Detections
Analytics

Item Search

NameAudit NamePluginCategory
4.1.3.1 Ensure changes to system administration scope (sudoers) is collected - /etc/sudoersCIS CentOS Linux 8 Server L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.3.1 Ensure changes to system administration scope (sudoers) is collected - /etc/sudoersCIS CentOS Linux 8 Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.3.1 Ensure changes to system administration scope (sudoers) is collected - /etc/sudoers.dCIS CentOS Linux 8 Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.3.1 Ensure changes to system administration scope (sudoers) is collected - auditctl /etc/sudoers.dCIS CentOS Linux 8 Server L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.3.1 Ensure changes to system administration scope (sudoers) is collected - auditctl /etc/sudoers.dCIS CentOS Linux 8 Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.3.3 Ensure events that modify the sudo log file are collected - /etc/audit/rules.d/*.rulesCIS CentOS Linux 8 Server L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.3.3 Ensure events that modify the sudo log file are collected - /etc/audit/rules.d/*.rulesCIS CentOS Linux 8 Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.3.7 Ensure unsuccessful file access attempts are collected - auditctl b32 EACCESCIS CentOS Linux 8 Server L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.3.7 Ensure unsuccessful file access attempts are collected - auditctl b32 EACCESCIS CentOS Linux 8 Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.3.7 Ensure unsuccessful file access attempts are collected - auditctl b32 EPERMCIS CentOS Linux 8 Server L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.3.7 Ensure unsuccessful file access attempts are collected - auditctl b64 EACCESCIS CentOS Linux 8 Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.3.7 Ensure unsuccessful file access attempts are collected - auditctl b64 EPERMCIS CentOS Linux 8 Server L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.3.7 Ensure unsuccessful file access attempts are collected - b32 EACCESCIS CentOS Linux 8 Server L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.3.7 Ensure unsuccessful file access attempts are collected - b64 EACCESCIS CentOS Linux 8 Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.3.8 Ensure events that modify user/group information are collected - /etc/groupCIS CentOS Linux 8 Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.3.8 Ensure events that modify user/group information are collected - /etc/gshadowCIS CentOS Linux 8 Server L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.3.8 Ensure events that modify user/group information are collected - /etc/gshadowCIS CentOS Linux 8 Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.3.8 Ensure events that modify user/group information are collected - /etc/passwdCIS CentOS Linux 8 Server L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.3.8 Ensure events that modify user/group information are collected - /etc/passwdCIS CentOS Linux 8 Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.3.8 Ensure events that modify user/group information are collected - /etc/security/opasswdCIS CentOS Linux 8 Server L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.3.8 Ensure events that modify user/group information are collected - /etc/security/opasswdCIS CentOS Linux 8 Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.3.8 Ensure events that modify user/group information are collected - /etc/shadowCIS CentOS Linux 8 Server L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.3.8 Ensure events that modify user/group information are collected - /etc/shadowCIS CentOS Linux 8 Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.3.8 Ensure events that modify user/group information are collected - auditctl /etc/groupCIS CentOS Linux 8 Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.3.8 Ensure events that modify user/group information are collected - auditctl /etc/gshadowCIS CentOS Linux 8 Server L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.3.8 Ensure events that modify user/group information are collected - auditctl /etc/passwdCIS CentOS Linux 8 Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.3.8 Ensure events that modify user/group information are collected - auditctl /etc/security/opasswdCIS CentOS Linux 8 Server L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.3.8 Ensure events that modify user/group information are collected - auditctl /etc/security/opasswdCIS CentOS Linux 8 Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.3.8 Ensure events that modify user/group information are collected - auditctl /etc/shadowCIS CentOS Linux 8 Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify user/group information are collected - /etc/groupCIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify user/group information are collected - /etc/security/opasswdCIS Debian Family Workstation L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify user/group information are collected - /etc/shadowCIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify user/group information are collected - /etc/shadowCIS Debian Family Workstation L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify user/group information are collected - auditctl /etc/groupCIS Ubuntu Linux 16.04 LTS Server L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify user/group information are collected - auditctl /etc/groupCIS Debian Family Workstation L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify user/group information are collected - auditctl /etc/gshadowCIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify user/group information are collected - auditctl /etc/gshadowCIS Debian Family Workstation L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify user/group information are collected - auditctl /etc/passwdCIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify user/group information are collected - auditctl /etc/shadowCIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EACCES (64-bit)CIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EACCES x64CIS Debian Family Workstation L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EPERMCIS Debian Family Workstation L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - EACCES (64-bit)CIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - EPERM (64-bit)CIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.14 Ensure changes to system administration scope (sudoers) is collected - auditctl sudoersCIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.14 Ensure changes to system administration scope (sudoers) is collected - sudoers.dCIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.15 Ensure system administrator command executions (sudo) are collected - b32CIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.15 Ensure system administrator command executions (sudo) are collected - b32 auditctlCIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.15 Ensure system administrator command executions (sudo) are collected - b64CIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.15 Ensure system administrator command executions (sudo) are collected - b64 auditctlCIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY