Item Search

Name	Audit Name	Plugin	Category
1.1.6 Set 'aaa accounting' to log all privileged use commands using 'commands 15'	CIS Cisco IOS XE 16.x v2.1.0 L2	Cisco	AUDIT AND ACCOUNTABILITY
1.1.10 Set 'aaa accounting system'	CIS Cisco IOS XE 17.x v2.1.1 L2	Cisco	AUDIT AND ACCOUNTABILITY
1.1.15 Ensure that the --audit-log-path argument is set as appropriate	CIS Kubernetes 1.13 Benchmark v1.4.1 L1	Unix	AUDIT AND ACCOUNTABILITY
2.2 Ensure the Log Config Module Is Enabled	CIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware	Unix	AUDIT AND ACCOUNTABILITY
2.2 Ensure the Log Config Module Is Enabled	CIS Apache HTTP Server 2.2 L2 v3.6.0	Unix	AUDIT AND ACCOUNTABILITY
2.2.1 Set 'logging on'	CIS Cisco IOS 15 L1 v4.1.1	Cisco	AUDIT AND ACCOUNTABILITY
2.2.7 Set 'logging source interface'	CIS Cisco IOS 15 L1 v4.1.1	Cisco	AUDIT AND ACCOUNTABILITY
2.2.14 Ensure 'SEC_PROTOCOL_ERROR_TRACE_ACTION' Is Set to 'LOG'	CIS Oracle Server 12c DB Traditional Auditing v3.0.0	OracleDB	AUDIT AND ACCOUNTABILITY
3.2.4 Ensure suspicious packets are logged - 'sysctl net.ipv4.conf.default.log_martians'	CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
3.2.4 Ensure suspicious packets are logged - sysctl net.ipv4.conf.default.log_martians	CIS Distribution Independent Linux Workstation L1 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
3.3.4 Ensure suspicious packets are logged - 'net.ipv4.conf.all.log_martians = 1 /etc/sysctl.conf /etc/sysctl.d/*'	CIS Oracle Linux 6 Server L1 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
3.3.4 Ensure suspicious packets are logged - 'net.ipv4.conf.default.log_martians = 1 /sbin/sysctl'	CIS CentOS 6 Server L1 v3.0.0	Unix	AUDIT AND ACCOUNTABILITY
3.3.4 Ensure suspicious packets are logged - 'net.ipv4.conf.default.log_martians = 1 /sbin/sysctl'	CIS CentOS 6 Workstation L1 v3.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.1.1 Ensure auditd is installed	CIS Debian Family Server L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.1.1 Ensure auditd is installed - audit-libs	CIS CentOS 6 Workstation L2 v3.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.1.1 Ensure auditd is installed - audit-libs	CIS Oracle Linux 6 Workstation L2 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.1.3 Ensure auditd service is enabled	CIS CentOS 6 Server L2 v3.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.1.3 Ensure auditd service is enabled	CIS Oracle Linux 6 Workstation L2 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.1.4 Ensure auditing for processes that start prior to auditd is enabled	CIS CentOS 6 Workstation L2 v3.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.2 Ensure auditd service is enabled	CIS Debian 9 Workstation L2 v1.0.1	Unix	AUDIT AND ACCOUNTABILITY
4.1.3 Ensure auditd service is enabled	CIS Distribution Independent Linux Workstation L2 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.3 Ensure auditing for processes that start prior to auditd is enabled	CIS Debian 8 Server L2 v2.0.2	Unix	AUDIT AND ACCOUNTABILITY
4.1.17 Ensure the audit configuration is immutable	CIS CentOS 6 Server L2 v3.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.17 Ensure the audit configuration is immutable	CIS CentOS 6 Workstation L2 v3.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.18 Ensure the audit configuration is immutable	CIS Debian 9 Workstation L2 v1.0.1	Unix	AUDIT AND ACCOUNTABILITY
