Detections
Analytics

Item Search

NameAudit NamePluginCategory
4.1.1.1 Ensure auditd is installedCIS Ubuntu Linux 18.04 LTS Server L2 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

4.1.1.1 Ensure auditd is installedCIS Ubuntu Linux 18.04 LTS Workstation L2 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

4.1.2.3 Ensure audit system is set to single when the disk is full.CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.1.2.6 Ensure audit system action is defined for sending errorsCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.1.2.8 Ensure audit logs are stored on a different system.CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.1.2.9 Ensure audit logs on separate system are encrypted.CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.1.2.11 Ensure off-load of audit logs - directionCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.1.2.11 Ensure off-load of audit logs - pathCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.1.2.11 Ensure off-load of audit logs - typeCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.1.2.12 Ensure action is taken when audisp-remote buffer is fullCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.1.2.13 Ensure off-loaded audit logs are labeled.CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.7 Enable use of the au-remote pluginCIS Amazon Linux 2 STIG v1.0.0 L3Unix

AUDIT AND ACCOUNTABILITY

4.8 Ensure off-load of audit logs - directionCIS Amazon Linux 2 STIG v1.0.0 L3Unix

AUDIT AND ACCOUNTABILITY

4.8 Enure off-load of audit logs - pathCIS Amazon Linux 2 STIG v1.0.0 L3Unix

AUDIT AND ACCOUNTABILITY

4.8 Enure off-load of audit logs - typeCIS Amazon Linux 2 STIG v1.0.0 L3Unix

AUDIT AND ACCOUNTABILITY

4.10 Ensure off-loaded audit logs are labeled.CIS Amazon Linux 2 STIG v1.0.0 L3Unix

AUDIT AND ACCOUNTABILITY

4.10 init.ora - 'Establish redundant physically separate locations for redo log files.'CIS v1.1.0 Oracle 11g OS L1Unix

AUDIT AND ACCOUNTABILITY

4.10 init.ora - 'Establish redundant physically separate locations for redo log files.'CIS v1.1.0 Oracle 11g OS Windows Level 1Windows

AUDIT AND ACCOUNTABILITY

4.11 init.ora - 'Specify redo logging must be successful.'CIS v1.1.0 Oracle 11g OS Windows Level 1Windows

AUDIT AND ACCOUNTABILITY

Auditing and logging - serverArubaOS Switch 16.x Hardening Guide v1.0.0ArubaOS

AUDIT AND ACCOUNTABILITY

Big Sur - Off-Load Audit RecordsNIST macOS Big Sur v1.4.0 - All ProfilesUnix

AUDIT AND ACCOUNTABILITY

CASA-ND-001260 - The Cisco ASA must be configured to offload audit records onto a different system or media than the system being audited - logging trapDISA STIG Cisco ASA NDM v1r6Cisco

AUDIT AND ACCOUNTABILITY

Catalina - Off-Load Audit RecordsNIST macOS Catalina v1.5.0 - All ProfilesUnix

AUDIT AND ACCOUNTABILITY

DO0238-ORACLE11 - The directories assigned to the LOG_ARCHIVE_DEST* parameters should be protected from unauthorized access - 'log_archive_duplex_dest parameter is not configured'DISA STIG Oracle 11 Instance v9r1 DatabaseOracleDB

AUDIT AND ACCOUNTABILITY

Ensure 'syslog hosts' is configured correctlyTenable Cisco Firepower Threat Defense Best Practices AuditCisco_Firepower

AUDIT AND ACCOUNTABILITY

FGFW-ND-000110 - The FortiGate device must off-load audit records on to a different system or media than the system being audited.DISA Fortigate Firewall NDM STIG v1r4FortiGate

AUDIT AND ACCOUNTABILITY

IBM i : Auditing Force Level (QAUDFRCLVL) - '*SYS'IBM System i Security Reference for V7R1 and V6R1AS/400

AUDIT AND ACCOUNTABILITY

IBM i : Auditing Force Level (QAUDFRCLVL) - '*SYS'IBM iSeries Security Reference v5r4AS/400

AUDIT AND ACCOUNTABILITY

IBM i : Auditing Force Level (QAUDFRCLVL) - '*SYS'IBM System i Security Reference for V7R2AS/400

AUDIT AND ACCOUNTABILITY

Logging: capture level is set to at least infoTNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice AuditAlcatel

AUDIT AND ACCOUNTABILITY

Logging: Use an external syslog hostTNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice AuditAlcatel

