Item Search

NameAudit NamePluginCategory
1.13 Ensure auditing is configured for Docker files and directories - /usr/bin/docker-runcCIS Docker Community Edition v1.1.0 L1 Linux Host OSUnix

AUDIT AND ACCOUNTABILITY

3.2.4 Ensure suspicious packets are logged - net.ipv4.conf.default.log_martians = 1 sysctlCIS Amazon Linux v2.1.0 L1Unix

AUDIT AND ACCOUNTABILITY

4.1.3 Ensure auditing for processes that start prior to auditd is enabledCIS Amazon Linux v2.1.0 L2Unix

AUDIT AND ACCOUNTABILITY

4.1.3 Ensure auditing for processes that start prior to auditd is enabled - '/etc/default/grub'CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify date and time information are collected - 'auditctl /etc/localtime'CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify date and time information are collected - 'auditctl adjtimex'CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify date and time information are collected - 'auditctl clock_settime (64-bit)'CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify date and time information are collected - auditctl adjtimexCIS Amazon Linux v2.1.0 L2Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify date and time information are collected - auditctl clock_settime b32CIS Amazon Linux v2.1.0 L2Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify date and time information are collected - auditctl time-changeCIS Amazon Linux v2.1.0 L2Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify date and time information are collected - clock_settime b64CIS Amazon Linux v2.1.0 L2Unix

AUDIT AND ACCOUNTABILITY

4.1.5 Ensure events that modify user/group information are collected - '/etc/gshadow'CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

4.1.5 Ensure events that modify user/group information are collected - '/etc/security/opasswd'CIS Amazon Linux v2.1.0 L2Unix

AUDIT AND ACCOUNTABILITY

4.1.5 Ensure events that modify user/group information are collected - '/etc/security/opasswd'CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

4.1.5 Ensure events that modify user/group information are collected - '/etc/shadow'CIS Amazon Linux v2.1.0 L2Unix

AUDIT AND ACCOUNTABILITY

4.1.5 Ensure events that modify user/group information are collected - '/etc/shadow'CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

4.1.5 Ensure events that modify user/group information are collected - 'auditctl passwd'CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

4.1.6 Ensure events that modify the system's network environment are collected - issueCIS Amazon Linux v2.1.0 L2Unix

AUDIT AND ACCOUNTABILITY

4.1.10 Ensure discretionary access control permission modification events are collected - 'auditctl chmod'CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

4.1.10 Ensure discretionary access control permission modification events are collected - 'auditctl chown'CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

4.1.10 Ensure discretionary access control permission modification events are collected - 'auditctl setxattr'CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

4.1.10 Ensure discretionary access control permission modification events are collected - 'chmod'CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

4.1.10 Ensure discretionary access control permission modification events are collected - auditctl b64 chown/fchown/fchownat/lchownCIS Amazon Linux v2.1.0 L2Unix

AUDIT AND ACCOUNTABILITY

4.1.10 Ensure discretionary access control permission modification events are collected - chmod/fchmod/fchmodatCIS Amazon Linux v2.1.0 L2Unix

AUDIT AND ACCOUNTABILITY

4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - 'auditctl EACCES (64-bit)'CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - 'EACCES' (64-bit)CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

4.1.13 Ensure successful file system mounts are collected - 'auditctl mounts (64-bit)'CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

4.1.15 Ensure changes to system administration scope (sudoers) is collected - 'auditctl sudoers'CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

4.1.15 Ensure changes to system administration scope (sudoers) is collected - auditctl /etc/sudoersCIS Amazon Linux v2.1.0 L2Unix

AUDIT AND ACCOUNTABILITY

4.1.15 Ensure changes to system administration scope (sudoers) is collected - auditctl /etc/sudoers.dCIS Amazon Linux v2.1.0 L2Unix

AUDIT AND ACCOUNTABILITY

4.1.17 Ensure kernel module loading and unloading is collected - insmodCIS Amazon Linux v2.1.0 L2Unix

AUDIT AND ACCOUNTABILITY

8.2 Configure a Logging File Channel - category configCIS BIND DNS v3.0.1 Caching Only Name ServerUnix

AUDIT AND ACCOUNTABILITY

8.2 Configure a Logging File Channel - category networkCIS BIND DNS v3.0.1 Authoritative Name ServerUnix

AUDIT AND ACCOUNTABILITY

Audit Account LockoutMSCT Windows Server v20H2 MS v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Audit Policy ChangeMSCT Windows Server v20H2 MS v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit LogoffMSCT Windows Server 2016 MS v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Other Account Management EventsMSCT Windows Server 2019 DC v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Other System EventsMSCT Windows Server 2019 MS v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Other System EventsMSCT Windows Server v20H2 DC v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Removable StorageMSCT Windows Server 2016 MS v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Removable StorageMSCT Windows Server 2019 DC v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Security System ExtensionMSCT Windows Server v20H2 DC v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Special LogonMSCT Windows Server 2016 DC v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit System IntegrityMSCT Windows Server 2016 MS v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit System IntegrityMSCT Windows Server 2019 DC v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit System IntegrityMSCT Windows Server 2019 MS v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit User Account ManagementMSCT Windows Server 2019 MS v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit User Account ManagementMSCT Windows Server v20H2 MS v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settingsMSCT Windows Server 2016 DC v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settingsMSCT Windows Server 2019 MS v1.0.0Windows

AUDIT AND ACCOUNTABILITY