Detections
Analytics

Item Search

NameAudit NamePluginCategory
4.1.3.7 Ensure kernel module loading and unloading is collected - delete_module 32 bitCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

ALMA-09-046550 - AlmaLinux OS 9 must enable Linux audit logging for the USBGuard daemon.DISA CloudLinux AlmaLinux OS 9 STIG v1r2Unix

AUDIT AND ACCOUNTABILITY

APPL-13-001044 - The macOS system must generate audit records for DOD-defined events such as successful/unsuccessful logon attempts, successful/unsuccessful direct access attempts, starting and ending time for user access, and concurrent logons to the same account from different sources.DISA STIG Apple macOS 13 v1r5Unix

AUDIT AND ACCOUNTABILITY

CD12-00-005200 - PostgreSQL must generate audit records when security objects are deleted.DISA STIG Crunchy Data PostgreSQL DB v3r1PostgreSQLDB

AUDIT AND ACCOUNTABILITY

CD12-00-005700 - PostgreSQL must generate audit records when unsuccessful accesses to objects occur.DISA STIG Crunchy Data PostgreSQL DB v3r1PostgreSQLDB

AUDIT AND ACCOUNTABILITY

CD12-00-006800 - PostgreSQL must generate audit records when unsuccessful attempts to modify privileges/permissions occur.DISA STIG Crunchy Data PostgreSQL DB v3r1PostgreSQLDB

AUDIT AND ACCOUNTABILITY

CD12-00-012600 - PostgreSQL must generate audit records when successful accesses to objects occur.DISA STIG Crunchy Data PostgreSQL DB v3r1PostgreSQLDB

AUDIT AND ACCOUNTABILITY

DG0145-ORACLE11 - Audit records should contain required information.DISA STIG Oracle 11 Instance v9r1 DatabaseOracleDB

AUDIT AND ACCOUNTABILITY

FNFG-FW-000165 - The FortiGate firewall must generate traffic log records when attempts are made to send packets between security zones that are not authorized to communicate.DISA Fortigate Firewall STIG v1r3FortiGate

AUDIT AND ACCOUNTABILITY

JUEX-NM-000590 - The Juniper EX switch must be configured to generate audit records when concurrent logons from different workstations occur.DISA Juniper EX Series Network Device Management v2r2Juniper

AUDIT AND ACCOUNTABILITY

MADB-10-000700 - MariaDB must be able to generate audit records when privileges/permissions are retrieved.DISA MariaDB Enterprise 10.x v2r3 DBMySQLDB

AUDIT AND ACCOUNTABILITY

MADB-10-010200 - MariaDB must generate audit records when security objects are modified.DISA MariaDB Enterprise 10.x v2r3 DBMySQLDB

AUDIT AND ACCOUNTABILITY

MADB-10-010300 - MariaDB must generate audit records when unsuccessful attempts to modify security objects occur.DISA MariaDB Enterprise 10.x v2r3 DBMySQLDB

AUDIT AND ACCOUNTABILITY

MADB-10-010900 - MariaDB must generate audit records when unsuccessful attempts to delete security objects occur.DISA MariaDB Enterprise 10.x v2r3 DBMySQLDB

AUDIT AND ACCOUNTABILITY

MADB-10-011400 - MariaDB must generate audit records for all privileged activities or other system-level access.DISA MariaDB Enterprise 10.x v2r3 DBMySQLDB

AUDIT AND ACCOUNTABILITY

MADB-10-011600 - MariaDB must generate audit records showing starting and ending time for user access to the database(s).DISA MariaDB Enterprise 10.x v2r3 DBMySQLDB

AUDIT AND ACCOUNTABILITY

MYS8-00-001900 - The MySQL Database Server 8.0 must be able to generate audit records when unsuccessful attempts to retrieve privileges/permissions occur.DISA Oracle MySQL 8.0 v2r2 DBMySQLDB

AUDIT AND ACCOUNTABILITY

MYS8-00-002100 - The MySQL Database Server 8.0 must generate audit records when unsuccessful attempts to access security objects occur.DISA Oracle MySQL 8.0 v2r2 OS LinuxUnix

AUDIT AND ACCOUNTABILITY

MYS8-00-002200 - The MySQL Database Server 8.0 must generate audit records when categories of information (e.g., classification levels/security levels) are accessed.DISA Oracle MySQL 8.0 v2r2 DBMySQLDB

AUDIT AND ACCOUNTABILITY

MYS8-00-002800 - The MySQL Database Server 8.0 must generate audit records when security objects are modified.DISA Oracle MySQL 8.0 v2r2 OS LinuxUnix

AUDIT AND ACCOUNTABILITY

MYS8-00-002900 - The MySQL Database Server 8.0 must generate audit records when unsuccessful attempts to modify security objects occur.DISA Oracle MySQL 8.0 v2r2 DBMySQLDB

AUDIT AND ACCOUNTABILITY

MYS8-00-002900 - The MySQL Database Server 8.0 must generate audit records when unsuccessful attempts to modify security objects occur.DISA Oracle MySQL 8.0 v2r2 OS LinuxUnix

AUDIT AND ACCOUNTABILITY

MYS8-00-003400 - The MySQL Database Server 8.0 must generate audit records when security objects are deleted.DISA Oracle MySQL 8.0 v2r2 DBMySQLDB

AUDIT AND ACCOUNTABILITY

MYS8-00-004400 - The MySQL Database Server 8.0 must be able to generate audit records when successful accesses to objects occur.DISA Oracle MySQL 8.0 v2r2 DBMySQLDB

