| 1.1.7 Set 'aaa accounting' to log all privileged use commands using 'commands 15' | CIS Cisco IOS 12 L2 v4.0.0 | Cisco | AUDIT AND ACCOUNTABILITY |
| 1.1.8 Set 'aaa accounting connection' | CIS Cisco IOS 12 L2 v4.0.0 | Cisco | AUDIT AND ACCOUNTABILITY |
| 1.1.9 Set 'aaa accounting exec' | CIS Cisco IOS 12 L2 v4.0.0 | Cisco | AUDIT AND ACCOUNTABILITY |
| 1.1.10 Set 'aaa accounting network' | CIS Cisco IOS 12 L2 v4.0.0 | Cisco | AUDIT AND ACCOUNTABILITY |
| 1.1.11 Set 'aaa accounting system' | CIS Cisco IOS 12 L2 v4.0.0 | Cisco | AUDIT AND ACCOUNTABILITY |
| 1.3 Configure SSH - Check if MaxAuthTriesLog is set to 0 and not commented for server. | CIS Solaris 9 v1.3 | Unix | AUDIT AND ACCOUNTABILITY |
| 1.10 Set receive connector 'Configure Protocol logging' to 'Verbose' | CIS Microsoft Exchange Server 2016 Edge v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.10 Set receive connector 'Configure Protocol logging' to 'Verbose' | CIS Microsoft Exchange Server 2013 Edge v1.1.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.10.6 Ensure 'logging history severity level' is set to greater than or equal to '5' | CIS Cisco Firewall v8.x L1 v4.2.0 | Cisco | AUDIT AND ACCOUNTABILITY |
| 1.10.9 Ensure 'logging buffer size' is greater than or equal to '524288' bytes (512kb) | CIS Cisco Firewall v8.x L1 v4.2.0 | Cisco | AUDIT AND ACCOUNTABILITY |
| 1.10.10 Ensure 'logging buffered severity level' is greater than or equal to '3' | CIS Cisco Firewall v8.x L1 v4.2.0 | Cisco | AUDIT AND ACCOUNTABILITY |
| 1.11 Set send connector 'Configure Protocol logging' to 'Verbose' | CIS Microsoft Exchange Server 2016 Edge v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.11 Set send connector 'Configure Protocol logging' to 'Verbose' | CIS Microsoft Exchange Server 2013 Edge v1.1.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.13 Set 'Message tracking logging - Transport' to 'True' | CIS Microsoft Exchange Server 2013 Hub v1.1.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.13 Set 'Message tracking logging - Transport' to 'True' | CIS Microsoft Exchange Server 2016 Hub v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.14 Set 'Message tracking logging - Mailbox' to 'True' | CIS Microsoft Exchange Server 2016 Mailbox v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.14 Set 'Message tracking logging - Mailbox' to 'True' | CIS Microsoft Exchange Server 2013 Mailbox v1.1.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.16 Set 'Turn on Connectivity logging' to 'True' | CIS Microsoft Exchange Server 2016 Edge v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.16 Set 'Turn on Connectivity logging' to 'True' | CIS Microsoft Exchange Server 2013 Edge v1.1.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 2 - Specify file handler in jetty-logging.properties files - org.eclipse.jetty.LEVEL=INFO | TNS Best Practice Jetty 9 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 2 - Specify file handler in jetty-logging.properties files - org.eclipse.jetty.util.log.class=org.eclipse.jetty.util.log.StrErrLog | TNS Best Practice Jetty 9 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 2 - Specify file handler in jetty-logging.properties files - org.eclipse.jetty.websocket.LEVEL=DEBUG | TNS Best Practice Jetty 9 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 2.2.7 Set 'logging source interface' | CIS Cisco IOS 12 L1 v4.0.0 | Cisco | AUDIT AND ACCOUNTABILITY |
| 3.1 Set cmdlets 'Turn on Administrator Audit Logging' to 'True' | CIS Microsoft Exchange Server 2013 UM v1.1.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 3.1 Set cmdlets 'Turn on Administrator Audit Logging' to 'True' | CIS Microsoft Exchange Server 2016 UM v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 3.2 Configure persistent logging for all ESXi host | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | AUDIT AND ACCOUNTABILITY |
