Detections
Analytics

Item Search

NameAudit NamePluginCategory
4.1.2.3 Ensure audit system is set to single when the disk is full.CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.1.2.6 Ensure audit system action is defined for sending errorsCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.1.2.8 Ensure audit logs are stored on a different system.CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.1.2.9 Ensure audit logs on separate system are encrypted.CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.1.2.11 Ensure off-load of audit logs - directionCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.1.2.11 Ensure off-load of audit logs - pathCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.1.2.11 Ensure off-load of audit logs - typeCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.1.2.12 Ensure action is taken when audisp-remote buffer is fullCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.1.2.13 Ensure off-loaded audit logs are labeled.CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.7 Enable use of the au-remote pluginCIS Amazon Linux 2 STIG v1.0.0 L3Unix

AUDIT AND ACCOUNTABILITY

4.8 Ensure off-load of audit logs - directionCIS Amazon Linux 2 STIG v1.0.0 L3Unix

AUDIT AND ACCOUNTABILITY

4.8 Enure off-load of audit logs - pathCIS Amazon Linux 2 STIG v1.0.0 L3Unix

AUDIT AND ACCOUNTABILITY

4.8 Enure off-load of audit logs - typeCIS Amazon Linux 2 STIG v1.0.0 L3Unix

AUDIT AND ACCOUNTABILITY

4.10 Ensure off-loaded audit logs are labeled.CIS Amazon Linux 2 STIG v1.0.0 L3Unix

AUDIT AND ACCOUNTABILITY

4.10 init.ora - 'Establish redundant physically separate locations for redo log files.'CIS v1.1.0 Oracle 11g OS L1Unix

AUDIT AND ACCOUNTABILITY

4.10 init.ora - 'Establish redundant physically separate locations for redo log files.'CIS v1.1.0 Oracle 11g OS Windows Level 1Windows

AUDIT AND ACCOUNTABILITY

4.11 init.ora - 'Specify redo logging must be successful.'CIS v1.1.0 Oracle 11g OS Windows Level 1Windows

AUDIT AND ACCOUNTABILITY

Auditing and logging - serverArubaOS Switch 16.x Hardening Guide v1.0.0ArubaOS

AUDIT AND ACCOUNTABILITY

Big Sur - Off-Load Audit RecordsNIST macOS Big Sur v1.4.0 - All ProfilesUnix

AUDIT AND ACCOUNTABILITY

CASA-ND-001260 - The Cisco ASA must be configured to offload audit records onto a different system or media than the system being audited - logging trapDISA STIG Cisco ASA NDM v1r6Cisco

AUDIT AND ACCOUNTABILITY

Catalina - Off-Load Audit RecordsNIST macOS Catalina v1.5.0 - All ProfilesUnix

AUDIT AND ACCOUNTABILITY

DO0238-ORACLE11 - The directories assigned to the LOG_ARCHIVE_DEST* parameters should be protected from unauthorized access - 'log_archive_duplex_dest parameter is not configured'DISA STIG Oracle 11 Instance v9r1 DatabaseOracleDB

AUDIT AND ACCOUNTABILITY

Ensure 'syslog hosts' is configured correctlyTenable Cisco Firepower Threat Defense Best Practices AuditCisco_Firepower

AUDIT AND ACCOUNTABILITY

FGFW-ND-000110 - The FortiGate device must off-load audit records on to a different system or media than the system being audited.DISA Fortigate Firewall NDM STIG v1r4FortiGate

AUDIT AND ACCOUNTABILITY

IBM i : Auditing Force Level (QAUDFRCLVL) - '*SYS'IBM System i Security Reference for V7R1 and V6R1AS/400

AUDIT AND ACCOUNTABILITY

IBM i : Auditing Force Level (QAUDFRCLVL) - '*SYS'IBM iSeries Security Reference v5r4AS/400

AUDIT AND ACCOUNTABILITY

IBM i : Auditing Force Level (QAUDFRCLVL) - '*SYS'IBM System i Security Reference for V7R2AS/400

AUDIT AND ACCOUNTABILITY

Logging: capture level is set to at least infoTNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice AuditAlcatel

AUDIT AND ACCOUNTABILITY

Logging: Use an external syslog hostTNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice AuditAlcatel

AUDIT AND ACCOUNTABILITY

MADB-10-012400 - MariaDB must off-load audit data to a separate log management facility; this must be continuous and in near real time for systems with a network connection to the storage facility and weekly or more often for stand-alone systems.DISA MariaDB Enterprise 10.x v1r3 DBMySQLDB

