2.1.1 - Configuring syslog - local logging - '*.info;auth.none entry exists in /etc/syslog.conf' | CIS AIX 5.3/6.1 L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
4 - Send logs to a remote server | TNS Best Practice JBoss 7 Linux | Unix | AUDIT AND ACCOUNTABILITY |
4.1.1.4 Ensure audit logs are stored on a different system. | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | AUDIT AND ACCOUNTABILITY |
4.2.2.1 Ensure journald is configured to send logs to rsyslog | CIS Ubuntu Linux 18.04 LTS Server L1 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
5.1 - Storage Administrative System Auditing - Log Forwarding enabled | NetApp Security Hardening Guide for ONTAP 9 v1.7.0 | Netapp_API | AUDIT AND ACCOUNTABILITY |
5.1 Ensure Default IIS web log location is moved | CIS IIS 8.0 v1.5.1 Level 1 | Windows | AUDIT AND ACCOUNTABILITY |
5.5 Configure newsyslog for secure file permissions (/var/log/slip.log) | CIS FreeBSD v1.0.5 | Unix | AUDIT AND ACCOUNTABILITY |
5.6 Ensure Cloudwatch Log Group for Web Tier has a retention period | CIS Amazon Web Services Three-tier Web Architecture L1 1.0.0 | amazon_aws | AUDIT AND ACCOUNTABILITY |
7.5 Prevent Syslog from accepting messages from network. Check if 'LOG_FROM_REMOTE' is set to NO in file /etc/default/syslogd | CIS Solaris 9 v1.3 | Unix | AUDIT AND ACCOUNTABILITY |
8.1.1 Configuring syslog - local logging | CIS IBM AIX 7.2 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
8.1.3 Configuring syslog - remote messages | CIS IBM AIX 7.2 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
8.2.3 Configure /etc/rsyslog.conf - '*.*;mail.none;news.none -/var/log/messages' | CIS Debian Linux 7 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
8.2.3 Configure /etc/rsyslog.conf - '*.=warning;*.=err -/var/log/warn' | CIS Debian Linux 7 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
8.2.3 Configure /etc/rsyslog.conf - '*.crit /var/log/warn' | CIS Debian Linux 7 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
8.2.3 Configure /etc/rsyslog.conf - 'local0,local1.* -/var/log/localmessages' | CIS Debian Linux 7 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
8.2.3 Configure /etc/rsyslog.conf - 'local4,local5.* -/var/log/localmessages' | CIS Debian Linux 7 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
8.2.3 Configure /etc/rsyslog.conf - 'mail.* -/var/log/mail' | CIS Debian Linux 7 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
8.2.3 Configure /etc/rsyslog.conf - 'mail.err /var/log/mail.err' | CIS Debian Linux 7 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
8.2.3 Configure /etc/rsyslog.conf - 'news.err -/var/log/news/news.err' | CIS Debian Linux 7 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
8.2.3 Configure /etc/rsyslog.conf - *.=warning;*.=err -/var/log/warn | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
8.2.3 Configure /etc/rsyslog.conf - *.crit /var/log/warn | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
8.2.3 Configure /etc/rsyslog.conf - *.emerg :omusrmsg:* | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
8.2.3 Configure /etc/rsyslog.conf - local4,local5.* -/var/log/localmessages | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
8.2.3 Configure /etc/rsyslog.conf - mail.warning -/var/log/mail.warn | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
8.2.3 Configure /etc/rsyslog.conf - news.notice -/var/log/news/news.notice | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
8.2.4 Create and Set Permissions on rsyslog Log Files - permissions | CIS Debian Linux 7 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
8.2.5 Configure rsyslog to Send Logs to a Remote Log Host | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
8.2.6 Accept Remote rsyslog Messages Only on Designated Log Hosts | CIS Debian Linux 7 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
Adtran : Forward logs to syslog server | TNS Adtran AOS Best Practice Audit | Adtran | AUDIT AND ACCOUNTABILITY |
Brocade - Forward all error logs to syslog daemon | Tenable Best Practices Brocade FabricOS | Brocade | AUDIT AND ACCOUNTABILITY |
Citrix ADM - Syslog - Configure server | Tenable Best Practice Citrix ADM v1.0.0 | Citrix_Application_Delivery | AUDIT AND ACCOUNTABILITY |
Enable remote syslog | TNS Citrix Hypervisor | Unix | AUDIT AND ACCOUNTABILITY |
ESXi : config-persistent-logs | VMWare vSphere 6.5 Hardening Guide | VMware | AUDIT AND ACCOUNTABILITY |
Extreme : Configure Remote Syslog | TNS Extreme ExtremeXOS Best Practice Audit | Extreme_ExtremeXOS | AUDIT AND ACCOUNTABILITY |
FireEye - Remote syslog logging level includes all errors and warnings | TNS FireEye | FireEye | AUDIT AND ACCOUNTABILITY |
Fortigate - External Logging - 'fortianalyzer' | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | AUDIT AND ACCOUNTABILITY |
Fortigate - External Logging - 'fortianalyzer2' | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | AUDIT AND ACCOUNTABILITY |
Fortigate - External Logging - 'fortianalyzer3' | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | AUDIT AND ACCOUNTABILITY |
Fortigate - Syslog3 Logging - severity 'information' | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | AUDIT AND ACCOUNTABILITY |
Huawei: External Syslog server is configured | TNS Huawei VRP Best Practice Audit | Huawei | AUDIT AND ACCOUNTABILITY |
Huawei: SNMP is Configured | TNS Huawei VRP Best Practice Audit | Huawei | AUDIT AND ACCOUNTABILITY |
Logging Directives should be restricted to authorized users. - 'ErrorLog logs/error_log' | TNS IBM HTTP Server Best Practice | Windows | AUDIT AND ACCOUNTABILITY |
Logging Directives should be restricted to authorized users. - 'ErrorLog logs/error_log' | TNS IBM HTTP Server Best Practice | Unix | AUDIT AND ACCOUNTABILITY |
Logging Directives should be restricted to authorized users. - 'LogLevel notice' | TNS IBM HTTP Server Best Practice | Windows | AUDIT AND ACCOUNTABILITY |
Management Services Security - Allow SNMP queries and/or send traps to more than one trusted server | Juniper Hardening JunOS 12 Devices Checklist | Juniper | AUDIT AND ACCOUNTABILITY |
Management Services Security - Allow SNMP queries and/or send traps to more than one trusted server - community trap | Juniper Hardening JunOS 12 Devices Checklist | Juniper | AUDIT AND ACCOUNTABILITY |
Management Services Security - Allow SNMP queries and/or send traps to more than one trusted server - usm traps | Juniper Hardening JunOS 12 Devices Checklist | Juniper | AUDIT AND ACCOUNTABILITY |
Management Services Security - Send Syslog messages to more than one trusted server with enhanced timestamps | Juniper Hardening JunOS 12 Devices Checklist | Juniper | AUDIT AND ACCOUNTABILITY |
WatchGuard : Logging - Remote Logging Enabled | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | AUDIT AND ACCOUNTABILITY |
WatchGuard : Logging - Review Remote Logging Server Address | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | AUDIT AND ACCOUNTABILITY |