Item Search

Name	Audit Name	Plugin	Category
EP11-00-003210 - EDB Postgres Advanced Server software modules, to include stored procedures, functions, and triggers must be monitored to discover unauthorized changes.	EDB PostgreSQL Advanced Server v11 DB Audit v2r4	PostgreSQLDB	CONFIGURATION MANAGEMENT
SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - Event ID 43	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - Event ID 132	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - Event ID 133	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - Event ID 173	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - Event ID 176	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - Event ID 180	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - SCHEMA_OBJECT_PERMISSION_CHANGE_GROUP	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - SERVER_OBJECT_OWNERSHIP_CHANGE_GROUP	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - TRACE_CHANGE_GROUP	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-015610 - In a database owned by [sa], or by any other login having administrative privileges at the instance level, the database property TRUSTWORTHY must be OFF.	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	CONFIGURATION MANAGEMENT
SQL4-00-022500 - SQL Server must check the validity of all data inputs except those specifically identified by the organization.	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	SYSTEM AND INFORMATION INTEGRITY
SQL4-00-024100 - The Database Master Key must be encrypted by the Service Master Key, where a Database Master Key is required and another encryption method has not been specified.	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	SYSTEM AND COMMUNICATIONS PROTECTION
SQL4-00-024200 - Database Master Key passwords must not be stored in credentials within the database.	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	SYSTEM AND COMMUNICATIONS PROTECTION
SQL4-00-031900 - When supporting applications that require security labeling of data, SQL Server must associate organization-defined types of security labels having organization-defined security label values with information in storage.	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	ACCESS CONTROL
SQL4-00-035900 - Trace or Audit records must be generated when unsuccessful attempts to access categorized information (e.g., classification levels/security levels) occur.	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036200 - SQL Server must generate Trace or Audit records when privileges/permissions are modified via locally-defined security objects - Event ID 42	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036200 - SQL Server must generate Trace or Audit records when privileges/permissions are modified via locally-defined security objects - Event ID 82	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036200 - SQL Server must generate Trace or Audit records when privileges/permissions are modified via locally-defined security objects - Event ID 85	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036200 - SQL Server must generate Trace or Audit records when privileges/permissions are modified via locally-defined security objects - Event ID 90	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036200 - SQL Server must generate Trace or Audit records when privileges/permissions are modified via locally-defined security objects - SCHEMA_OBJECT_ACCESS_GROUP	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036200 - SQL Server must generate Trace or Audit records when privileges/permissions are modified via locally-defined security objects.	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036300 - SQL Server must generate Trace or Audit records when unsuccessful attempts to modify privileges/permissions via locally-defined security objects occur - Event ID 87	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036300 - SQL Server must generate Trace or Audit records when unsuccessful attempts to modify privileges/permissions via locally-defined security objects occur - SCHEMA_OBJECT_ACCESS_GROUP	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036600 - Trace or Audit records must be generated when categorized information (e.g., classification levels/security levels) is created - Event ID 83	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036600 - Trace or Audit records must be generated when categorized information (e.g., classification levels/security levels) is created - Event ID 90	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036650 - Trace or Audit records must be generated when categorized information (e.g., classification levels/security levels) is modified - Event ID 90	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036650 - Trace or Audit records must be generated when categorized information (e.g., classification levels/security levels) is modified - SCHEMA_OBJECT_ACCESS_GROUP	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036650 - Trace or Audit records must be generated when categorized information (e.g., classification levels/security levels) is modified.	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036800 - Trace or Audit records must be generated when unsuccessful attempts to create categorized information (e.g., classification levels/security levels) occur - Event ID 82	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036800 - Trace or Audit records must be generated when unsuccessful attempts to create categorized information (e.g., classification levels/security levels) occur - Event ID 83	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036800 - Trace or Audit records must be generated when unsuccessful attempts to create categorized information (e.g., classification levels/security levels) occur - Event ID 85	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036800 - Trace or Audit records must be generated when unsuccessful attempts to create categorized information (e.g., classification levels/security levels) occur - Event ID 86	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036800 - Trace or Audit records must be generated when unsuccessful attempts to create categorized information (e.g., classification levels/security levels) occur - SCHEMA_OBJECT_ACCESS...	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036850 - Trace or Audit records must be generated when unsuccessful attempts to modify categorized information (e.g., classification levels/security levels) occur - Event ID 83	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036850 - Trace or Audit records must be generated when unsuccessful attempts to modify categorized information (e.g., classification levels/security levels) occur - Event ID 84	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036850 - Trace or Audit records must be generated when unsuccessful attempts to modify categorized information (e.g., classification levels/security levels) occur - Event ID 87	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036850 - Trace or Audit records must be generated when unsuccessful attempts to modify categorized information (e.g., classification levels/security levels) occur - Event ID 88	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036850 - Trace or Audit records must be generated when unsuccessful attempts to modify categorized information (e.g., classification levels/security levels) occur - Event ID 91	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036850 - Trace or Audit records must be generated when unsuccessful attempts to modify categorized information (e.g., classification levels/security levels) occur - Event ID 162	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037200 - SQL Server must generate Trace or Audit records when unsuccessful attempts to drop locally-defined security objects occur - Event ID 47	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037200 - SQL Server must generate Trace or Audit records when unsuccessful attempts to drop locally-defined security objects occur - Event ID 162	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037200 - SQL Server must generate Trace or Audit records when unsuccessful attempts to drop locally-defined security objects occur - Event ID 164	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037300 - Trace or Audit records must be generated when categorized information (e.g., classification levels/security levels) is deleted - Event ID 83	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037300 - Trace or Audit records must be generated when categorized information (e.g., classification levels/security levels) is deleted - Event ID 91	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037400 - Trace or Audit records must be generated when unsuccessful attempts to delete categorized information (e.g., classification levels/security levels) occur - Event ID 84	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037400 - Trace or Audit records must be generated when unsuccessful attempts to delete categorized information (e.g., classification levels/security levels) occur - Event ID 90	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037400 - Trace or Audit records must be generated when unsuccessful attempts to delete categorized information (e.g., classification levels/security levels) occur - Event ID 91	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037400 - Trace or Audit records must be generated when unsuccessful attempts to delete categorized information (e.g., classification levels/security levels) occur - Event ID 162	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-038100 - SQL Server must generate Trace or Audit records when successful accesses to designated objects occur.	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY

Detections

Analytics

Item Search