| 3.3 Configure persistent logging for all ESXi host | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | AUDIT AND ACCOUNTABILITY |
| 3.4 Set 'Turn on Administrator Audit Logging' to 'True' | CIS Microsoft Exchange Server 2016 CAS v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 3.4 Set 'Turn on Administrator Audit Logging' to 'True' | CIS Microsoft Exchange Server 2013 CAS v1.1.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 3.11 Set mailbox 'Turn on Administrator Audit Logging' to 'True' | CIS Microsoft Exchange Server 2016 UM v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 3.11 Set mailbox 'Turn on Administrator Audit Logging' to 'True' | CIS Microsoft Exchange Server 2013 UM v1.1.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 6.1.5 Set SSH MaxAuthTriesLog to 0 - Check if MaxAuthTriesLog is set to 0 and not commented for the server. | CIS Solaris 10 L1 v5.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 7.1 Application specific logging | CIS Apache Tomcat 7 L2 v1.1.0 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| 7.3 Ensure className is set correctly in context.xml | CIS Apache Tomcat 7 L2 v1.1.0 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| Ensure 'logging buffer size' is greater than or equal to '524288' bytes (512kb) | Tenable Cisco Firepower Best Practices Audit | Cisco | AUDIT AND ACCOUNTABILITY |
| Ensure 'logging buffered severity ' is greater than or equal to '3' | Tenable Cisco Firepower Best Practices Audit | Cisco | AUDIT AND ACCOUNTABILITY |
| ESXi : config-persistent-logs | VMWare vSphere 5.X Hardening Guide | VMware | AUDIT AND ACCOUNTABILITY |
| Huawei: Information Center is not disabled. | TNS Huawei VRP Best Practice Audit | Huawei | AUDIT AND ACCOUNTABILITY |
| IBM i : Auditing Level (QAUDLVL) - '*SECURITY' | IBM System i Security Reference for V7R3 | AS/400 | AUDIT AND ACCOUNTABILITY |
| IBM i : Auditing Level (QAUDLVL2) - '*SECURITY' | IBM System i Security Reference for V7R3 | AS/400 | AUDIT AND ACCOUNTABILITY |
| Logging Directives should be restricted to authorized users. - 'LogLevel notice' | TNS IBM HTTP Server Best Practice Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| Logging Directives should be restricted to authorized users. - 'LogLevel notice' | TNS IBM HTTP Server Best Practice | Unix | AUDIT AND ACCOUNTABILITY |
| PCI 2.2.4 Configure system security parameters to prevent misuse - Configure SSH (etc/ssh/sshd_config MaxAuthTriesLog) | PCI DSS 2.0/3.0 - Solaris 10 | Unix | AUDIT AND ACCOUNTABILITY |
| PCI 10.2.1 Monitor all individual accesses to cardholder data - check '/etc/syslog' is logging as much information as possible | PCI DSS 2.0/3.0 - Solaris 10 | Unix | AUDIT AND ACCOUNTABILITY |
| PCI 10.2.4 - Invalid logical access attempts - '*.info;auth.none entry exists in /etc/syslog.conf' | PCI DSS 2.0/3.0 - AIX | Unix | AUDIT AND ACCOUNTABILITY |
| PCI 10.2.4 - Invalid logical access attempts - 'auth.info entry exists in /etc/syslog.conf' | PCI DSS 2.0/3.0 - AIX | Unix | AUDIT AND ACCOUNTABILITY |
| PCI 10.2.4 Invalid logical access attempts - 'Check if auth.info is set to var/log/authlog' | PCI DSS 2.0/3.0 - Solaris 10 | Unix | AUDIT AND ACCOUNTABILITY |
| PCI 10.5.3 Promptly back up audit trail files to a centralized log server - configure remote logging. | PCI DSS 2.0/3.0 - Solaris 10 | Unix | AUDIT AND ACCOUNTABILITY |
| PCI 10.5.4 - Write logs for external-facing technologies onto a log server on the internal LAN - '*.info;auth.none remote entry exists' | PCI DSS 2.0/3.0 - AIX | Unix | AUDIT AND ACCOUNTABILITY |
| PCI 10.5.4 - Write logs for external-facing technologies onto a log server on the internal LAN - 'auth.info remote entry exists' | PCI DSS 2.0/3.0 - AIX | Unix | AUDIT AND ACCOUNTABILITY |
