Item Search

Name	Audit Name	Plugin	Category
4.1.1.1 Ensure auditd is installed	CIS SUSE Linux Enterprise 12 v3.2.1 L2 Server	Unix	AUDIT AND ACCOUNTABILITY
4.1.1.1 Ensure auditd is installed - audit-libs	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Workstation	Unix	AUDIT AND ACCOUNTABILITY
4.1.1.2 Ensure auditd service is enabled	CIS Fedora 28 Family Linux Server L2 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.1.2 Ensure auditd service is enabled and running	CIS SUSE Linux Enterprise 12 v3.2.1 L2 Workstation	Unix	AUDIT AND ACCOUNTABILITY
4.1.1.2 Ensure auditd service is enabled and running - enabled	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Workstation	Unix	AUDIT AND ACCOUNTABILITY
4.1.1.2 Ensure auditd service is enabled and running - running	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Workstation	Unix	AUDIT AND ACCOUNTABILITY
4.1.1.3 Ensure auditing for processes that start prior to auditd is enabled	CIS Amazon Linux 2 STIG v2.0.0 L2 Workstation	Unix	AUDIT AND ACCOUNTABILITY
4.1.5 Ensure events that modify the system's network environment are collected - auditctl /etc/issue	CIS Oracle Linux 6 Workstation L2 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT
4.1.5 Ensure events that modify the system's network environment are collected - auditctl /etc/issue.net	CIS Oracle Linux 6 Workstation L2 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT
4.1.5 Ensure events that modify the system's network environment are collected - auditctl /etc/sysconfig/network	CIS Oracle Linux 6 Workstation L2 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT
4.1.5 Ensure events that modify the system's network environment are collected - auditctl sethostname setdomainname 32-bit	CIS Oracle Linux 6 Workstation L2 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT
4.1.5 Ensure events that modify the system's network environment are collected - auditctl sethostname setdomainname 32-bit	CIS Oracle Linux 6 Server L2 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT
4.1.5 Ensure events that modify the system's network environment are collected - auditctl sethostname setdomainname 64-bit	CIS Oracle Linux 6 Workstation L2 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT
4.1.5 Ensure events that modify the system's network environment are collected - rules.d /etc/issue	CIS Oracle Linux 6 Workstation L2 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT
4.1.5 Ensure events that modify the system's network environment are collected - rules.d sethostname setdomainname 64-bit	CIS Oracle Linux 6 Server L2 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT
4.2.1.1 Ensure rsyslog is installed	CIS Red Hat 6 Server L1 v3.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.2.1.1 Ensure rsyslog is installed	CIS Fedora 28 Family Linux Workstation L1 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.2.1.1 Ensure rsyslog Service is enabled - chkconfig	CIS SUSE Linux Enterprise Server 11 L1 v2.1.1	Unix	AUDIT AND ACCOUNTABILITY
4.2.1.2 Ensure rsyslog service is enabled and running	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Workstation	Unix	AUDIT AND ACCOUNTABILITY
4.2.1.5 Ensure rsyslog is configured to send logs to a remote log host	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Workstation	Unix	AUDIT AND ACCOUNTABILITY
4.2.1.6 Ensure rsyslog is configured to send logs to a remote log host	CIS CentOS Linux 8 Workstation L1 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.2.2.1 Ensure syslog-ng service is enabled	CIS SUSE Linux Enterprise Server 11 L1 v2.1.1	Unix	AUDIT AND ACCOUNTABILITY
