Item Search

Name	Audit Name	Plugin	Category
3.1.10 Ensure the correct syslog facility is selected	CIS PostgreSQL 9.5 DB v1.1.0	PostgreSQLDB	AUDIT AND ACCOUNTABILITY
3.1.10 Ensure the correct syslog facility is selected	CIS PostgreSQL 9.6 DB v1.0.0	PostgreSQLDB	AUDIT AND ACCOUNTABILITY
3.2 Ensure the PostgreSQL Audit Extension (pgAudit) is enabled - audit.log	CIS PostgreSQL 10 DB v1.0.0	PostgreSQLDB	AUDIT AND ACCOUNTABILITY
3.2 Ensure the PostgreSQL Audit Extension (pgAudit) is enabled - audit.log	CIS PostgreSQL 9.6 DB v1.0.0	PostgreSQLDB	AUDIT AND ACCOUNTABILITY
3.2 Ensure the PostgreSQL Audit Extension (pgAudit) is enabled - pgaudit installed	CIS PostgreSQL 11 DB v1.0.0	PostgreSQLDB	AUDIT AND ACCOUNTABILITY
3.2.4 Ensure suspicious packets are logged - files net.ipv4.conf.all.log_martians = 1	CIS Debian 9 Workstation L1 v1.0.1	Unix	AUDIT AND ACCOUNTABILITY
3.2.4 Ensure suspicious packets are logged - files net.ipv4.conf.default.log_martians = 1	CIS Debian 9 Workstation L1 v1.0.1	Unix	AUDIT AND ACCOUNTABILITY
3.2.4 Ensure suspicious packets are logged - net.ipv4.conf.all.log_martians = 1	CIS Debian 9 Server L1 v1.0.1	Unix	AUDIT AND ACCOUNTABILITY
3.2.4 Ensure suspicious packets are logged - net.ipv4.conf.default.log_martians = 1	CIS Debian 9 Workstation L1 v1.0.1	Unix	AUDIT AND ACCOUNTABILITY
3.3.4 Ensure suspicious packets are logged - 'sysctl net.ipv4.conf.all.log_martians'	CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
3.3.4 Ensure suspicious packets are logged - 'sysctl net.ipv4.conf.all.log_martians'	CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
3.3.4 Ensure suspicious packets are logged - files net.ipv4.conf.all.log_martians = 1	CIS Debian Family Server L1 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
3.3.4 Ensure suspicious packets are logged - sysctl net.ipv4.conf.all.log_martians	CIS Fedora 19 Family Linux Server L1 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
3.3.4 Ensure suspicious packets are logged - sysctl net.ipv4.conf.all.log_martians	CIS Fedora 19 Family Linux Workstation L1 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.1.3 Ensure auditing for processes that start prior to auditd is enabled	CIS Debian Family Server L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.1.3 Ensure auditing for processes that start prior to auditd is enabled	CIS Debian Family Workstation L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.1.4 Ensure audit_backlog_limit is sufficient	CIS Debian Family Server L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.1.4 Ensure audit_backlog_limit is sufficient	CIS Ubuntu Linux 18.04 LXD Host L2 Server v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.1.4 Ensure audit_backlog_limit is sufficient	CIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.1.4 Ensure audit_backlog_limit is sufficient	CIS Ubuntu Linux 16.04 LTS Server L2 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.1.4 Ensure audit_backlog_limit is sufficient	CIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.1.4 Ensure audit_backlog_limit is sufficient	CIS Debian Family Workstation L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.2.4 Ensure audit_backlog_limit is sufficient	CIS Fedora 19 Family Linux Server L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.12 Ensure successful file system mounts are collected - auditctl 64-bit	CIS Red Hat 6 Workstation L2 v3.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.2.1.2 Ensure rsyslog Service is enabled	CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.2.1.3 Ensure logging is configured - '*.crit /var/log/warn'	CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.2.1.3 Ensure logging is configured - '*.crit /var/log/warn'	CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.2.1.3 Ensure logging is configured - 'auth,authpriv.* /var/log/auth.log'	CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.2.1.3 Ensure logging is configured - 'mail.* -/var/log/mail'	CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.2.1.3 Ensure logging is configured - 'mail.* -/var/log/mail'	CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.2.1.3 Ensure logging is configured - 'mail.warning -/var/log/mail.warn'	CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.2.1.3 Ensure logging is configured - 'news.err -/var/log/news/news.err'	CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.2.1.3 Ensure logging is configured - 'news.notice -/var/log/news/news.notice'	CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.2.2.2 Ensure logging is configured	CIS Debian 9 Server L1 v1.0.1	Unix	AUDIT AND ACCOUNTABILITY
4.2.2.2 Ensure logging is configured	CIS Debian 9 Workstation L1 v1.0.1	Unix	AUDIT AND ACCOUNTABILITY
4.2.2.3 Ensure journald is configured to write logfiles to persistent disk	CIS Debian Family Server L1 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.2.2.3 Ensure journald is configured to write logfiles to persistent disk	CIS Debian Family Workstation L1 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.2.3 Ensure rsyslog or syslog-ng is installed	CIS Debian 9 Server L1 v1.0.1	Unix	AUDIT AND ACCOUNTABILITY
4.2.3 Ensure rsyslog or syslog-ng is installed	CIS Debian 9 Workstation L1 v1.0.1	Unix	AUDIT AND ACCOUNTABILITY
5.2.5 Ensure SSH LogLevel is appropriate	CIS Debian 9 Server L1 v1.0.1	Unix	AUDIT AND ACCOUNTABILITY
5.2.5 Ensure SSH LogLevel is appropriate	CIS Debian 9 Workstation L1 v1.0.1	Unix	AUDIT AND ACCOUNTABILITY
5.3.6 Ensure SSH LogLevel is appropriate - sshd_config	CIS CentOS 6 Workstation L1 v3.0.0	Unix	AUDIT AND ACCOUNTABILITY
6.1.3 Ensure Accounting of Configuration Changes	CIS Juniper OS Benchmark v2.1.0 L1	Juniper	AUDIT AND ACCOUNTABILITY
6.1.4 Recommend Accounting of Interactive Commands (where External AAA is used)	CIS Juniper OS Benchmark v2.1.0 L2	Juniper	AUDIT AND ACCOUNTABILITY
17.3.1 Ensure 'Audit Process Creation' is set to include 'Success'	CIS Microsoft Windows 8.1 v2.4.1 L1	Windows	AUDIT AND ACCOUNTABILITY
17.6.1 (L1) Ensure 'Audit Detailed File Share' is set to include 'Failure'	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
17.7.4 (L1) Ensure 'Audit MPSSVC Rule-Level Policy Change' is set to 'Success and Failure'	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker	Windows	AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT
20.6 Ensure 'Active Directory Group Policy objects are configured with proper audit settings' (STIG DC only)	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC	Windows	AUDIT AND ACCOUNTABILITY
Big Sur - Enable Firewall Logging	NIST macOS Big Sur v1.4.0 - 800-53r4 High	Unix	AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION
Monterey - Enable Firewall Logging	NIST macOS Monterey v1.0.0 - 800-171	Unix	AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION

Detections

Analytics

Item Search