AUDIT AND ACCOUNTABILITY

MYS8-00-004500 - The MySQL Database Server 8.0 must generate audit records when unsuccessful accesses to objects occur.DISA Oracle MySQL 8.0 v2r2 DBMySQLDB

AUDIT AND ACCOUNTABILITY

MYS8-00-004600 - The MySQL Database Server 8.0 must generate audit records for all direct access to the database(s).DISA Oracle MySQL 8.0 v2r2 DBMySQLDB

AUDIT AND ACCOUNTABILITY

PHTN-30-000069 - The Photon operating system must audit the 'insmod' module - insmod moduleDISA STIG VMware vSphere 7.0 Photon OS v1r4Unix

AUDIT AND ACCOUNTABILITY

PHTN-67-000020 - The Photon operating system must generate audit records when successful/unsuccessful attempts to access privileges occur - 32DISA STIG VMware vSphere 6.7 Photon OS v1r6Unix

AUDIT AND ACCOUNTABILITY

PHTN-67-000074 - The Photon operating system auditd service must generate audit records for all account creations, modifications, disabling, and termination events.DISA STIG VMware vSphere 6.7 Photon OS v1r6Unix

AUDIT AND ACCOUNTABILITY

SYMP-AG-000140 - Symantec ProxySG providing user access control intermediary services must generate audit records when successful/unsuccessful attempts to access web resources occur.DISA Symantec ProxySG Benchmark ALG v1r3BlueCoat

AUDIT AND ACCOUNTABILITY

UBTU-20-010166 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the apparmor_parser command.DISA Canonical Ubuntu 20.04 LTS STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

UBTU-20-010168 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the chacl command.DISA Canonical Ubuntu 20.04 LTS STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

UBTU-20-010173 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the unix_update command.DISA Canonical Ubuntu 20.04 LTS STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

UBTU-20-010174 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the gpasswd command.DISA Canonical Ubuntu 20.04 LTS STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

UBTU-20-010277 - The Ubuntu operating system must generate audit records for the /var/log/wtmp file.DISA Canonical Ubuntu 20.04 LTS STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

UBTU-20-010278 - The Ubuntu operating system must generate audit records for the /var/run/utmp file.DISA Canonical Ubuntu 20.04 LTS STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

UBTU-20-010298 - The Ubuntu operating system must generate audit records when successful/unsuccessful attempts to use the fdisk command.DISA Canonical Ubuntu 20.04 LTS STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

UBTU-22-654050 - Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful uses of the gpasswd command.DISA Canonical Ubuntu 22.04 LTS STIG v2r4Unix

AUDIT AND ACCOUNTABILITY

UBTU-22-654100 - Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful uses of the su command.DISA Canonical Ubuntu 22.04 LTS STIG v2r4Unix

AUDIT AND ACCOUNTABILITY

UBTU-22-654165 - Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful uses of the creat, open, openat, open_by_handle_at, truncate, and ftruncate system calls.DISA Canonical Ubuntu 22.04 LTS STIG v2r4Unix

AUDIT AND ACCOUNTABILITY

UBTU-22-654195 - Ubuntu 22.04 LTS must generate audit records for the /var/log/btmp file.DISA Canonical Ubuntu 22.04 LTS STIG v2r4Unix

AUDIT AND ACCOUNTABILITY

UBTU-24-900120 - Ubuntu 24.04 LTS must generate audit records for successful/unsuccessful uses of the ssh-keysign command.DISA Canonical Ubuntu 24.04 LTS STIG v1r1Unix

AUDIT AND ACCOUNTABILITY

UBTU-24-900180 - Ubuntu 24.04 LTS must generate audit records for successful/unsuccessful uses of the sudoedit command.DISA Canonical Ubuntu 24.04 LTS STIG v1r1Unix

AUDIT AND ACCOUNTABILITY

UBTU-24-900210 - Ubuntu 24.04 LTS must generate audit records for successful/unsuccessful uses of the chcon command.DISA Canonical Ubuntu 24.04 LTS STIG v1r1Unix

AUDIT AND ACCOUNTABILITY

UBTU-24-900270 - Ubuntu 24.04 LTS must generate audit records for successful/unsuccessful uses of the passwd command.DISA Canonical Ubuntu 24.04 LTS STIG v1r1Unix

AUDIT AND ACCOUNTABILITY

UBTU-24-900290 - Ubuntu 24.04 LTS must generate audit records for successful/unsuccessful uses of the gpasswd command.DISA Canonical Ubuntu 24.04 LTS STIG v1r1Unix

AUDIT AND ACCOUNTABILITY

UBTU-24-900350 - Ubuntu 24.04 LTS must generate audit records for successful/unsuccessful uses of the delete_module syscall.DISA Canonical Ubuntu 24.04 LTS STIG v1r1Unix

AUDIT AND ACCOUNTABILITY

UBTU-24-900520 - Ubuntu 24.04 LTS must generate audit records when successful/unsuccessful attempts to modify the /etc/sudoers.d directory occur.DISA Canonical Ubuntu 24.04 LTS STIG v1r1Unix

AUDIT AND ACCOUNTABILITY

WBSP-AS-000380 - The WebSphere Application Server must generate log records when attempts to access subject privileges occur.DISA IBM WebSphere Traditional 9 STIG v1r1 MiddlewareUnix

AUDIT AND ACCOUNTABILITY

WN22-AU-000180 - Windows Server 2022 must be configured to audit logoff successes.DISA Microsoft Windows Server 2022 STIG v2r4Windows

AUDIT AND ACCOUNTABILITY