AUDIT AND ACCOUNTABILITY

Monterey - Off-Load Audit RecordsNIST macOS Monterey v1.0.0 - All ProfilesUnix

AUDIT AND ACCOUNTABILITY

MYS8-00-009700 - The MySQL Database Server 8.0 must off-load audit data to a separate log management facility; this must be continuous and in near real time for systems with a network connection to the storage facility and weekly or more often for stand-alone systems.DISA Oracle MySQL 8.0 v1r5 DBMySQLDB

AUDIT AND ACCOUNTABILITY

OL08-00-030062 - OL 8 must label all offloaded audit logs before sending them to the central log server.DISA Oracle Linux 8 STIG v1r9Unix

AUDIT AND ACCOUNTABILITY

OL08-00-030690 - The OL 8 audit records must be offloaded onto a different system or storage media from the system being audited.DISA Oracle Linux 8 STIG v1r9Unix

AUDIT AND ACCOUNTABILITY

OL08-00-030720 - OL 8 must authenticate the remote logging server for offloading audit logs.DISA Oracle Linux 8 STIG v1r9Unix

AUDIT AND ACCOUNTABILITY

RHEL-09-652035 - RHEL 9 must be configured to offload audit records onto a different system from the system being audited via syslog.DISA Red Hat Enterprise Linux 9 STIG v1r3Unix

AUDIT AND ACCOUNTABILITY

RHEL-09-652045 - RHEL 9 must encrypt the transfer of audit records offloaded onto a different system or media from the system being audited via rsyslog.DISA Red Hat Enterprise Linux 9 STIG v1r3Unix

AUDIT AND ACCOUNTABILITY

RHEL-09-652050 - RHEL 9 must encrypt via the gtls driver the transfer of audit records offloaded onto a different system or media from the system being audited via rsyslog.DISA Red Hat Enterprise Linux 9 STIG v1r3Unix

AUDIT AND ACCOUNTABILITY

RHEL-09-653065 - RHEL 9 must take appropriate action when the internal event queue is full.DISA Red Hat Enterprise Linux 9 STIG v1r3Unix

AUDIT AND ACCOUNTABILITY

SLES-15-010580 - The SUSE operating system must off-load rsyslog messages for networked systems in real time and off-load standalone systems at least weekly.DISA SLES 15 STIG v1r12Unix

AUDIT AND ACCOUNTABILITY

SLES-15-030690 - Audispd must off-load audit records onto a different system or media from the SUSE operating system being audited.DISA SLES 15 STIG v1r12Unix

AUDIT AND ACCOUNTABILITY

SLES-15-030790 - The SUSE operating system must off-load audit records onto a different system or media from the system being audited.DISA SLES 15 STIG v1r12Unix

AUDIT AND ACCOUNTABILITY

SYMP-AG-000210 - Symantec ProxySG must use a centralized log server.DISA Symantec ProxySG Benchmark ALG v1r3BlueCoat

AUDIT AND ACCOUNTABILITY

SYMP-AG-000220 - Symantec ProxySG must be configured to send the access logs to the centralized log server continuously.DISA Symantec ProxySG Benchmark ALG v1r3BlueCoat

AUDIT AND ACCOUNTABILITY

SYMP-NM-000080 - Symantec ProxySG must be configured to support centralized management and configuration of the audit log - enableDISA Symantec ProxySG Benchmark NDM v1r2BlueCoat

AUDIT AND ACCOUNTABILITY

SYMP-NM-000080 - Symantec ProxySG must be configured to support centralized management and configuration of the audit log - Syslog IPDISA Symantec ProxySG Benchmark NDM v1r2BlueCoat

AUDIT AND ACCOUNTABILITY

Syslog Remote Destination - HostTenable Cisco ACICisco_ACI

AUDIT AND ACCOUNTABILITY

UBTU-20-010216 - The Ubuntu operating system audit event multiplexor must be configured to off-load audit logs onto a different system or storage media from the system being audited.DISA STIG Ubuntu 20.04 LTS v1r12Unix

AUDIT AND ACCOUNTABILITY

VCFL-67-000027 - Rsyslog must be configured to monitor and ship vSphere Client log files - accessDISA STIG VMware vSphere 6.7 Virgo Client v1r2Unix

AUDIT AND ACCOUNTABILITY

WN22-AU-000010 - Windows Server 2022 audit records must be backed up to a different system or media than the system being audited.DISA Windows Server 2022 STIG v1r4Windows

AUDIT AND ACCOUNTABILITY