Item Search

Name	Audit Name	Plugin	Category
2.3.9.4 Ensure 'Microsoft network server: Disconnect clients when logon hours expire' is set to 'Enabled'	CIS Microsoft Windows 8.1 v2.4.1 L1	Windows	ACCESS CONTROL
2.3.11.6 Ensure 'Network security: Force logoff when logon hours expire' is set to 'Enabled'	CIS Microsoft Windows 8.1 v2.4.1 L1	Windows	ACCESS CONTROL
4.1.7 Ensure login and logout events are collected - auditctl /var/log/faillog	CIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.7 Ensure login and logout events are collected - auditctl /var/log/lastlog	CIS Ubuntu Linux 16.04 LTS Server L2 v2.0.0	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.7 Ensure login and logout events are collected - auditctl /var/run/faillock/	CIS CentOS 6 Workstation L2 v3.0.0	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.7 Ensure login and logout events are collected - auditctl faillog	CIS Debian Family Server L2 v1.0.0	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.7 Ensure login and logout events are collected - auditctl lastlog	CIS Debian Family Server L2 v1.0.0	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.7 Ensure login and logout events are collected - auditctl tallylog	CIS Debian Family Workstation L2 v1.0.0	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.7 Ensure login and logout events are collected - rules.d /var/run/faillock/	CIS CentOS 6 Workstation L2 v3.0.0	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.7 Ensure login and logout events are collected - rules.d /var/run/faillock/	CIS Red Hat 6 Workstation L2 v3.0.0	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.8 Ensure login and logout events are collected - auditctl lastlog	CIS Debian 9 Workstation L2 v1.0.1	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.8 Ensure login and logout events are collected - auditctl tallylog	CIS Debian 9 Server L2 v1.0.1	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.8 Ensure login and logout events are collected - tallylog	CIS Debian 9 Server L2 v1.0.1	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.8 Ensure session initiation information is collected - /var/run/utmp	CIS Debian Family Workstation L2 v1.0.0	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.8 Ensure session initiation information is collected - auditctl btmp	CIS Fedora 19 Family Linux Server L2 v1.0.0	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.8 Ensure session initiation information is collected - auditctl btmp	CIS Ubuntu Linux 16.04 LTS Server L2 v2.0.0	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.8 Ensure session initiation information is collected - auditctl utmp	CIS Ubuntu Linux 16.04 LTS Server L2 v2.0.0	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.8 Ensure session initiation information is collected - btmp	CIS Fedora 19 Family Linux Server L2 v1.0.0	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.8 Ensure session initiation information is collected - btmp	CIS Ubuntu Linux 16.04 LTS Server L2 v2.0.0	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.8 Ensure session initiation information is collected - btmp	CIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.8 Ensure session initiation information is collected - rules.d /var/log/btmp	CIS Oracle Linux 6 Server L2 v2.0.0	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.8 Ensure session initiation information is collected - rules.d /var/log/wtmp	CIS CentOS 6 Server L2 v3.0.0	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.8 Ensure session initiation information is collected - utmp	CIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.9 Ensure session initiation information is collected - /var/log/wtmp	CIS Debian 9 Workstation L2 v1.0.1	