Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.1.1 - Configuring syslog - local logging - 'auth.info entry exists in /etc/syslog.conf'CIS AIX 5.3/6.1 L2 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

2.1.2 - Configuring syslog - remote logging - 'auth.info remote entry exists in /etc/syslog.conf'CIS AIX 5.3/6.1 L2 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

2.1.3 - Configuring syslog - remote messagesCIS AIX 5.3/6.1 L2 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

3.1 Ensure a centralized location is configured to collect ESXi host core dumpsCIS VMware ESXi 6.5 v1.0.0 Level 1 Bare MetalUnix

AUDIT AND ACCOUNTABILITY

4.1.2.1 Ensure journald is configured to send logs to rsyslogCIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.1.3 Ensure rsyslog default file permissions configuredCIS Amazon Linux v2.1.0 L1Unix

AUDIT AND ACCOUNTABILITY

4.2.1.4 Ensure rsyslog is configured to send logs to a remote log hostCIS Aliyun Linux 2 L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.1.4 Ensure rsyslog is configured to send logs to a remote log host - rsyslog.conf/rsyslogd.CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

4.2.1.5 Ensure remote rsyslog messages are only accepted on designated log hosts. - $ModLoadCIS Aliyun Linux 2 L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.2.1 Ensure journald is configured to send logs to rsyslogCIS Fedora 19 Family Linux Workstation L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.2.1 Ensure journald is configured to send logs to rsyslogCIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.2.1 Ensure journald is configured to send logs to rsyslogCIS Distribution Independent Linux Server L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.2.1 Ensure journald is configured to send logs to rsyslogCIS Distribution Independent Linux Workstation L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.2.4 Ensure syslog-ng is configured to send logs to a remote log host - 'log'CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

4.2.2.4 Ensure syslog-ng is configured to send logs to a remote log host - log srcCIS Amazon Linux v2.1.0 L1Unix

AUDIT AND ACCOUNTABILITY

4.2.2.5 Ensure remote syslog-ng messages are only accepted on designated log hostsCIS Amazon Linux v2.1.0 L1Unix

AUDIT AND ACCOUNTABILITY

4.2.2.5 Ensure remote syslog-ng messages are only accepted on designated log hostsCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

4.2.2.5 Ensure remote syslog-ng messages are only accepted on designated log hostsCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

6.1.1 Ensure Accounting Destination is configuredCIS Juniper OS Benchmark v2.1.0 L1Juniper

AUDIT AND ACCOUNTABILITY

9.1.5 (L1) Ensure 'Windows Firewall: Domain: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\domainfw.log'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

AUDIT AND ACCOUNTABILITY

9.1.5 Ensure 'Windows Firewall: Domain: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\domainfw.log'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

AUDIT AND ACCOUNTABILITY

9.1.6 (L1) Ensure 'Windows Firewall: Domain: Logging: Size limit (KB)' is set to '16,384 KB or greater'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

AUDIT AND ACCOUNTABILITY

9.1.6 Ensure 'Windows Firewall: Domain: Logging: Size limit (KB)' is set to '16,384 KB or greater'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

AUDIT AND ACCOUNTABILITY

9.1.7 (L1) Ensure 'Windows Firewall: Domain: Logging: Log dropped packets' is set to 'Yes'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

AUDIT AND ACCOUNTABILITY

9.1.7 Ensure 'Windows Firewall: Domain: Logging: Log dropped packets' is set to 'Yes'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

AUDIT AND ACCOUNTABILITY

9.1.8 (L1) Ensure 'Windows Firewall: Domain: Logging: Log successful connections' is set to 'Yes'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

AUDIT AND ACCOUNTABILITY

9.2.5 (L1) Ensure 'Windows Firewall: Private: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\privatefw.log'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

AUDIT AND ACCOUNTABILITY

9.2.6 (L1) Ensure 'Windows Firewall: Private: Logging: Size limit (KB)' is set to '16,384 KB or greater'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

AUDIT AND ACCOUNTABILITY

9.2.6 Ensure 'Windows Firewall: Private: Logging: Size limit (KB)' is set to '16,384 KB or greater'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

AUDIT AND ACCOUNTABILITY

9.2.7 (L1) Ensure 'Windows Firewall: Private: Logging: Log dropped packets' is set to 'Yes'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

AUDIT AND ACCOUNTABILITY

9.2.7 Ensure 'Windows Firewall: Private: Logging: Log dropped packets' is set to 'Yes'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

AUDIT AND ACCOUNTABILITY

9.2.8 (L1) Ensure 'Windows Firewall: Private: Logging: Log successful connections' is set to 'Yes'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

AUDIT AND ACCOUNTABILITY

9.3.7 (L1) Ensure 'Windows Firewall: Public: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\publicfw.log'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

AUDIT AND ACCOUNTABILITY

9.3.7 Ensure 'Windows Firewall: Public: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\publicfw.log'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

AUDIT AND ACCOUNTABILITY

9.3.8 (L1) Ensure 'Windows Firewall: Public: Logging: Size limit (KB)' is set to '16,384 KB or greater'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

AUDIT AND ACCOUNTABILITY

9.3.8 Ensure 'Windows Firewall: Public: Logging: Size limit (KB)' is set to '16,384 KB or greater'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

AUDIT AND ACCOUNTABILITY

9.3.9 (L1) Ensure 'Windows Firewall: Public: Logging: Log dropped packets' is set to 'Yes'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

AUDIT AND ACCOUNTABILITY

9.3.10 (L1) Ensure 'Windows Firewall: Public: Logging: Log successful connections' is set to 'Yes'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

AUDIT AND ACCOUNTABILITY

9.3.10 Ensure 'Windows Firewall: Public: Logging: Log successful connections' is set to 'Yes'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

AUDIT AND ACCOUNTABILITY

17.9.1 (L1) Ensure 'Audit IPsec Driver' is set to 'Success and Failure'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

AUDIT AND ACCOUNTABILITY

17.9.3 (L1) Ensure 'Audit Security State Change' is set to include 'Success'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

AUDIT AND ACCOUNTABILITY

17.9.3 Ensure 'Audit Security State Change' is set to include 'Success'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

AUDIT AND ACCOUNTABILITY

17.9.4 (L1) Ensure 'Audit Security System Extension' is set to include 'Success'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

AUDIT AND ACCOUNTABILITY

17.9.5 (L1) Ensure 'Audit System Integrity' is set to 'Success and Failure'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

AUDIT AND ACCOUNTABILITY

18.4.13 (L1) Ensure 'MSS: (WarningLevel) Percentage threshold for the security event log at which the system will generate a warning' is set to 'Enabled: 90% or less'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

AUDIT AND ACCOUNTABILITY

18.9.81.2.1 Ensure 'Configure Default consent' is set to 'Enabled: Always ask before sending data'CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0Windows

AUDIT AND ACCOUNTABILITY

Ensure syslog-ng is configured to send logs to a remote log host - log srcTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

ESXi : enable-remote-syslogVMWare vSphere 5.X Hardening GuideVMware

AUDIT AND ACCOUNTABILITY

EX19-ED-000050 - Exchange audit data must be on separate partitions.DISA Microsoft Exchange 2019 Edge Server STIG v2r2Windows

AUDIT AND ACCOUNTABILITY

SYMP-NM-000140 - Symantec ProxySG must back up event logs onto a different system or system component than the system or component being audited - Syslog IPDISA Symantec ProxySG Benchmark NDM v1r2BlueCoat

AUDIT AND ACCOUNTABILITY