Detections
Analytics

Item Search

NameAudit NamePluginCategory
4.1.3.27 Ensure audit of unlink syscallCIS Amazon Linux 2 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.1.3.28 Ensure audit unlinkat syscallCIS Amazon Linux 2 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

5.2.2.4 Ensure system warns when audit logs are low on spaceCIS Red Hat EL8 Server L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

6.2.2.4 Ensure system warns when audit logs are low on spaceCIS Ubuntu Linux 24.04 LTS v1.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.2.4 Ensure system warns when audit logs are low on spaceCIS Oracle Linux 9 v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.4.2.4 Ensure system warns when audit logs are low on spaceCIS Debian Linux 11 v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

Audit LogonMSCT Windows Server 2025 MS v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit LogonMSCT Windows 10 1803 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit LogonMSCT Windows 10 1903 v1.19.9Windows

AUDIT AND ACCOUNTABILITY

Big Sur - Configure Audit Log Files Group to WheelNIST macOS Big Sur v1.4.0 - 800-53r5 ModerateUnix

AUDIT AND ACCOUNTABILITY

Big Sur - Configure Audit Log Files to Not Contain Access Control ListsNIST macOS Big Sur v1.4.0 - 800-171Unix

AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY

Big Sur - Configure Audit Log Files to Not Contain Access Control ListsNIST macOS Big Sur v1.4.0 - 800-53r4 LowUnix

AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY

Big Sur - Configure Audit Log Files to Not Contain Access Control ListsNIST macOS Big Sur v1.4.0 - 800-53r5 HighUnix

AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY

Big Sur - Configure Audit Log Folders Group to WheelNIST macOS Big Sur v1.4.0 - 800-53r4 LowUnix

AUDIT AND ACCOUNTABILITY

Big Sur - Configure Audit Log Folders Group to WheelNIST macOS Big Sur v1.4.0 - 800-53r5 HighUnix

AUDIT AND ACCOUNTABILITY

Big Sur - Configure Audit Log Folders Group to WheelNIST macOS Big Sur v1.4.0 - 800-53r5 LowUnix

AUDIT AND ACCOUNTABILITY

Big Sur - Configure Audit Log Folders to Mode 700 or Less PermissiveNIST macOS Big Sur v1.4.0 - 800-53r5 ModerateUnix

AUDIT AND ACCOUNTABILITY

Big Sur - Configure Audit Log Folders to Mode 700 or Less PermissiveNIST macOS Big Sur v1.4.0 - CNSSI 1253Unix

AUDIT AND ACCOUNTABILITY

CASA-FW-000090 - The Cisco ASA must be configured to queue log records locally in the event that the central audit server is down or not reachable - Buffer EnabledDISA STIG Cisco ASA FW v2r1Cisco

AUDIT AND ACCOUNTABILITY

Catalina - Configure Audit Log Files Group to WheelNIST macOS Catalina v1.5.0 - 800-53r4 ModerateUnix

AUDIT AND ACCOUNTABILITY

Catalina - Configure Audit Log Files to Not Contain Access Control ListsNIST macOS Catalina v1.5.0 - 800-53r4 ModerateUnix

AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY

Catalina - Configure Audit Log Folders Group to WheelNIST macOS Catalina v1.5.0 - 800-171Unix

AUDIT AND ACCOUNTABILITY

Catalina - Configure Audit Log Folders Group to WheelNIST macOS Catalina v1.5.0 - 800-53r4 ModerateUnix

AUDIT AND ACCOUNTABILITY

Catalina - Configure Audit Log Folders Group to WheelNIST macOS Catalina v1.5.0 - 800-53r5 HighUnix

AUDIT AND ACCOUNTABILITY

Catalina - Configure Audit Log Folders to Mode 700 or Less PermissiveNIST macOS Catalina v1.5.0 - 800-53r5 HighUnix

AUDIT AND ACCOUNTABILITY

Catalina - Configure Audit Log Folders to Mode 700 or Less PermissiveNIST macOS Catalina v1.5.0 - 800-53r5 LowUnix

AUDIT AND ACCOUNTABILITY

CNTR-K8-000610 - The Kubernetes API Server must have an audit log path set.DISA STIG Kubernetes v2r3Unix

AUDIT AND ACCOUNTABILITY

DB2X-00-000900 - DB2 must generate audit records when unsuccessful attempts to retrieve privileges/permissions occur - database policiesDISA STIG IBM DB2 v10.5 LUW v2r1 DatabaseIBM_DB2DB

AUDIT AND ACCOUNTABILITY

DB2X-00-000900 - DB2 must generate audit records when unsuccessful attempts to retrieve privileges/permissions occur - SYSIBM.SYSCOLAUTHDISA STIG IBM DB2 v10.5 LUW v2r1 DatabaseIBM_DB2DB