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.9 Ensure session initiation information is collected - /var/run/utmp	CIS Aliyun Linux 2 L2 v1.0.0	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.9 Ensure session initiation information is collected - auditctl /var/log/btmp	CIS Aliyun Linux 2 L2 v1.0.0	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.9 Ensure session initiation information is collected - auditctl /var/log/wtmp	CIS Debian 9 Workstation L2 v1.0.1	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.9 Ensure session initiation information is collected - auditctl /var/run/utmp	CIS Debian 9 Server L2 v1.0.1	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
5.1.7 Ensure SSH MaxAuthTries is set to 4 or less	CIS Google Container-Optimized OS v1.2.0 L2 Server	Unix	AUDIT AND ACCOUNTABILITY
5.2.2.6 (L1) Enable Identity Protection user risk policies	CIS Microsoft 365 Foundations v4.0.0 L1 E5	microsoft_azure	SYSTEM AND INFORMATION INTEGRITY
5.2.2.7 (L1) Enable Identity Protection sign-in risk policies	CIS Microsoft 365 Foundations v4.0.0 L1 E5	microsoft_azure	SYSTEM AND INFORMATION INTEGRITY
5.2.6 Ensure SSH MaxAuthTries is set to 4 or less	CIS Debian Family Workstation L1 v1.0.0	Unix	ACCESS CONTROL
5.2.7 Ensure SSH MaxAuthTries is set to 4 or less	CIS Debian 9 Server L1 v1.0.1	Unix	ACCESS CONTROL
5.2.7 Ensure SSH MaxAuthTries is set to 4 or less	CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0	Unix	ACCESS CONTROL
5.3 Ensure 'Login Auditing' is set to 'failed logins'	CIS SQL Server 2022 Database L1 AWS RDS v1.1.0	MS_SQLDB	AUDIT AND ACCOUNTABILITY
5.3 Ensure 'Login Auditing' is set to 'failed logins'	CIS Microsoft SQL Server 2019 v1.5.0 L1 AWS RDS	MS_SQLDB	AUDIT AND ACCOUNTABILITY
5.3 Ensure 'Login Auditing' is set to 'failed logins'	CIS SQL Server 2016 Database L1 AWS RDS v1.4.0	MS_SQLDB	AUDIT AND ACCOUNTABILITY
5.3 Ensure 'Login Auditing' is set to 'failed logins'	CIS SQL Server 2016 Database L1 DB v1.4.0	MS_SQLDB	AUDIT AND ACCOUNTABILITY
5.3 Ensure 'Login Auditing' is set to 'failed logins'	CIS SQL Server 2022 Database L1 DB v1.1.0	MS_SQLDB	AUDIT AND ACCOUNTABILITY
5.3 Ensure 'Login Auditing' is set to 'failed logins'	CIS SQL Server 2017 Database L1 AWS RDS v1.3.0	MS_SQLDB	AUDIT AND ACCOUNTABILITY
5.3 Ensure 'Login Auditing' is set to 'failed logins'	CIS SQL Server 2017 Database L1 DB v1.3.0	MS_SQLDB	AUDIT AND ACCOUNTABILITY
5.3 Ensure 'Login Auditing' is set to 'failed logins'	CIS Microsoft SQL Server 2019 v1.5.0 L1 Database Engine	MS_SQLDB	AUDIT AND ACCOUNTABILITY
5.3.8 Ensure SSH MaxAuthTries is set to 4 or less	CIS Oracle Linux 6 Server L1 v2.0.0	Unix	ACCESS CONTROL
5.3.9 Collect Login and Logout Events - /var/log/btmp	CIS Red Hat Enterprise Linux 5 L2 v2.2.1	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
5.3.9 Collect Login and Logout Events - /var/log/faillog	CIS Red Hat Enterprise Linux 5 L2 v2.2.1	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
5.3.9 Collect Login and Logout Events - /var/log/lastlog	CIS Red Hat Enterprise Linux 5 L2 v2.2.1	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
5.3.9 Collect Login and Logout Events - /var/log/tallylog	CIS Red Hat Enterprise Linux 5 L2 v2.2.1	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
5.3.9 Ensure SSH MaxAuthTries is set to 4 or less	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Workstation	Unix	AUDIT AND ACCOUNTABILITY
5.3.10 Collect Session Initiation Information - /var/log/wtmp	CIS Red Hat Enterprise Linux 5 L2 v2.2.1	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
5.3.10 Collect Session Initiation Information - /var/run/utmp	CIS Red Hat Enterprise Linux 5 L2 v2.2.1	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

Detections

Analytics

Item Search