4.2.1.1 Ensure rsyslog is installed	CIS Distribution Independent Linux Server L1 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.2.1.1 Ensure rsyslog is installed	CIS Oracle Linux 6 Server L1 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.2.1.2 Ensure rsyslog Service is enabled	CIS Oracle Linux 6 Server L1 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.2.1.3 Ensure logging is configured	CIS CentOS 6 Server L1 v3.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.2.1.3 Ensure logging is configured	CIS Distribution Independent Linux Server L1 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.2.1.3 Ensure logging is configured	CIS Oracle Linux 6 Server L1 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.2.1.3 Ensure logging is configured	CIS Red Hat 6 Workstation L1 v3.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.2.2.1 Ensure syslog-ng service is enabled	CIS Debian 9 Workstation L1 v1.0.1	Unix	AUDIT AND ACCOUNTABILITY
5.2 Ensure 'Default Trace Enabled' Server Configuration Option is set to '1'	CIS SQL Server 2012 Database L1 DB v1.6.0	MS_SQLDB	AUDIT AND ACCOUNTABILITY
5.2.5 Ensure SSH LogLevel is appropriate	CIS Distribution Independent Linux Server L1 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
6.1 Ensure the Error Log Filename and Severity Level Are Configured Correctly - 'ErrorLog is configured'	CIS Apache HTTP Server 2.2 L1 v3.6.0	Unix	AUDIT AND ACCOUNTABILITY
6.1 Ensure the Error Log Filename and Severity Level Are Configured Correctly - 'httpd.conf <VirtualHost> ErrorLog is configured'	CIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware	Unix	AUDIT AND ACCOUNTABILITY
6.1.2.2 Ensure journald ForwardToSyslog is disabled	CIS Debian Linux 12 v1.1.0 L1 Workstation	Unix	AUDIT AND ACCOUNTABILITY
6.1.2.2 Ensure journald ForwardToSyslog is disabled	CIS Ubuntu Linux 24.04 LTS v1.0.0 L1 Workstation	Unix	AUDIT AND ACCOUNTABILITY
6.1.11 Ensure the 'GRANT ANY OBJECT PRIVILEGE' Audit Option Is Enabled	CIS Oracle Server 12c DB Traditional Auditing v3.0.0	OracleDB	AUDIT AND ACCOUNTABILITY
6.1.16 Ensure the 'ALTER SYSTEM' Audit Option Is Enabled	CIS Oracle Server 12c DB Traditional Auditing v3.0.0	OracleDB	AUDIT AND ACCOUNTABILITY
6.2.17 Ensure the 'DROP SYNONYM' Action Audit Is Enabled	CIS Oracle Server 12c DB Unified Auditing v3.0.0	OracleDB	AUDIT AND ACCOUNTABILITY
6.2.18 Ensure the 'SELECT ANY DICTIONARY' Privilege Audit Is Enabled	CIS Oracle Server 12c DB Unified Auditing v3.0.0	OracleDB	AUDIT AND ACCOUNTABILITY
6.2.20 Ensure the 'CREATE PROCEDURE/FUNCTION/PACKAGE/PACKAGE BODY' Action Audit Is Enabled	CIS Oracle Server 12c DB Unified Auditing v3.0.0	OracleDB	AUDIT AND ACCOUNTABILITY
6.2.21 Ensure the 'ALTER PROCEDURE/FUNCTION/PACKAGE/PACKAGE BODY' Action Audit Is Enabled	CIS Oracle Server 12c DB Unified Auditing v3.0.0	OracleDB	AUDIT AND ACCOUNTABILITY
6.3 Ensure the Server Access Log Is Configured Correctly - 'httpd.conf LogFormat is configured'	CIS Apache HTTP Server 2.2 L2 v3.6.0	Unix	AUDIT AND ACCOUNTABILITY
9.2 Configure a Logging File Channel - category dnssec	CIS BIND DNS v1.0.0 L1 Authoritative Name Server	Unix	AUDIT AND ACCOUNTABILITY
9.2 Configure a Logging File Channel - category network	CIS BIND DNS v1.0.0 L1 Caching Only Name Server	Unix	AUDIT AND ACCOUNTABILITY
9.2 Configure a Logging File Channel - logging section	CIS BIND DNS v1.0.0 L1 Authoritative Name Server	Unix	AUDIT AND ACCOUNTABILITY
9.2 Configure a Logging File Channel - logging section	CIS BIND DNS v1.0.0 L1 Caching Only Name Server	Unix	AUDIT AND ACCOUNTABILITY

Detections

Analytics

Item Search