AUDIT AND ACCOUNTABILITY

MADB-10-012400 - MariaDB must off-load audit data to a separate log management facility; this must be continuous and in near real time for systems with a network connection to the storage facility and weekly or more often for stand-alone systems.DISA MariaDB Enterprise 10.x v1r3 DBMySQLDB

AUDIT AND ACCOUNTABILITY

Monterey - Off-Load Audit RecordsNIST macOS Monterey v1.0.0 - All ProfilesUnix

AUDIT AND ACCOUNTABILITY

MYS8-00-009700 - The MySQL Database Server 8.0 must off-load audit data to a separate log management facility; this must be continuous and in near real time for systems with a network connection to the storage facility and weekly or more often for stand-alone systems.DISA Oracle MySQL 8.0 v1r5 DBMySQLDB

AUDIT AND ACCOUNTABILITY

OL08-00-030062 - OL 8 must label all offloaded audit logs before sending them to the central log server.DISA Oracle Linux 8 STIG v1r9Unix

AUDIT AND ACCOUNTABILITY

OL08-00-030690 - The OL 8 audit records must be offloaded onto a different system or storage media from the system being audited.DISA Oracle Linux 8 STIG v1r9Unix

AUDIT AND ACCOUNTABILITY

OL08-00-030720 - OL 8 must authenticate the remote logging server for offloading audit logs.DISA Oracle Linux 8 STIG v1r9Unix

AUDIT AND ACCOUNTABILITY

RHEL-09-652035 - RHEL 9 must be configured to offload audit records onto a different system from the system being audited via syslog.DISA Red Hat Enterprise Linux 9 STIG v1r3Unix

AUDIT AND ACCOUNTABILITY

RHEL-09-652045 - RHEL 9 must encrypt the transfer of audit records offloaded onto a different system or media from the system being audited via rsyslog.DISA Red Hat Enterprise Linux 9 STIG v1r3Unix

AUDIT AND ACCOUNTABILITY

RHEL-09-652050 - RHEL 9 must encrypt via the gtls driver the transfer of audit records offloaded onto a different system or media from the system being audited via rsyslog.DISA Red Hat Enterprise Linux 9 STIG v1r3Unix

AUDIT AND ACCOUNTABILITY

SLES-15-010580 - The SUSE operating system must off-load rsyslog messages for networked systems in real time and off-load standalone systems at least weekly.DISA SLES 15 STIG v1r12Unix

AUDIT AND ACCOUNTABILITY

SLES-15-030690 - Audispd must off-load audit records onto a different system or media from the SUSE operating system being audited.DISA SLES 15 STIG v1r12Unix

AUDIT AND ACCOUNTABILITY

SLES-15-030790 - The SUSE operating system must off-load audit records onto a different system or media from the system being audited.DISA SLES 15 STIG v1r12Unix

AUDIT AND ACCOUNTABILITY

SYMP-AG-000220 - Symantec ProxySG must be configured to send the access logs to the centralized log server continuously.DISA Symantec ProxySG Benchmark ALG v1r3BlueCoat

AUDIT AND ACCOUNTABILITY

SYMP-NM-000080 - Symantec ProxySG must be configured to support centralized management and configuration of the audit log - enableDISA Symantec ProxySG Benchmark NDM v1r2BlueCoat

AUDIT AND ACCOUNTABILITY

SYMP-NM-000080 - Symantec ProxySG must be configured to support centralized management and configuration of the audit log - Syslog IPDISA Symantec ProxySG Benchmark NDM v1r2BlueCoat

AUDIT AND ACCOUNTABILITY

Syslog Remote Destination - HostTenable Cisco ACICisco_ACI

AUDIT AND ACCOUNTABILITY

UBTU-20-010216 - The Ubuntu operating system audit event multiplexor must be configured to off-load audit logs onto a different system or storage media from the system being audited.DISA STIG Ubuntu 20.04 LTS v1r12Unix

AUDIT AND ACCOUNTABILITY

VCFL-67-000027 - Rsyslog must be configured to monitor and ship vSphere Client log files - accessDISA STIG VMware vSphere 6.7 Virgo Client v1r2Unix

AUDIT AND ACCOUNTABILITY

WN22-AU-000010 - Windows Server 2022 audit records must be backed up to a different system or media than the system being audited.DISA Windows Server 2022 STIG v1r4Windows

AUDIT AND ACCOUNTABILITY