| 2.8 Ensure That the Log Metric Filter and Alerts Exist for VPC Network Route Changes | CIS Google Cloud Platform v3.0.0 L2 | GCP | AUDIT AND ACCOUNTABILITY |
| 3.1 Ensure Security Auditing Is Enabled | CIS Apple macOS 12.0 Monterey Cloud-tailored v1.1.0 L1 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.1 Ensure Security Auditing Is Enabled | CIS Apple macOS 10.14 v2.0.0 L1 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.1 Ensure Security Auditing Is Enabled | CIS Apple macOS 14.0 Sonoma v2.0.0 L1 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.1.2 Ensure the log destinations are set correctly | CIS PostgreSQL 13 DB v1.2.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.2 Ensure the log destinations are set correctly | CIS PostgreSQL 16 DB v1.0.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.3 Ensure the logging collector is enabled | CIS PostgreSQL 12 DB v1.1.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.4 Ensure the log file destination directory is set correctly | CIS PostgreSQL 17 v1.0.0 L1 PostgreSQL | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.5 Ensure the filename pattern for log files is set correctly | CIS PostgreSQL 13 DB v1.2.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.5 Ensure the filename pattern for log files is set correctly | CIS PostgreSQL 16 DB v1.0.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.2 (L1) Ensure persistent logging is configured for all ESXi hosts | CIS VMware ESXi 7.0 v1.4.0 L1 | VMware | AUDIT AND ACCOUNTABILITY |
| 3.2.4 Ensure suspicious packets are logged | CIS Google Container-Optimized OS v1.2.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 3.2.7 Ensure that the --eventRecordQPS argument is set to 0 or a level which ensures appropriate event capture | CIS Google Kubernetes Engine (GKE) v1.7.0 L1 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.7 Ensure VPC flow logging is enabled in all VPCs | CIS Amazon Web Services Foundations v5.0.0 L2 | amazon_aws | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
| 4.1.1.1 Ensure auditd is installed | CIS CentOS Linux 8 Server L2 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.1.1 Ensure auditd is installed | CIS Fedora 28 Family Linux Server L2 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.1.1 Ensure auditd is installed | CIS Fedora 28 Family Linux Workstation L2 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.1.1 Ensure correct container image is set for stackdriver logging agent | CIS Google Container-Optimized OS v1.2.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.2.2 Ensure journald is configured to write logfiles to persistent disk | CIS Google Container-Optimized OS v1.2.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.2.5 Ensure system is disabled when audit logs are full - at a minimum via email when the threshold for the repository maximum audit record storage capacity is reached. | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2 Enable Auditing of Incoming Network Connections | CIS Oracle Solaris 11.4 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.4 Enable Auditing of Process and Privilege Events | CIS Oracle Solaris 11.4 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1 Ensure that system activity is audited | CIS MongoDB 3.6 L1 Windows Audit v1.1.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 5.2 Ensure 'Default Trace Enabled' Server Configuration Option is set to '1' | CIS Microsoft SQL Server 2019 v1.5.0 L1 AWS RDS | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| 5.2 Ensure that audit filters are configured properly | CIS MongoDB 5 L2 OS Linux v1.2.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.1.1 Ensure audit is installed | CIS Rocky Linux 8 Workstation L2 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.1.1 Ensure audit is installed | CIS Red Hat EL8 Workstation L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.1.1 Ensure audit is installed | CIS Red Hat Enterprise Linux 7 v4.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.1.1 Ensure audit is installed | CIS Oracle Linux 8 Workstation L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.3 Ensure that logging captures as much information as possible | CIS MongoDB 5 L2 OS Linux v1.2.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.3 Ensure that logging captures as much information as possible | CIS MongoDB 6 v1.2.0 L2 MongoDB | Windows | AUDIT AND ACCOUNTABILITY |
| 5.3.6 Ensure SSH LogLevel is appropriate - sshd_config | CIS Red Hat 6 Workstation L1 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 6.1.6 Ensure the 'PUBLIC DATABASE LINK' Audit Option Is Enabled | CIS Oracle Server 19c DB Traditional Auditing v1.2.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 6.1.10 Ensure the 'SELECT ANY DICTIONARY' Audit Option Is Enabled | CIS Oracle Server 19c DB Traditional Auditing v1.2.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 6.1.13 Ensure the 'DROP ANY PROCEDURE' Audit Option Is Enabled | CIS Oracle Server 19c DB Traditional Auditing v1.2.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 6.1.17 Ensure the 'TRIGGER' Audit Option Is Enabled | CIS Oracle Server 19c DB Traditional Auditing v1.2.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 6.2.1 Ensure the 'CREATE USER' Action Audit Is Enabled | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 6.2.9 Ensure the 'CREATE PROFILE' Action Audit Is Enabled | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 6.2.10 Ensure the 'ALTER PROFILE' Action Audit Is Enabled | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 6.2.14 Ensure the 'DROP DATABASE LINK' Action Audit Is Enabled | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 6.2.16 Ensure the 'ALTER SYNONYM' Action Audit Is Enabled | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 6.2.20 Ensure the 'CREATE PROCEDURE/FUNCTION/PACKAGE/PACKAGE BODY' Action Audit Is Enabled | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 6.2.21 Ensure the 'ALTER PROCEDURE/FUNCTION/PACKAGE/PACKAGE BODY' Action Audit Is Enabled | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 6.2.22 Ensure the 'DROP PROCEDURE/FUNCTION/PACKAGE/PACKAGE BODY' Action Audit Is Enabled | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 6.2.24 Ensure the 'CREATE TRIGGER' Action Audit Is Enabled | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 6.3.1.1 Ensure auditd packages are installed | CIS AlmaLinux OS 9 v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.1.1 Ensure auditd packages are installed | CIS SUSE Linux Enterprise 15 v2.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.1.1 Ensure auditd packages are installed | CIS Rocky Linux 9 v2.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.1.1 Ensure auditd packages are installed | CIS Oracle Linux 9 v2.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.1.1 Ensure auditd packages are installed | CIS Oracle Linux 9 v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
