| 1.1.11 Ensure separate partition exists for /var/log/audit | CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| 1.1.11 Ensure separate partition exists for /var/log/audit | CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| 1.1.13 Ensure separate partition exists for /var/log/audit | CIS Amazon Linux 2 STIG v1.0.0 L2 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| 2.1.1 - Configuring syslog - local logging - '*.info;auth.none entry exists in /etc/syslog.conf' | CIS AIX 5.3/6.1 L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 2.1.1 - Configuring syslog - local logging - 'auth.info entry exists in /etc/syslog.conf' | CIS AIX 5.3/6.1 L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 2.1.2 - Configuring syslog - remote logging - '*.info;auth.none remote entry exists in /etc/syslog.conf' | CIS AIX 5.3/6.1 L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 2.1.2 - Configuring syslog - remote logging - 'auth.info remote entry exists in /etc/syslog.conf' | CIS AIX 5.3/6.1 L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 2.1.3 - Configuring syslog - remote messages | CIS AIX 5.3/6.1 L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 2.12 Ensure centralized and remote logging is configured | CIS Docker Community Edition v1.1.0 L2 Docker | Unix | AUDIT AND ACCOUNTABILITY |
| 3.1.5 Secure default database location - 'DFTDBPATH value' | CIS IBM DB2 OS L2 v1.2.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.1.8 Secure all diagnostic logs - 'diagpath location' | CIS IBM DB2 OS L1 v1.2.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.1.18 Secure permissions for the secondary archive log location - LOGARCHMETH2 OS Permissions | CIS IBM DB2 v10 v1.1.0 Windows OS Level 2 | Windows | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| 4.2.1.4 Ensure rsyslog is configured to send logs to a remote log host - rsyslog.conf/rsyslogd. | CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.5 Ensure remote rsyslog messages are only accepted on designated log hosts. - $InputTCPServerRun | CIS Aliyun Linux 2 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.2.1 Ensure journald is configured to send logs to rsyslog | CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.2.1 Ensure journald is configured to send logs to rsyslog | CIS Distribution Independent Linux Server L1 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.2.1 Ensure journald is configured to send logs to rsyslog | CIS Distribution Independent Linux Workstation L1 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.2.3 Ensure syslog-ng default file permissions configured | CIS Amazon Linux v2.1.0 L1 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.2.4 Ensure syslog-ng is configured to send logs to a remote log host - 'destination logserver' | CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.2.4 Ensure syslog-ng is configured to send logs to a remote log host - 'destination logserver' | CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.2.4 Ensure syslog-ng is configured to send logs to a remote log host - 'log' | CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.5 Configure newsyslog for secure file permissions (/var/log/amd.log) | CIS FreeBSD v1.0.5 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.5 Configure newsyslog for secure file permissions (/var/log/daily.log) | CIS FreeBSD v1.0.5 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.5 Configure newsyslog for secure file permissions (/var/log/lpd-errs) | CIS FreeBSD v1.0.5 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.5 Configure newsyslog for secure file permissions (/var/log/maillog) | CIS FreeBSD v1.0.5 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.5 Configure newsyslog for secure file permissions (/var/log/messages) | CIS FreeBSD v1.0.5 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.5 Configure newsyslog for secure file permissions (/var/log/monthly.log) | CIS FreeBSD v1.0.5 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.5 Configure newsyslog for secure file permissions (/var/log/ppp.log) | CIS FreeBSD v1.0.5 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.5 Configure newsyslog for secure file permissions (/var/log/sendmail.st) | CIS FreeBSD v1.0.5 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.5 Configure newsyslog for secure file permissions (/var/log/slip.log) | CIS FreeBSD v1.0.5 | Unix | AUDIT AND ACCOUNTABILITY |
| 6.1.1 Audit system file permissions | CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 6.12.2 Ensure At Least 2 External SYSLOG Hosts are Set with Any/Info | CIS Juniper OS Benchmark v2.1.0 L2 | Juniper | AUDIT AND ACCOUNTABILITY |
| 7.5 Prevent Syslog from accepting messages from network. Check if 'LOG_FROM_REMOTE' is set to NO in file /etc/default/syslogd | CIS Solaris 9 v1.3 | Unix | AUDIT AND ACCOUNTABILITY |
| 8.3 Configure a Logging syslog Channel - syslog | CIS BIND DNS v3.0.1 Caching Only Name Server | Unix | AUDIT AND ACCOUNTABILITY |
| 18.9.81.2.1 Ensure 'Configure Default consent' is set to 'Enabled: Always ask before sending data' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Ensure separate partition exists for /var/log | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| Ensure separate partition exists for /var/log/audit | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| Ensure syslog-ng is configured to send logs to a remote log host | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY |
| ESXi : enable-remote-syslog | VMWare vSphere 5.X Hardening Guide | VMware | AUDIT AND ACCOUNTABILITY |
| Logs containing auditing information should be secured at the directory level. | TNS IBM HTTP Server Best Practice | Windows | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| Monterey - Configure Audit Log Files Group to Wheel | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | AUDIT AND ACCOUNTABILITY |
| Monterey - Configure Audit Log Files Group to Wheel | NIST macOS Monterey v1.0.0 - 800-53r4 Moderate | Unix | AUDIT AND ACCOUNTABILITY |
| Monterey - Configure Audit Log Files to be Owned by Root | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | AUDIT AND ACCOUNTABILITY |
| Monterey - Configure Audit Log Files to Mode 440 or Less Permissive | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | AUDIT AND ACCOUNTABILITY |
| Monterey - Configure Audit Log Files to Mode 440 or Less Permissive | NIST macOS Monterey v1.0.0 - 800-53r4 Low | Unix | AUDIT AND ACCOUNTABILITY |
| Monterey - Configure Audit Log Folder to Not Contain Access Control Lists | NIST macOS Monterey v1.0.0 - 800-53r4 Moderate | Unix | AUDIT AND ACCOUNTABILITY |
| Monterey - Configure Audit Log Folders Group to Wheel | NIST macOS Monterey v1.0.0 - 800-53r4 Low | Unix | AUDIT AND ACCOUNTABILITY |
| Monterey - Configure Audit Log Folders Group to Wheel | NIST macOS Monterey v1.0.0 - 800-53r4 Moderate | Unix | AUDIT AND ACCOUNTABILITY |
| Monterey - Configure Audit Log Folders Group to Wheel | NIST macOS Monterey v1.0.0 - 800-53r5 Low | Unix | AUDIT AND ACCOUNTABILITY |
| Monterey - Configure Audit Log Folders to be Owned by Root | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | AUDIT AND ACCOUNTABILITY |
