Detections
Analytics

Item Search

NameAudit NamePluginCategory
3.3.1.16 Ensure net.ipv4.conf.all.log_martians is configuredCIS SUSE Linux Enterprise 16 v1.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

3.3.1.17 Ensure net.ipv4.conf.default.log_martians is configuredCIS Debian Linux 13 v1.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

3.3.1.17 Ensure net.ipv4.conf.default.log_martians is configuredCIS SUSE Linux Enterprise 16 v1.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

4.1.3.10 Ensure use of privileged commands is collected - auditctlCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.1.3.13 Ensure login and logout events are collected - auditctl /var/log/lastlogCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

4.2.1.3 Ensure journald is configured to send logs to rsyslogCIS CentOS Linux 8 Workstation L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.1.3 Ensure journald is configured to send logs to rsyslogCIS Fedora 28 Family Linux Server L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.2.5 Ensure journald is not configured to send logs to rsyslogCIS Fedora 28 Family Linux Workstation L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.2.5 Ensure journald is not configured to send logs to rsyslogCIS CentOS Linux 8 Server L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

5.1.1.3 Ensure journald is configured to send logs to rsyslogCIS Red Hat Enterprise Linux 7 v4.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.1.1.3 Ensure journald is configured to send logs to rsyslogCIS Amazon Linux 2023 v1.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

5.1.1.3 Ensure journald is configured to send logs to rsyslogCIS CentOS Linux 7 v4.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

5.1.1.3 Ensure journald is configured to send logs to rsyslogCIS Oracle Linux 7 v4.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

5.1.1.3 Ensure journald is configured to send logs to rsyslogCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

5.1.2.5 Ensure journald is not configured to send logs to rsyslogCIS CentOS Linux 7 v4.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.1.2.5 Ensure journald is not configured to send logs to rsyslogCIS Oracle Linux 7 v4.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

5.1.2.5 Ensure journald is not configured to send logs to rsyslogCIS Oracle Linux 7 v4.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.1.14 Ensure sshd LogLevel is configuredCIS Ubuntu Linux 22.04 LTS v3.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY

5.2.3.13 Ensure file deletion events by users are collectedCIS Ubuntu Linux 18.04 LTS v2.2.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION

5.2.3.13 Ensure file deletion events by users are collectedCIS Debian Linux 10 v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION

5.2.3.13 Ensure file deletion events by users are collectedCIS Debian Linux 10 v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION

5.2.3.19 Ensure kernel module loading unloading and modification is collectedCIS Ubuntu Linux 18.04 LTS v2.2.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

6.1.1.1.1 Ensure journald service is activeCIS Debian Linux 13 v1.0.0 L1 ServerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

6.2.3.13 Ensure file deletion events by users are collectedCIS Linux Mint 22 v1.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION

6.2.3.19 Ensure kernel module loading unloading and modification is collectedCIS Linux Mint 22 v1.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

6.2.3.19 Ensure kernel module loading unloading and modification is collectedCIS Debian Linux 12 v1.1.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

6.2.3.19 Ensure kernel module loading unloading and modification is collectedCIS Ubuntu Linux 24.04 LTS v1.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

6.3.3.13 Ensure file deletion events by users are collectedCIS Oracle Linux 9 v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION

6.3.3.13 Ensure file deletion events by users are collectedCIS SUSE Linux Enterprise 15 v2.0.1 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION

6.3.3.13 Ensure file deletion events by users are collectedCIS AlmaLinux OS 9 v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION

6.3.3.13 Ensure file deletion events by users are collectedCIS Ubuntu Linux 20.04 LTS v3.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION

6.3.3.13 Ensure file deletion events by users are collectedCIS Rocky Linux 9 v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION

6.3.3.13 Ensure file deletion events by users are collectedCIS Red Hat Enterprise Linux 9 v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION

6.3.3.19 Ensure kernel module loading unloading and modification is collectedCIS Ubuntu Linux 20.04 LTS v3.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

6.3.3.19 Ensure kernel module loading unloading and modification is collectedCIS Oracle Linux 9 v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

6.3.3.19 Ensure kernel module loading unloading and modification is collectedCIS Red Hat Enterprise Linux 9 v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

6.3.3.19 Ensure kernel module loading unloading and modification is collectedCIS SUSE Linux Enterprise 15 v2.0.1 L2 ServerUnix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

6.3.3.19 Ensure kernel module loading unloading and modification is collectedCIS AlmaLinux OS 9 v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

6.3.3.19 Ensure kernel module loading unloading and modification is collectedCIS Ubuntu Linux 20.04 LTS v3.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

6.4.3.13 Ensure file deletion events by users are collectedCIS Debian Linux 11 v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION

6.4.3.19 Ensure kernel module loading unloading and modification is collectedCIS Debian Linux 11 v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

6.4.3.19 Ensure kernel module loading unloading and modification is collectedCIS Debian Linux 11 v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

9.1.5 Ensure 'Windows Firewall: Domain: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\domainfw.log'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

AUDIT AND ACCOUNTABILITY

9.1.7 Ensure 'Windows Firewall: Domain: Logging: Log dropped packets' is set to 'Yes'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

AUDIT AND ACCOUNTABILITY

9.1.8 Ensure 'Windows Firewall: Domain: Logging: Log successful connections' is set to 'Yes'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

AUDIT AND ACCOUNTABILITY

9.2.5 Ensure 'Windows Firewall: Private: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\privatefw.log'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

AUDIT AND ACCOUNTABILITY

9.2.7 Ensure 'Windows Firewall: Private: Logging: Log dropped packets' is set to 'Yes'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

AUDIT AND ACCOUNTABILITY

9.2.8 Ensure 'Windows Firewall: Private: Logging: Log successful connections' is set to 'Yes'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

AUDIT AND ACCOUNTABILITY

9.3.9 Ensure 'Windows Firewall: Public: Logging: Log dropped packets' is set to 'Yes'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

AUDIT AND ACCOUNTABILITY

9.3.10 Ensure 'Windows Firewall: Public: Logging: Log successful connections' is set to 'Yes'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

AUDIT AND ACCOUNTABILITY