Detections
Analytics

Item Search

NameAudit NamePluginCategory
3.1 Ensure detailed logging is enabledCIS NGINX Benchmark v2.1.0 L1 ProxyUnix

AUDIT AND ACCOUNTABILITY

3.1.13 Ensure the program name for PostgreSQL syslog messages is correctCIS PostgreSQL 15 DB v1.1.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.19 Ensure 'debug_pretty_print' is enabledCIS PostgreSQL 15 DB v1.1.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.19 Ensure 'debug_pretty_print' is enabled - debug_pretty_print is enabledCIS PostgreSQL 12 DB v1.1.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.20 Ensure 'log_connections' is enabledCIS PostgreSQL 14 DB v 1.2.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.21 Ensure 'log_disconnections' is enabledCIS PostgreSQL 14 DB v 1.2.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.21 Ensure 'log_disconnections' is enabledCIS PostgreSQL 15 DB v1.1.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.25 Ensure 'log_statement' is set correctly - log_statement is set correctlyCIS PostgreSQL 12 DB v1.1.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.26 Ensure 'log_timezone' is set correctlyCIS PostgreSQL 14 DB v 1.2.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.3 Ensure error logging is enabled and set to the info logging levelCIS NGINX Benchmark v2.1.0 L1 ProxyUnix

AUDIT AND ACCOUNTABILITY

3.8 Ensure that object-level logging for write events is enabled for S3 bucketsCIS Amazon Web Services Foundations v5.0.0 L2amazon_aws

AUDIT AND ACCOUNTABILITY

4.1.3.1 Ensure events that modify date and time information are collected - /etc/localtimeCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.1.3.1 Ensure events that modify date and time information are collected - adjtimex (64-bit)CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.1.3.1 Ensure events that modify date and time information are collected - adjtimex (64-bit)CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

4.1.3.2 Ensure system administrator command executions (sudo) are collected - 64 bitCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

4.1.3.6 Ensure successful file system mounts are collectedCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.1.3.6 Ensure successful file system mounts are collectedCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

4.1.3.6 Ensure successful file system mounts are collected - 64-bitCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.1.3.6 Ensure successful file system mounts are collected - 64-bitCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

4.1.3.6 Ensure successful file system mounts are collected - auditctlCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.1.3.6 Ensure successful file system mounts are collected - auditctl (64-bit)CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.1.3.6 Ensure successful file system mounts are collected - auditctl (64-bit)CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

4.1.3.7 Ensure kernel module loading and unloading is collected - auditctl rmmodCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

4.1.3.7 Ensure kernel module loading and unloading is collected - rmmodCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

4.1.3.9 Ensure file deletion events by users are collected - 64-bitCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

4.1.3.11 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EACCESCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

4.1.3.14 Ensure events that modify user/group information are collected - '/etc/gshadow'CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

4.1.3.14 Ensure events that modify user/group information are collected - auditctl '/etc/group'CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

4.1.3.14 Ensure events that modify user/group information are collected - auditctl '/etc/gshadow'CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify date and time information are collected - audit.rules b32 adjtimexCIS SUSE Linux Enterprise Server 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify date and time information are collected - audit.rules b64 adjtimexCIS SUSE Linux Enterprise Server 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify date and time information are collected - audit.rules time-changeCIS SUSE Linux Enterprise Server 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.5 Ensure events that modify user/group information are collected - auditctl /etc/gshadowCIS SUSE Linux Enterprise Server 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.5 Ensure events that modify user/group information are collected - auditctl /etc/passwdCIS SUSE Linux Enterprise Server 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.7 Ensure events that modify the system's Mandatory Access Controls are collected - /usr/share/selinux/CIS SUSE Linux Enterprise Server 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.7 Ensure events that modify the system's Mandatory Access Controls are collected - auditctl /etc/apparmor.d/CIS SUSE Linux Enterprise Server 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.15 Ensure changes to system administration scope (sudoers) is collected - auditctl /etc/sudoers.dCIS SUSE Linux Enterprise Server 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.16 Ensure system administrator actions (sudolog) are collectedCIS SUSE Linux Enterprise Server 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

5.3.3 Ensure sudo log file existsCIS CentOS Linux 8 Server L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

6.1.3 Ensure the 'SYSTEM GRANT' Audit Option Is EnabledCIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

AUDIT AND ACCOUNTABILITY

6.3 Ensure 'log_error_verbosity' is Set to '2'CIS MySQL 5.7 Enterprise Database L2 v2.0.0MySQLDB

AUDIT AND ACCOUNTABILITY

6.3 Ensure 'log_warnings' Is Set to '2'CIS MySQL 5.6 Enterprise Database L2 v2.0.0MySQLDB

AUDIT AND ACCOUNTABILITY

6.9 Ensure All Statements and Connections are Logged - audit_log_connection_policyCIS MySQL 5.6 Enterprise Database L2 v2.0.0MySQLDB

AUDIT AND ACCOUNTABILITY

17.2.2 Ensure 'Audit Computer Account Management' is set to include 'Success' (DC only)CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

AUDIT AND ACCOUNTABILITY

17.3.1 (L1) Ensure 'Audit PNP Activity' is set to include 'Success'CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DCWindows

AUDIT AND ACCOUNTABILITY

17.4.3 Ensure 'Audit Directory Service Changes' is set to include 'Success' (DC only)CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

AUDIT AND ACCOUNTABILITY

17.6.3 Ensure 'Audit Other Object Access Events' is set to 'Success and Failure'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

AUDIT AND ACCOUNTABILITY

17.7.3 Ensure 'Audit MPSSVC Rule-Level Policy Change' is set to 'Success and Failure' - Success and FailureCIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

17.8.1 (L1) Ensure 'Audit Sensitive Privilege Use' is set to 'Success and Failure'CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

17.9.1 (L1) Ensure 'Audit Security State Change' is set to include 'Success'CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DCWindows

AUDIT AND ACCOUNTABILITY