Detections
Analytics

Item Search

NameAudit NamePluginCategory
4.1 Create CIS Audit ClassCIS Solaris 11.1 L1 v1.0.0Unix

ACCESS CONTROL

4.1 Create CIS Audit ClassCIS Solaris 11 L1 v1.1.0Unix

ACCESS CONTROL

4.1.2.3 Ensure audit system is set to single when the disk is full.CIS Amazon Linux 2 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.1.3.20 Ensure the audit configuration is immutableCIS Fedora 28 Family Linux Server L2 v2.0.0Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION

4.1.17 Ensure the audit configuration is immutableCIS Fedora 19 Family Linux Server L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.17 Ensure the audit configuration is immutableCIS Fedora 19 Family Linux Workstation L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.17 Ensure the audit configuration is immutableCIS Oracle Linux 6 Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

5.2.1.1 Ensure audit is installedCIS Red Hat Enterprise Linux 7 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

5.2.1.1 Ensure audit is installedCIS Oracle Linux 7 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

5.2.1.1 Ensure audit is installedCIS Red Hat Enterprise Linux 7 v4.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.2.1.1 Ensure audit is installedCIS Amazon Linux 2 v3.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

5.2.1.1 Ensure audit is installedCIS Oracle Linux 7 v4.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.2.3.20 Ensure the audit configuration is immutableCIS Ubuntu Linux 20.04 LTS Server L2 v2.0.1Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION

5.2.3.20 Ensure the audit configuration is immutableCIS Ubuntu Linux 18.04 LTS v2.2.0 L2 WorkstationUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION

5.2.3.20 Ensure the audit configuration is immutableCIS AlmaLinux OS 8 Workstation L2 v3.0.0Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION

5.2.3.20 Ensure the audit configuration is immutableCIS Oracle Linux 8 Server L2 v3.0.0Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION

5.3.3 (L1) Ensure 'Access reviews' for privileged roles are configuredCIS Microsoft 365 Foundations v5.0.0 L1 E5microsoft_azure

ACCESS CONTROL

6.2.3.20 Ensure the audit configuration is immutableCIS Ubuntu Linux 24.04 LTS v1.0.0 L2 ServerUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION

6.2.3.20 Ensure the audit configuration is immutableCIS Debian Linux 12 v1.1.0 L2 WorkstationUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION

6.3.1.1 Ensure auditd packages are installedCIS Rocky Linux 9 v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.1.1 Ensure auditd packages are installedCIS Oracle Linux 9 v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.1.1 Ensure auditd packages are installedCIS Oracle Linux 9 v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.3.1.1 Ensure auditd packages are installedCIS Rocky Linux 9 v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.3.1.1 Ensure auditd packages are installedCIS AlmaLinux OS 9 v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.1.1 Ensure auditd packages are installedCIS Red Hat Enterprise Linux 9 v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.3.3.20 Ensure the audit configuration is immutableCIS SUSE Linux Enterprise 15 v2.0.1 L2 ServerUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION

6.4.3.20 Ensure the audit configuration is immutableCIS Debian Linux 11 v2.0.0 L2 ServerUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION

AIX7-00-002201 - The AIX audit configuration files must be group-owned by audit.DISA STIG AIX 7.x v3r1Unix

AUDIT AND ACCOUNTABILITY

CISC-ND-000390 - The Cisco router must be configured to protect audit information from unauthorized deletion.DISA Cisco IOS XE Router NDM STIG v3r4Cisco

AUDIT AND ACCOUNTABILITY

DB2X-00-007700 - DB2 must provide an immediate real-time alert to appropriate support staff of all audit failure events requiring real-time alerts.DISA STIG IBM DB2 v10.5 LUW v2r1 OS LinuxUnix

AUDIT AND ACCOUNTABILITY

DB2X-00-007700 - DB2 must provide an immediate real-time alert to appropriate support staff of all audit failure events requiring real-time alerts.DISA STIG IBM DB2 v10.5 LUW v2r1 OS WindowsWindows

