Item Search

Name	Audit Name	Plugin	Category
1.1.1 Enable 'aaa new-model'	CIS Cisco IOS 12 L1 v4.0.0	Cisco	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION
1.1.1.1 Syslog logging should be configured	CIS Palo Alto Firewall 11 v1.1.0 L1	Palo_Alto	AUDIT AND ACCOUNTABILITY
1.1.1.1 Syslog logging should be configured	CIS Palo Alto Firewall 10 v1.2.0 L1	Palo_Alto	AUDIT AND ACCOUNTABILITY
1.1.1.1 Syslog logging should be configured - configuration	CIS Palo Alto Firewall 9 v1.1.0 L1	Palo_Alto	AUDIT AND ACCOUNTABILITY
1.1.1.1 Syslog logging should be configured - ip-tag	CIS Palo Alto Firewall 9 v1.1.0 L1	Palo_Alto	AUDIT AND ACCOUNTABILITY
1.1.1.1 Syslog logging should be configured - system	CIS Palo Alto Firewall 9 v1.1.0 L1	Palo_Alto	AUDIT AND ACCOUNTABILITY
1.1.1.1 Syslog logging should be configured - user-id	CIS Palo Alto Firewall 9 v1.1.0 L1	Palo_Alto	AUDIT AND ACCOUNTABILITY
1.1.1.2 SNMPv3 traps should be configured	CIS Palo Alto Firewall 11 v1.1.0 L2	Palo_Alto	AUDIT AND ACCOUNTABILITY
1.1.1.2 SNMPv3 traps should be configured	CIS Palo Alto Firewall 10 v1.2.0 L2	Palo_Alto	AUDIT AND ACCOUNTABILITY
1.1.1.2 SNMPv3 traps should be configured - configuration	CIS Palo Alto Firewall 9 v1.1.0 L2	Palo_Alto	AUDIT AND ACCOUNTABILITY
1.1.1.2 SNMPv3 traps should be configured - host	CIS Palo Alto Firewall 9 v1.1.0 L2	Palo_Alto	AUDIT AND ACCOUNTABILITY
1.1.1.2 SNMPv3 traps should be configured - user-id	CIS Palo Alto Firewall 9 v1.1.0 L2	Palo_Alto	AUDIT AND ACCOUNTABILITY
1.1.3 Ensure 'Enable Log on High DP Load' is enabled	CIS Palo Alto Firewall 10 v1.2.0 L1	Palo_Alto	AUDIT AND ACCOUNTABILITY
1.1.3 Ensure 'Enable Log on High DP Load' is enabled	CIS Palo Alto Firewall 9 v1.1.0 L1	Palo_Alto	AUDIT AND ACCOUNTABILITY
1.1.3 Ensure 'Enable Log on High DP Load' is enabled	CIS Palo Alto Firewall 11 v1.1.0 L1	Palo_Alto	AUDIT AND ACCOUNTABILITY
1.1.6 Set 'aaa accounting' to log all privileged use commands using 'commands 15'	CIS Cisco IOS XE 16.x v2.1.0 L2	Cisco	AUDIT AND ACCOUNTABILITY
1.3.3 Ensure cryptographic mechanisms are used to protect the integrity of audit tools	CIS Amazon Linux 2023 Server L1 v1.0.0	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
1.4.2.1 Ensure 'TACACS+/RADIUS' is configured correctly - protocol	CIS Cisco Firewall ASA 9 L1 v4.1.0	Cisco	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION
1.10.5 Ensure 'logging history severity level' is set to greater than or equal to '5'	CIS Cisco ASA 9.x Firewall L1 v1.1.0	Cisco	AUDIT AND ACCOUNTABILITY
2.2.1 Set 'logging on'	CIS Cisco IOS 15 L1 v4.1.1	Cisco	AUDIT AND ACCOUNTABILITY
2.2.7 Set 'logging source interface'	CIS Cisco IOS 15 L1 v4.1.1	Cisco	AUDIT AND ACCOUNTABILITY
2.6 Turn off TRACE	CIS Apache Tomcat 10 L1 v1.1.0	Unix	AUDIT AND ACCOUNTABILITY
3.1.9 Set Administrative Notification Level (NOTIFYLEVEL)	CIS IBM DB2 11 v1.1.0 Linux OS Level 1	Unix	AUDIT AND ACCOUNTABILITY
3.2 Ensure the PostgreSQL Audit Extension (pgAudit) is enabled	CIS PostgreSQL 13 DB v1.2.0	PostgreSQLDB	AUDIT AND ACCOUNTABILITY
3.2.1 Ensure that a minimal audit policy is created	CIS Kubernetes v1.10.0 L1 Master	Unix	AUDIT AND ACCOUNTABILITY
3.2.1 Ensure that a minimal audit policy is created	CIS Kubernetes v1.23 Benchmark v1.0.1 L1 Master	Unix	AUDIT AND ACCOUNTABILITY
