Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.10 Audit Docker files and directories - docker.serviceCIS Docker 1.11.0 v1.0.0 L1 LinuxUnix

AUDIT AND ACCOUNTABILITY

1.11 Audit Docker files and directories - docker.socketCIS Docker 1.12.0 v1.0.0 L1 LinuxUnix

AUDIT AND ACCOUNTABILITY

1.12 Audit Docker files and directories - docker.serviceCIS Docker 1.6 v1.0.0 L1 LinuxUnix

AUDIT AND ACCOUNTABILITY

1.17 Audit Docker files and directories - /etc/sysconfig/docker-storageCIS Docker 1.6 v1.0.0 L1 LinuxUnix

AUDIT AND ACCOUNTABILITY

1.18 Audit Docker files and directories - /etc/default/dockerCIS Docker 1.6 v1.0.0 L1 LinuxUnix

AUDIT AND ACCOUNTABILITY

2.2.3 Ensure SNMP traps is enabled - authorizationErrorCIS Check Point Firewall L1 v1.1.0CheckPoint

AUDIT AND ACCOUNTABILITY

2.2.3 Set 'logging console critical'CIS Cisco IOS 12 L1 v4.0.0Cisco

AUDIT AND ACCOUNTABILITY

2.6.3 Ensure cplogs is set to onCIS Check Point Firewall L1 v1.1.0CheckPoint

AUDIT AND ACCOUNTABILITY

3.1 Enable security auditingCIS Apple macOS 10.12 L1 v1.2.0Unix

AUDIT AND ACCOUNTABILITY

3.1.12 Set administrative notification levelCIS IBM DB2 v10 v1.1.0 Linux OS Level 1Unix

AUDIT AND ACCOUNTABILITY

3.2 Configure Security Auditing Flags - 'audit successful/failed login/logout events'CIS Apple macOS 10.12 L2 v1.2.0Unix

AUDIT AND ACCOUNTABILITY

4.1.14 Ensure file deletion events by users are collected - auditctlCIS Amazon Linux v2.1.0 L2Unix

AUDIT AND ACCOUNTABILITY

4.1.14 Ensure file deletion events by users are collected - b64CIS Amazon Linux v2.1.0 L2Unix

AUDIT AND ACCOUNTABILITY

5.5 Ensure Cloudwatch Log Group is created for App TierCIS Amazon Web Services Three-tier Web Architecture L1 1.0.0amazon_aws

AUDIT AND ACCOUNTABILITY

8.1.1.3 Keep All Auditing InformationCIS Debian Linux 7 L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

8.1.4 Record Events That Modify Date and Time Information - 64 bit clock_settimeCIS Debian Linux 7 L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

8.1.5 Record Events That Modify User/Group Information - /etc/groupCIS Debian Linux 7 L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

8.1.6 Record Events That Modify the System's Network Environment - /etc/hostsCIS Debian Linux 7 L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

8.1.6 Record Events That Modify the System's Network Environment - /etc/issue.netCIS Debian Linux 7 L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

8.1.8 Collect Login and Logout Events - /var/log/faillogCIS Debian Linux 7 L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

8.1.10 Collect Discretionary Access Control Permission Modification Events - 32 bit setxattrCIS Debian Linux 7 L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

8.1.10 Collect Discretionary Access Control Permission Modification Events - 64 bit chmodCIS Debian Linux 7 L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

8.1.11 Collect Unsuccessful Unauthorized Access Attempts to Files - 64 bit EPERMCIS Debian Linux 7 L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

8.1.12 Collect Use of Privileged CommandsCIS Debian Linux 7 L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

8.1.15 Collect Changes to System Administration Scope (sudoers)CIS Debian Linux 7 L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

8.2.4 Create and Set Permissions on rsyslog Log Files - createdCIS Debian Linux 7 L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

9.3.2 Set LogLevel to INFOCIS Debian Linux 7 L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

Audit Account LockoutMSCT Windows 11 v23H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Account LockoutMSCT Windows Server 2025 MS v2506 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Audit Policy ChangeMSCT Windows 11 v22H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Authorization Policy ChangeMSCT Windows Server 2025 MS v2506 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit client does not support encryptionMSCT Windows Server 2025 DC v2506 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit client does not support encryption - AuditClientDoesNotSupportEncryptionMSCT Windows Server 2025 MS v2506 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Detailed File ShareMSCT Windows 11 v24H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Directory Service ChangesMSCT Windows Server 2025 DC v2506 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit File ShareMSCT Windows 11 v22H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Kerberos Service Ticket OperationsMSCT Windows Server 2025 DC v2506 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit MPSSVC Rule-Level Policy ChangeMSCT Windows Server 2025 MS v2506 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Other Object Access EventsMSCT Windows Server 2025 MS v2506 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Other Policy Change EventsMSCT Windows 11 v24H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit PNP ActivityMSCT Windows Server 2025 MS v2506 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Process CreationMSCT Windows 11 v22H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Removable StorageMSCT Windows 11 v22H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Removable StorageMSCT Windows 11 v24H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Security Group ManagementMSCT Windows 11 v22H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Security State ChangeMSCT Windows 11 v24H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Special LogonMSCT Windows 11 v22H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settingsMSCT Windows 11 v23H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settingsMSCT Windows Server 2025 DC v2506 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Windows Defender Firewall: Allow logging - LogDroppedPackets Domain ProfileMSCT Windows Server 2025 MS v2506 v1.0.0Windows

AUDIT AND ACCOUNTABILITY