Item Search

Name	Audit Name	Plugin	Category
Catalina - Audit Record Reduction and Report Generation - reduction	NIST macOS Catalina v1.5.0 - 800-53r5 High	Unix	AUDIT AND ACCOUNTABILITY
SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - Event ID 14	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - Event ID 46	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - Event ID 128	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - Event ID 177	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - Event ID 178	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - LOGOUT_GROUP	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - SERVER_PERMISSION_CHANGE_GROUP	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-014900 - SQL Server must be monitored to discover unauthorized changes to functions.	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	CONFIGURATION MANAGEMENT
SQL4-00-015100 - SQL Server must be monitored to discover unauthorized changes to triggers.	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	CONFIGURATION MANAGEMENT
SQL4-00-015600 - Database objects (including but not limited to tables, indexes, storage, stored procedures, functions, triggers, links to software external to SQL Server, etc.) must be owned by database/DBMS principals authorized for ownership.	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	CONFIGURATION MANAGEMENT
SQL4-00-024300 - Symmetric keys (other than the database master key) must use a DoD certificate to encrypt the key.	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	SYSTEM AND COMMUNICATIONS PROTECTION
SQL4-00-032000 - When supporting applications that require security labeling of data, SQL Server must associate organization-defined types of security labels having organization-defined security label values with information in process.	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	ACCESS CONTROL
SQL4-00-033700 - Time stamps in database tables, intended for auditing or activity-tracking purposes, must include both date and time of day, with a minimum granularity of one second.	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036200 - SQL Server must generate Trace or Audit records when privileges/permissions are modified via locally-defined security objects - Event ID 43	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036200 - SQL Server must generate Trace or Audit records when privileges/permissions are modified via locally-defined security objects - Event ID 88	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036200 - SQL Server must generate Trace or Audit records when privileges/permissions are modified via locally-defined security objects - Event ID 89	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036300 - SQL Server must generate Trace or Audit records when unsuccessful attempts to modify privileges/permissions via locally-defined security objects occur - Event ID 42	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036300 - SQL Server must generate Trace or Audit records when unsuccessful attempts to modify privileges/permissions via locally-defined security objects occur - Event ID 82	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036300 - SQL Server must generate Trace or Audit records when unsuccessful attempts to modify privileges/permissions via locally-defined security objects occur - Event ID 83	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036400 - SQL Server must generate Trace or Audit records when locally-defined security objects are modified - Event ID 47	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036400 - SQL Server must generate Trace or Audit records when locally-defined security objects are modified - Event ID 164	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036400 - SQL Server must generate Trace or Audit records when locally-defined security objects are modified - SCHEMA_OBJECT_CHANGE_GROUP	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036500 - SQL Server must generate Trace or Audit records when unsuccessful attempts to modify locally-defined security objects occur - Event ID 47	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036500 - SQL Server must generate Trace or Audit records when unsuccessful attempts to modify locally-defined security objects occur - Event ID 162	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036500 - SQL Server must generate Trace or Audit records when unsuccessful attempts to modify locally-defined security objects occur.	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036600 - Trace or Audit records must be generated when categorized information (e.g., classification levels/security levels) is created - Event ID 82	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036600 - Trace or Audit records must be generated when categorized information (e.g., classification levels/security levels) is created - Event ID 84	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036600 - Trace or Audit records must be generated when categorized information (e.g., classification levels/security levels) is created - Event ID 89	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036600 - Trace or Audit records must be generated when categorized information (e.g., classification levels/security levels) is created - Event ID 162	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036800 - Trace or Audit records must be generated when unsuccessful attempts to create categorized information (e.g., classification levels/security levels) occur - Event ID 88	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036800 - Trace or Audit records must be generated when unsuccessful attempts to create categorized information (e.g., classification levels/security levels) occur - Event ID 91	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036850 - Trace or Audit records must be generated when unsuccessful attempts to modify categorized information (e.g., classification levels/security levels) occur - Event ID 82	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-036850 - Trace or Audit records must be generated when unsuccessful attempts to modify categorized information (e.g., classification levels/security levels) occur.	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037100 - SQL Server must generate Trace or Audit records when locally-defined security objects are dropped - Event ID 46	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037300 - Trace or Audit records must be generated when categorized information (e.g., classification levels/security levels) is deleted - Event ID 82	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037300 - Trace or Audit records must be generated when categorized information (e.g., classification levels/security levels) is deleted - Event ID 84	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037300 - Trace or Audit records must be generated when categorized information (e.g., classification levels/security levels) is deleted - Event ID 86	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037300 - Trace or Audit records must be generated when categorized information (e.g., classification levels/security levels) is deleted - Event ID 87	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037300 - Trace or Audit records must be generated when categorized information (e.g., classification levels/security levels) is deleted - Event ID 89	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037400 - Trace or Audit records must be generated when unsuccessful attempts to delete categorized information (e.g., classification levels/security levels) occur - Event ID 82	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037400 - Trace or Audit records must be generated when unsuccessful attempts to delete categorized information (e.g., classification levels/security levels) occur - Event ID 85	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037400 - Trace or Audit records must be generated when unsuccessful attempts to delete categorized information (e.g., classification levels/security levels) occur.	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-038100 - SQL Server must generate Trace or Audit records when successful accesses to designated objects occur - Event ID 84	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-038100 - SQL Server must generate Trace or Audit records when successful accesses to designated objects occur - Event ID 85	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-038100 - SQL Server must generate Trace or Audit records when successful accesses to designated objects occur - Event ID 162	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-038200 - SQL Server must generate Trace or Audit records when unsuccessful accesses to designated objects occur - SUCCESSFUL_LOGIN_GROUP	DISA STIG SQL Server 2014 Database Audit v1r7	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL6-D0-002000 - Database contents must be protected from unauthorized and unintended information transfer by enforcement of a data-transfer policy.	DISA STIG SQL Server 2016 Database Audit v3r2	MS_SQLDB	SYSTEM AND COMMUNICATIONS PROTECTION
SQL6-D0-002400 - SQL Server must provide non-privileged users with error messages that provide information necessary for corrective actions without revealing information that could be exploited by adversaries.	DISA STIG SQL Server 2016 Database Audit v3r2	MS_SQLDB	SYSTEM AND INFORMATION INTEGRITY
WN12-SO-000049 - The system must generate an audit event when the audit log reaches a percentage of full threshold.	DISA Windows Server 2012 and 2012 R2 MS STIG v3r7	Windows	AUDIT AND ACCOUNTABILITY

Detections

Analytics

Item Search