AUDIT AND ACCOUNTABILITY

DB2X-00-000900 - DB2 must generate audit records when unsuccessful attempts to retrieve privileges/permissions occur - SYSIBM.SYSLIBRARYAUTHDISA STIG IBM DB2 v10.5 LUW v2r1 DatabaseIBM_DB2DB

AUDIT AND ACCOUNTABILITY

DB2X-00-000900 - DB2 must generate audit records when unsuccessful attempts to retrieve privileges/permissions occur - SYSIBM.SYSSECURITYPOLICYEXEMPTIONSDISA STIG IBM DB2 v10.5 LUW v2r1 DatabaseIBM_DB2DB

AUDIT AND ACCOUNTABILITY

DB2X-00-000900 - DB2 must generate audit records when unsuccessful attempts to retrieve privileges/permissions occur - SYSIBM.SYSWORKLOADAUTHDISA STIG IBM DB2 v10.5 LUW v2r1 DatabaseIBM_DB2DB

AUDIT AND ACCOUNTABILITY

DB2X-00-010200 - DB2 must generate audit records when privileges/permissions are modifiedDISA STIG IBM DB2 v10.5 LUW v2r1 DatabaseIBM_DB2DB

AUDIT AND ACCOUNTABILITY

GEN002700 - System audit logs must have mode 0640 or less permissive.DISA STIG AIX 5.3 v1r2Unix

AUDIT AND ACCOUNTABILITY

Monterey - Configure Audit Log Files Group to WheelNIST macOS Monterey v1.0.0 - CNSSI 1253Unix

AUDIT AND ACCOUNTABILITY

Monterey - Configure Audit Log Folders Group to WheelNIST macOS Monterey v1.0.0 - 800-53r5 HighUnix

AUDIT AND ACCOUNTABILITY

Monterey - Configure Audit Log Folders Group to WheelNIST macOS Monterey v1.0.0 - All ProfilesUnix

AUDIT AND ACCOUNTABILITY

Monterey - Configure Audit Log Folders to Mode 700 or Less PermissiveNIST macOS Monterey v1.0.0 - 800-171Unix

AUDIT AND ACCOUNTABILITY

Monterey - Configure Audit Log Folders to Mode 700 or Less PermissiveNIST macOS Monterey v1.0.0 - 800-53r5 HighUnix

AUDIT AND ACCOUNTABILITY

OL6-00-000385 - Audit log directories must have mode 0755 or less permissive.DISA STIG Oracle Linux 6 v2r7Unix

AUDIT AND ACCOUNTABILITY

OL08-00-030610 - OL 8 must allow only the Information System Security Manager (ISSM) (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited.DISA Oracle Linux 8 STIG v2r4Unix

AUDIT AND ACCOUNTABILITY

PANW-AG-000144 - The Palo Alto Networks security platform must, at a minimum, off-load threat and traffic log records onto a centralized log server in real time.DISA STIG Palo Alto ALG v3r4Palo_Alto

AUDIT AND ACCOUNTABILITY

RHEL-06-000383 - Audit log files must have mode 0640 or less permissive.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

RHEL-06-000385 - Audit log directories must have mode 0755 or less permissive.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

RHEL-09-653110 - RHEL 9 must allow only the information system security manager (ISSM) (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited.DISA Red Hat Enterprise Linux 9 STIG v2r4Unix

AUDIT AND ACCOUNTABILITY

UBTU-16-020020 - The Ubuntu operating system must allocate audit record storage capacity to store at least one weeks worth of audit records, when audit records are not immediately sent to a central audit record storage facility.DISA STIG Ubuntu 16.04 LTS v2r3Unix

AUDIT AND ACCOUNTABILITY

UBTU-18-010314 - The Ubuntu operating system must allocate audit record storage capacity to store at least one weeks worth of audit records, when audit records are not immediately sent to a central audit record storage facility.DISA STIG Ubuntu 18.04 LTS v2r15Unix

AUDIT AND ACCOUNTABILITY

UBTU-22-653035 - Ubuntu 22.04 LTS must allocate audit record storage capacity to store at least one weeks' worth of audit records, when audit records are not immediately sent to a central audit record storage facility.DISA Canonical Ubuntu 22.04 LTS STIG v2r4Unix

AUDIT AND ACCOUNTABILITY

WBLC-02-000083 - Oracle WebLogic must provide a real-time alert when organization-defined audit failure events occur - Module-HealthStateOracle WebLogic Server 12c Linux v2r2 MiddlewareUnix

AUDIT AND ACCOUNTABILITY

WBLC-02-000083 - Oracle WebLogic must provide a real-time alert when organization-defined audit failure events occur - SMTP NotificationOracle WebLogic Server 12c Linux v2r2 MiddlewareUnix

AUDIT AND ACCOUNTABILITY