Item Search

Name	Audit Name	Plugin	Category
1.1.5.1.2 Set 'Windows Firewall: Domain: Logging: Size limit (KB)' to '16384 KB or greater'	CIS Windows 8 L1 v1.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
1.1.5.1.3 Set 'Windows Firewall: Domain: Logging: Name' to '%SYSTEMROOT%\System32\logfiles\firewall\domainfw.log'	CIS Windows 8 L1 v1.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
1.1.5.1.4 Set 'Windows Firewall: Private: Logging: Size limit (KB)' to '16384 KB or greater'	CIS Windows 8 L1 v1.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
1.1.5.2.8 Set 'Windows Firewall: Private: Logging: Name' to '%SYSTEMROOT%\System32\logfiles\firewall\privatefw.log'	CIS Windows 8 L1 v1.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
1.1.5.3.7 Set 'Windows Firewall: Public: Logging: Name' to '%SYSTEMROOT%\System32\logfiles\firewall\publicfw.log'	CIS Windows 8 L1 v1.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
1.1.5.3.9 Set 'Windows Firewall: Public: Logging: Size limit (KB)' to '16384 KB or greater'	CIS Windows 8 L1 v1.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
1.1.10 Ensure separate partition exists for /var	CIS Ubuntu Linux 16.04 LTS Server L2 v2.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.11 Ensure separate partition exists for /var/log/audit	CIS Debian 8 Workstation L2 v2.0.2	Unix	AUDIT AND ACCOUNTABILITY
1.1.11 Ensure separate partition exists for /var/log/audit	CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0	Unix	AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT
1.1.11 Ensure separate partition exists for /var/log/audit	CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0	Unix	AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT
1.1.12 Ensure separate partition exists for /var/log/audit	CIS Distribution Independent Linux Server L2 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
1.1.16 Ensure that the --audit-log-maxage argument is set to 30 or as appropriate	CIS Kubernetes 1.13 Benchmark v1.4.1 L1	Unix	AUDIT AND ACCOUNTABILITY
2.8 Create Separate Partition for /var/log/audit	CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0	Unix	AUDIT AND ACCOUNTABILITY
3.1.1 Enable audit buffer - 'audit_buf_sz <= 1000'	CIS IBM DB2 OS L2 v1.2.0	Unix	AUDIT AND ACCOUNTABILITY
3.1.8 Ensure the maximum log file lifetime is set correctly	CIS PostgreSQL 11 DB v1.0.0	PostgreSQLDB	AUDIT AND ACCOUNTABILITY
4.1.1.2 Ensure system is disabled when audit logs are full - 'action_mail_acct = root'	CIS Distribution Independent Linux Server L2 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.1.2 Ensure system is disabled when audit logs are full - 'admin_space_left_action'	CIS Amazon Linux v2.1.0 L2	Unix	AUDIT AND ACCOUNTABILITY
4.1.1.2 Ensure system is disabled when audit logs are full - 'admin_space_left_action'	CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.1.2 Ensure system is disabled when audit logs are full - 'admin_space_left_action'	CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.1.2 Ensure system is disabled when audit logs are full - 'space_left_action is configured'	CIS Amazon Linux v2.1.0 L2	Unix	AUDIT AND ACCOUNTABILITY
4.1.1.2 Ensure system is disabled when audit logs are full - 'space_left_action'	CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.1.2 Ensure system is disabled when audit logs are full - 'space_left_action'	CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.1.3 Ensure audit logs are not automatically deleted	CIS Distribution Independent Linux Server L2 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.2.1 Ensure audit log storage size is configured	CIS Oracle Linux 6 Workstation L2 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.2.1 Ensure audit log storage size is configured	CIS CentOS 6 Server L2 v3.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.2.1 Ensure audit log storage size is configured	CIS Ubuntu Linux 18.04 LXD Host L2 Server v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.2.1 Ensure audit log storage size is configured	CIS Oracle Linux 6 Server L2 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.2.1 Ensure audit log storage size is configured	CIS Red Hat 6 Server L2 v3.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.2.3 Ensure logrotate is configured	CIS Oracle Linux 6 Workstation L1 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.3 Ensure logrotate is configured	CIS Distribution Independent Linux Workstation L1 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
