounting - 'activity reports are generated every 20 minutes or less on weekday 8a-5p' | CIS AIX 5.3/6.1 L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 2.12.8 - Miscellaneous Config - enable sar accounting - 'activity reports are generated hourly on weekends' | CIS AIX 5.3/6.1 L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 2.12.8 - Miscellaneous Config - enable sar accounting - 'daily summaries are being prepared' | CIS AIX 5.3/6.1 L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 2.13 Ensure centralized and remote logging is configured | CIS Docker v1.7.0 L2 Docker - Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1 Ensure unauthorized API calls are monitored | CIS Amazon Web Services Foundations v5.0.0 L2 | amazon_aws | AUDIT AND ACCOUNTABILITY |
| 4.2 Ensure management console sign-in without MFA is monitored | CIS Amazon Web Services Foundations v5.0.0 L1 | amazon_aws | AUDIT AND ACCOUNTABILITY |
| 4.2.1.5 Ensure rsyslog is configured to send logs to a remote log host | CIS SUSE Linux Enterprise 12 v3.2.1 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.5 Ensure rsyslog is configured to send logs to a remote log host | CIS SUSE Linux Enterprise 12 v3.2.1 L1 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.5 Ensure rsyslog is configured to send logs to a remote log host | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.5 Ensure rsyslog is configured to send logs to a remote log host | CIS Distribution Independent Linux Workstation L1 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.5 Ensure rsyslog is configured to send logs to a remote log host | CIS Oracle Linux 6 Workstation L1 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.5 Ensure rsyslog is configured to send logs to a remote log host | CIS Red Hat 6 Server L1 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.5 Ensure rsyslog is configured to send logs to a remote log host | CIS CentOS 6 Workstation L1 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.5 Ensure rsyslog is configured to send logs to a remote log host | CIS Distribution Independent Linux Server L1 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.5 Ensure rsyslog is configured to send logs to a remote log host | CIS Red Hat 6 Workstation L1 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.5 Ensure rsyslog is configured to send logs to a remote log host | CIS CentOS 6 Server L1 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.5 Ensure rsyslog is configured to send logs to a remote log host | CIS Oracle Linux 6 Server L1 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.2.4 Ensure syslog-ng is configured to send logs to a remote log host - destination logserver | CIS Debian 8 Server L1 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.2.4 Ensure syslog-ng is configured to send logs to a remote log host - destination logserver | CIS Debian 8 Workstation L1 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.2.4 Ensure syslog-ng is configured to send logs to a remote log host - log src | CIS Debian 8 Workstation L1 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.2.4 Ensure syslog-ng is configured to send logs to a remote log host - log src | CIS Debian 8 Server L1 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.2.5 Ensure remote syslog-ng messages are only accepted on designated log hosts | CIS Debian 8 Workstation L1 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.2.5 Ensure remote syslog-ng messages are only accepted on designated log hosts | CIS Debian 8 Server L1 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.4 Ensure permissions on all logfiles are configured | CIS Debian 9 Server L1 v1.0.1 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| 4.2.4 Ensure permissions on all logfiles are configured | CIS Debian 9 Workstation L1 v1.0.1 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| 4.3 Ensure usage of the 'root' account is monitored | CIS Amazon Web Services Foundations v5.0.0 L1 | amazon_aws | AUDIT AND ACCOUNTABILITY |
| 4.4 Ensure IAM policy changes are monitored | CIS Amazon Web Services Foundations v5.0.0 L1 | amazon_aws | AUDIT AND ACCOUNTABILITY |
| 4.5 Ensure CloudTrail configuration changes are monitored | CIS Amazon Web Services Foundations v5.0.0 L1 | amazon_aws | AUDIT AND ACCOUNTABILITY |
| 4.6 Ensure AWS Management Console authentication failures are monitored | CIS Amazon Web Services Foundations v5.0.0 L2 | amazon_aws | AUDIT AND ACCOUNTABILITY |
| 4.7 Ensure disabling or scheduled deletion of customer created CMKs is monitored | CIS Amazon Web Services Foundations v5.0.0 L2 | amazon_aws | AUDIT AND ACCOUNTABILITY |
| 4.8 Ensure S3 bucket policy changes are monitored | CIS Amazon Web Services Foundations v5.0.0 L1 | amazon_aws | AUDIT AND ACCOUNTABILITY |
| 4.11 Ensure Network Access Control List (NACL) changes are monitored | CIS Amazon Web Services Foundations v5.0.0 L2 | amazon_aws | AUDIT AND ACCOUNTABILITY |
| 4.12 Ensure changes to network gateways are monitored | CIS Amazon Web Services Foundations v5.0.0 L1 | amazon_aws | AUDIT AND ACCOUNTABILITY |
| 4.13 Ensure route table changes are monitored | CIS Amazon Web Services Foundations v5.0.0 L1 | amazon_aws | AUDIT AND ACCOUNTABILITY |
| 4.14 Ensure VPC changes are monitored | CIS Amazon Web Services Foundations v5.0.0 L1 | amazon_aws | AUDIT AND ACCOUNTABILITY |
| 4.15 Ensure AWS Organizations changes are monitored | CIS Amazon Web Services Foundations v5.0.0 L1 | amazon_aws | AUDIT AND ACCOUNTABILITY |
| 5.3 Ensure 'ETW Logging' is enabled - Sites logFormat W3C | CIS IIS 10 v1.2.1 Level 1 | Windows | AUDIT AND ACCOUNTABILITY |
| 5.3 Ensure 'ETW Logging' is enabled - Sites logFormat W3C with ETW target | CIS IIS 10 v1.2.1 Level 1 | Windows | AUDIT AND ACCOUNTABILITY |
| 6.2 Ensure a Syslog Facility Is Configured for Error Logging - 'httpd.conf <VirtualHost> Syslog is configured' | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2 Ensure a Syslog Facility Is Configured for Error Logging - 'httpd.conf <VirtualHost> Syslog is configured' | CIS Apache HTTP Server 2.2 L2 v3.6.0 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2 Ensure a Syslog Facility Is Configured for Error Logging - 'httpd.conf Syslog is configured' | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2 Ensure a Syslog Facility Is Configured for Error Logging - 'httpd.conf Syslog is configured' | CIS Apache HTTP Server 2.2 L2 v3.6.0 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| 9.3 Configure a Logging Syslog Channel | CIS BIND DNS v1.0.0 L1 Authoritative Name Server | Unix | AUDIT AND ACCOUNTABILITY |
| 9.3 Configure a Logging Syslog Channel | CIS BIND DNS v1.0.0 L1 Caching Only Name Server | Unix | AUDIT AND ACCOUNTABILITY |
| FireEye - Greylist URL list | TNS FireEye | FireEye | AUDIT AND ACCOUNTABILITY |
| FireEye - Workorder stats | TNS FireEye | FireEye | AUDIT AND ACCOUNTABILITY |