3.6.1.9 Configuring SSH - set LogLevel to INFO or VERBOSE	CIS IBM AIX 7.1 L1 v2.1.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.3 Ensure auditing for processes that start prior to auditd is enabled	CIS Debian 8 Server L2 v2.0.2	Unix	AUDIT AND ACCOUNTABILITY
4.2.2.1 Ensure syslog-ng service is enabled	CIS Debian 8 Server L1 v2.0.2	Unix	AUDIT AND ACCOUNTABILITY
4.2.2.1 Ensure syslog-ng service is enabled	CIS Debian 8 Workstation L1 v2.0.2	Unix	AUDIT AND ACCOUNTABILITY
4.2.8 Ensure that the eventRecordQPS argument is set to a level which ensures appropriate event capture	CIS Kubernetes v1.10.0 L2 Worker	Unix	AUDIT AND ACCOUNTABILITY
4.2.9 Ensure that the --event-qps argument is set to 0 or a level which ensures appropriate event capture	CIS Kubernetes v1.20 Benchmark v1.0.1 L2 Worker	Unix	AUDIT AND ACCOUNTABILITY
5.2.1.3 Ensure auditing for processes that start prior to auditd is enabled	CIS Ubuntu Linux 20.04 LTS Server L2 v2.0.1	Unix	AUDIT AND ACCOUNTABILITY
5.3 Ensure 'Login Auditing' is set to 'failed logins'	CIS SQL Server 2016 Database L1 AWS RDS v1.4.0	MS_SQLDB	AUDIT AND ACCOUNTABILITY
5.3 Ensure 'Login Auditing' is set to 'failed logins'	CIS SQL Server 2016 Database L1 DB v1.4.0	MS_SQLDB	AUDIT AND ACCOUNTABILITY
5.3 Ensure 'Login Auditing' is set to 'failed logins'	CIS SQL Server 2022 Database L1 DB v1.1.0	MS_SQLDB	AUDIT AND ACCOUNTABILITY
5.3 Ensure 'Login Auditing' is set to 'failed logins'	CIS SQL Server 2022 Database L1 AWS RDS v1.1.0	MS_SQLDB	AUDIT AND ACCOUNTABILITY
5.3 Ensure 'Login Auditing' is set to 'failed logins'	CIS Microsoft SQL Server 2019 v1.5.0 L1 AWS RDS	MS_SQLDB	AUDIT AND ACCOUNTABILITY
6.1 Ensure 'log_error' is configured correctly	CIS MySQL 5.7 Enterprise Database L1 v2.0.0	MySQLDB	AUDIT AND ACCOUNTABILITY
6.1.1 Configuring syslog - local logging - /var/adm/authlog	CIS IBM AIX 7.1 L1 v2.1.0	Unix	AUDIT AND ACCOUNTABILITY
6.1.2 Ensure sudo logging is active	CIS IBM AIX 7 v1.0.0 L2	Unix	AUDIT AND ACCOUNTABILITY
6.3 Ensure to lockdown access logs to 'Administrator , Resource Administrator and Auditor ' roles only	CIS F5 Networks v1.0.0 L1	F5	AUDIT AND ACCOUNTABILITY
6.4 Ensure that audit logging for 'MCP, tmsh and GUI' is set to enabled	CIS F5 Networks v1.0.0 L1	F5	AUDIT AND ACCOUNTABILITY
6.11 Ensure the Audit Plugin Can't be Unloaded	CIS MySQL 5.6 Enterprise Database L1 v2.0.0	MySQLDB	AUDIT AND ACCOUNTABILITY
6.25 Ensure that 'DNS Policies' is configured on Anti-Spyware profiles if 'DNS Security' license is available	CIS Palo Alto Firewall 10 v1.2.0 L1	Palo_Alto	AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY
6.25 Ensure that 'DNS Policies' is configured on Anti-Spyware profiles if 'DNS Security' license is available	CIS Palo Alto Firewall 11 v1.1.0 L1	Palo_Alto	AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY
7.1.4 Ensure Audit is Enabled Within the Instance	CIS IBM DB2 11 v1.1.0 Linux OS Level 1	Unix	AUDIT AND ACCOUNTABILITY
20.6 Ensure 'Active Directory Group Policy objects are configured with proper audit settings' (STIG DC only)	CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC	Windows	AUDIT AND ACCOUNTABILITY
20.6 Ensure 'Active Directory Group Policy objects are configured with proper audit settings' (STIG DC only)	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC	Windows	AUDIT AND ACCOUNTABILITY
Ensure 'TACACS+/RADIUS' is configured correctly - protocol	Tenable Cisco Firepower Best Practices Audit	Cisco	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION

Detections

Analytics

Item Search