5.3.3 Keep All Auditing Information	CIS Red Hat Enterprise Linux 5 L2 v2.2.1	Unix	AUDIT AND ACCOUNTABILITY
9.1.6 Ensure 'Windows Firewall: Domain: Logging: Size limit (KB)' is set to '16,384 KB or greater'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	AUDIT AND ACCOUNTABILITY
9.2.5 Ensure 'Windows Firewall: Private: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\privatefw.log' - %SYSTEMROOT%\System32\logfiles\firewall\privatefw.log	CIS Windows 7 Workstation Level 1 v3.2.0	Windows	AUDIT AND ACCOUNTABILITY
9.2.5 Ensure 'Windows Firewall: Private: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\privatefw.log' - %SYSTEMROOT%\System32\logfiles\firewall\privatefw.log	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	AUDIT AND ACCOUNTABILITY
9.3.7 Ensure 'Windows Firewall: Public: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\publicfw.log' - %SYSTEMROOT%\System32\logfiles\firewall\publicfw.log	CIS Windows 7 Workstation Level 1 v3.2.0	Windows	AUDIT AND ACCOUNTABILITY
9.3.7 Ensure 'Windows Firewall: Public: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\publicfw.log' - %SYSTEMROOT%\System32\logfiles\firewall\publicfw.log	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	AUDIT AND ACCOUNTABILITY
9.3.8 Ensure 'Windows Firewall: Public: Logging: Size limit (KB)' is set to '16,384 KB or greater'	CIS Windows 7 Workstation Level 1 v3.2.0	Windows	AUDIT AND ACCOUNTABILITY
18.9.26.1.1 (L1) Ensure 'Application: Control Event Log behavior when the log file reaches its maximum size' is set to 'Disabled'	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker	Windows	AUDIT AND ACCOUNTABILITY
18.9.26.2.1 (L1) Ensure 'Security: Control Event Log behavior when the log file reaches its maximum size' is set to 'Disabled'	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker	Windows	AUDIT AND ACCOUNTABILITY
Ensure separate partition exists for /var/log	Tenable Cisco Firepower Management Center OS Best Practices Audit	Unix	AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT
Ensure separate partition exists for /var/log/audit	Tenable Cisco Firepower Management Center OS Best Practices Audit	Unix	AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT
Ensure system is disabled when audit logs are full - 'admin_space_left_action = halt'	Tenable Cisco Firepower Management Center OS Best Practices Audit	Unix	AUDIT AND ACCOUNTABILITY
Ensure system is disabled when audit logs are full - 'space_left_action = email'	Tenable Cisco Firepower Management Center OS Best Practices Audit	Unix	AUDIT AND ACCOUNTABILITY
MSS: (WarningLevel) Percentage threshold for the security event log at which the system will generate a warning	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	AUDIT AND ACCOUNTABILITY
MSS: (WarningLevel) Percentage threshold for the security event log at which the system will generate a warning	MSCT Windows Server 2012 R2 DC v1.0.0	Windows	AUDIT AND ACCOUNTABILITY
Size limit - Private Profile	MSCT Windows 10 1809 v1.0.0	Windows	AUDIT AND ACCOUNTABILITY
Size limit - PrivateProfile	MSCT Windows 10 1803 v1.0.0	Windows	AUDIT AND ACCOUNTABILITY
Size limit - PublicProfile	MSCT Windows 10 1803 v1.0.0	Windows	AUDIT AND ACCOUNTABILITY
Windows Defender Firewall: Allow logging - Domain Profile - LogFileSize	MSCT Windows 10 1903 v1.19.9	Windows	AUDIT AND ACCOUNTABILITY
Windows Firewall: Allow logging - LogFilePath - Private Profile	MSCT Windows 10 v1507 v1.0.0	Windows	AUDIT AND ACCOUNTABILITY

Detections

Analytics

Item Search