AUDIT AND ACCOUNTABILITY

EPAS-00-002400 - The EDB Postgres Advanced Server must be configurable to overwrite audit log records, oldest first (First-In-First-Out [FIFO]), in the event of unavailability of space for more audit log records.EnterpriseDB PostgreSQL Advanced Server OS Linux v2r1Unix

AUDIT AND ACCOUNTABILITY

F5BI-DM-000077 - The BIG-IP appliance must be configured to protect audit information from unauthorized deletion.DISA F5 BIG-IP Device Management STIG v2r4F5

AUDIT AND ACCOUNTABILITY

F5BI-LT-000057 - The BIG-IP Core implementation must be configured to protect audit information from unauthorized modification.DISA F5 BIG-IP Local Traffic Manager STIG v2r4F5

AUDIT AND ACCOUNTABILITY

JUEX-NM-000200 - The Juniper EX switch must be configured to protect audit information from unauthorized deletion.DISA Juniper EX Series Network Device Management v2r3Juniper

AUDIT AND ACCOUNTABILITY

MADB-10-002000 - The audit information produced by MariaDB must be protected from unauthorized read access.DISA MariaDB Enterprise 10.x v2r3 DBMySQLDB

AUDIT AND ACCOUNTABILITY

RHEL-09-653020 - RHEL 9 audit system must take appropriate action when an error writing to the audit storage volume occurs.DISA Red Hat Enterprise Linux 9 STIG v2r4Unix

AUDIT AND ACCOUNTABILITY

SPLK-CL-000100 - Splunk Enterprise installation directories must be secured.DISA STIG Splunk Enterprise 7.x for Windows v3r1 OSWindows

AUDIT AND ACCOUNTABILITY

SPLK-CL-000190 - Splunk Enterprise installation directories must be secured.DISA STIG Splunk Enterprise 8.x for Linux v2r2 STIG OSUnix

AUDIT AND ACCOUNTABILITY

SQL2-00-001600 - SQL Server must ensure that remote sessions that access an organization-defined list of security functions and security-relevant information are audited - 'Event ID 115'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

ACCESS CONTROL

SQL2-00-001600 - SQL Server must ensure that remote sessions that access an organization-defined list of security functions and security-relevant information are audited - 'Event ID 128'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

ACCESS CONTROL

SQL2-00-013600 - SQL Server must protect audit information from any type of unauthorized access.DISA STIG SQL Server 2012 Database OS Audit v1r20Windows

AUDIT AND ACCOUNTABILITY

SQL4-00-039020 - When using command-line tools such as SQLCMD in a mixed-mode authentication environment, users must use a logon method that does not expose the password.DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

IDENTIFICATION AND AUTHENTICATION

UBTU-18-010311 - The Ubuntu operating system must be configured so that audit configuration files are not write-accessible by unauthorized users.DISA STIG Ubuntu 18.04 LTS v2r15Unix

AUDIT AND ACCOUNTABILITY

UBTU-18-010312 - The Ubuntu operating system must permit only authorized accounts to own the audit configuration files.DISA STIG Ubuntu 18.04 LTS v2r15Unix

AUDIT AND ACCOUNTABILITY

UBTU-20-010134 - The Ubuntu operating system must permit only authorized accounts to own the audit configuration files.DISA Canonical Ubuntu 20.04 LTS STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

UBTU-24-900040 - Ubuntu 24.04 LTS must be configured so that audit configuration files are not write-accessible by unauthorized users.DISA Canonical Ubuntu 24.04 LTS STIG v1r1Unix

AUDIT AND ACCOUNTABILITY

WBLC-02-000095 - Oracle WebLogic must protect audit information from any type of unauthorized read access.Oracle WebLogic Server 12c Linux v2r2Unix

AUDIT AND ACCOUNTABILITY

WBLC-02-000095 - Oracle WebLogic must protect audit information from any type of unauthorized read access.Oracle WebLogic Server 12c Windows v2r2Windows

AUDIT AND ACCOUNTABILITY

WBLC-02-000095 - Oracle WebLogic must protect audit information from any type of unauthorized read access.Oracle WebLogic Server 12c Linux v2r2 MiddlewareUnix

AUDIT AND ACCOUNTABILITY