4.2.2.1.1 Ensure systemd-journal-remote is installed	CIS CentOS Linux 8 Workstation L1 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.2.2.1.3 Ensure systemd-journal-remote is enabled	CIS CentOS Linux 8 Workstation L1 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.2.2.1.3 Ensure systemd-journal-remote is enabled	CIS Fedora 28 Family Linux Server L1 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.2.2.2 Ensure journald service is enabled	CIS Fedora 28 Family Linux Workstation L1 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.2.2.2 Ensure logging is configured	CIS SUSE Linux Enterprise Server 11 L1 v2.1.1	Unix	AUDIT AND ACCOUNTABILITY
4.2.2.3 Ensure journald is configured to write logfiles to persistent disk	CIS SUSE Linux Enterprise 12 v3.2.1 L1 Server	Unix	AUDIT AND ACCOUNTABILITY
4.2.2.3 Ensure journald is configured to write logfiles to persistent disk	CIS SUSE Linux Enterprise 12 v3.2.1 L1 Workstation	Unix	AUDIT AND ACCOUNTABILITY
4.2.2.6 Ensure journald log rotation is configured per site policy	CIS CentOS Linux 8 Workstation L1 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.2.3 Ensure rsyslog or syslog-ng is installed	CIS SUSE Linux Enterprise Server 11 L1 v2.1.1	Unix	AUDIT AND ACCOUNTABILITY
4.6.3.3 Ensure sftp-server arguments are configured	CIS IBM AIX 7 v1.1.0 L1	Unix	AUDIT AND ACCOUNTABILITY
5.1.16 Ensure sshd LogLevel is configured	CIS Rocky Linux 8 v3.0.0 L1 Server	Unix	AUDIT AND ACCOUNTABILITY
5.1.16 Ensure sshd LogLevel is configured	CIS Rocky Linux 8 v3.0.0 L1 Workstation	Unix	AUDIT AND ACCOUNTABILITY
5.1.16 Ensure sshd LogLevel is configured	CIS Red Hat Enterprise Linux 8 v4.0.0 L1 Server	Unix	AUDIT AND ACCOUNTABILITY
6.2.1.1 Ensure journald service is enabled and active	CIS SUSE Linux Enterprise 15 v2.0.1 L1 Server	Unix	AUDIT AND ACCOUNTABILITY
6.2.1.1.1 Ensure journald service is active	CIS Red Hat Enterprise Linux 8 v4.0.0 L1 Workstation	Unix	AUDIT AND ACCOUNTABILITY
6.2.1.1.3 Ensure journald log file rotation is configured	CIS Red Hat Enterprise Linux 8 v4.0.0 L1 Server	Unix	AUDIT AND ACCOUNTABILITY
6.2.1.1.5 Ensure journald Storage is configured	CIS Red Hat Enterprise Linux 8 v4.0.0 L1 Workstation	Unix	AUDIT AND ACCOUNTABILITY
6.2.1.2.1 Ensure systemd-journal-remote is installed	CIS Rocky Linux 8 v3.0.0 L1 Server	Unix	AUDIT AND ACCOUNTABILITY
6.2.1.2.2 Ensure systemd-journal-remote authentication is configured	CIS Rocky Linux 8 v3.0.0 L1 Workstation	Unix	AUDIT AND ACCOUNTABILITY
6.2.1.2.3 Ensure systemd-journal-upload is enabled and active	CIS Red Hat Enterprise Linux 8 v4.0.0 L1 Workstation	Unix	AUDIT AND ACCOUNTABILITY
6.2.1.3 Ensure journald log file rotation is configured	CIS SUSE Linux Enterprise 15 v2.0.1 L1 Workstation	Unix	AUDIT AND ACCOUNTABILITY
6.2.2.1 Ensure rsyslog is installed	CIS Rocky Linux 8 v3.0.0 L1 Server	Unix	AUDIT AND ACCOUNTABILITY
6.2.2.1.1 Ensure systemd-journal-remote is installed	CIS SUSE Linux Enterprise 15 v2.0.1 L1 Server	Unix	AUDIT AND ACCOUNTABILITY
6.2.2.4 Ensure journald Storage is configured	CIS SUSE Linux Enterprise 15 v2.0.1 L1 Server	Unix	AUDIT AND ACCOUNTABILITY
6.2.2.6 Ensure rsyslog is configured to send logs to a remote log host	CIS Rocky Linux 8 v3.0.0 L1 Server	Unix	AUDIT AND ACCOUNTABILITY
6.2.2.6 Ensure rsyslog is configured to send logs to a remote log host	CIS Rocky Linux 8 v3.0.0 L1 Workstation	Unix	AUDIT AND ACCOUNTABILITY
6.3.1.4 Ensure auditd service is enabled and active	CIS SUSE Linux Enterprise 15 v2.0.1 L2 Server	Unix	AUDIT AND ACCOUNTABILITY
17.6.3 Ensure 'Audit Other Object Access Events' is set to 'Success and Failure'	CIS Microsoft Windows 8.1 v2.4.1 L1	Windows	AUDIT AND ACCOUNTABILITY

Detections

Analytics

Item Search