Item Search

NameAudit NamePluginCategory
1.1.12 Ensure auditing is configured for Docker files and directories - /etc/containerd/config.tomlCIS Docker v1.3.1 L1 Linux Host OSUnix

AUDIT AND ACCOUNTABILITY

1.1.16 Ensure auditing is configured for Docker files and directories - /usr/bin/containerd-shim-runc-v1CIS Docker v1.3.1 L1 Linux Host OSUnix

AUDIT AND ACCOUNTABILITY

4.1.3 Ensure events that modify date and time information are collected - auditctl b32 /etc/localtimeCIS SUSE Linux Enterprise 15 Workstation L2 v1.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.3 Ensure events that modify date and time information are collected - auditctl b32 /etc/localtimeCIS SUSE Linux Enterprise 15 Server L2 v1.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.3 Ensure events that modify date and time information are collected - auditctl b32 adjtimexCIS SUSE Linux Enterprise 15 Workstation L2 v1.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.3 Ensure events that modify date and time information are collected - auditctl b64 clock_settimeCIS SUSE Linux Enterprise 15 Server L2 v1.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.3 Ensure events that modify date and time information are collected - b32 /etc/localtimeCIS SUSE Linux Enterprise 15 Server L2 v1.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.3 Ensure events that modify date and time information are collected - b32 clock_settimeCIS SUSE Linux Enterprise 15 Workstation L2 v1.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.3 Ensure events that modify date and time information are collected - b32 clock_settimeCIS SUSE Linux Enterprise 15 Server L2 v1.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.3 Ensure events that modify date and time information are collected - b64 adjtimexCIS SUSE Linux Enterprise 15 Workstation L2 v1.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.3 Ensure events that modify date and time information are collected - b64 clock_settimeCIS SUSE Linux Enterprise 15 Server L2 v1.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.3.21 Ensure the running and on disk configuration is the sameCIS Red Hat EL8 Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.3.21 Ensure the running and on disk configuration is the sameCIS CentOS Linux 8 Server L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.3.21 Ensure the running and on disk configuration is the sameCIS CentOS Linux 8 Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.3.21 Ensure the running and on disk configuration is the sameCIS Red Hat EL8 Server L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify user/group information are collected - /etc/groupCIS SUSE Linux Enterprise 15 Workstation L2 v1.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify user/group information are collected - /etc/passwdCIS SUSE Linux Enterprise 15 Workstation L2 v1.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify user/group information are collected - auditctl /etc/passwdCIS SUSE Linux Enterprise 15 Workstation L2 v1.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify user/group information are collected - auditctl /etc/security/opasswdCIS SUSE Linux Enterprise 15 Workstation L2 v1.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.6 Ensure events that modify the system's Mandatory Access Controls are collected - auditctl /etc/selinuxCIS SUSE Linux Enterprise 15 Workstation L2 v1.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.9 Ensure discretionary access control permission modification events are collected - auditctl b32 chownCIS SUSE Linux Enterprise 15 Workstation L2 v1.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.9 Ensure discretionary access control permission modification events are collected - auditctl b32 xattrCIS SUSE Linux Enterprise 15 Workstation L2 v1.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.9 Ensure discretionary access control permission modification events are collected - auditctl b64 chmodCIS SUSE Linux Enterprise 15 Workstation L2 v1.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.9 Ensure discretionary access control permission modification events are collected - b32 chmodCIS SUSE Linux Enterprise 15 Workstation L2 v1.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.9 Ensure discretionary access control permission modification events are collected - b32 chownCIS SUSE Linux Enterprise 15 Workstation L2 v1.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.9 Ensure discretionary access control permission modification events are collected - b64 chownCIS SUSE Linux Enterprise 15 Workstation L2 v1.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - auditctl b32 EACCESCIS SUSE Linux Enterprise 15 Workstation L2 v1.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - auditctl b32 EPERMCIS SUSE Linux Enterprise 15 Workstation L2 v1.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - auditctl b64 EPERMCIS SUSE Linux Enterprise 15 Workstation L2 v1.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - b32 EACCESCIS SUSE Linux Enterprise 15 Workstation L2 v1.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - b32 EPERMCIS SUSE Linux Enterprise 15 Workstation L2 v1.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - b64 EPERMCIS SUSE Linux Enterprise 15 Workstation L2 v1.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.11 Ensure use of privileged commands is collected - auditctlCIS SUSE Linux Enterprise 15 Workstation L2 v1.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.11 Ensure use of privileged commands is collected - rules filesCIS SUSE Linux Enterprise 15 Workstation L2 v1.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.12 Ensure successful file system mounts are collected - auditctl 32b mountCIS SUSE Linux Enterprise 15 Workstation L2 v1.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.12 Ensure successful file system mounts are collected - auditctl b64 mountCIS SUSE Linux Enterprise 15 Workstation L2 v1.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.14 Ensure changes to system administration scope (sudoers) is collected - auditctl sudoersCIS SUSE Linux Enterprise 15 Workstation L2 v1.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.14 Ensure changes to system administration scope (sudoers) is collected - auditctl sudoers.dCIS SUSE Linux Enterprise 15 Workstation L2 v1.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.14 Ensure changes to system administration scope (sudoers) is collected - sudoersCIS SUSE Linux Enterprise 15 Workstation L2 v1.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.14 Ensure changes to system administration scope (sudoers) is collected - sudoers.dCIS SUSE Linux Enterprise 15 Workstation L2 v1.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.15 Ensure system administrator actions (sudolog) are collected - auditctl sudo logCIS SUSE Linux Enterprise 15 Workstation L2 v1.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.16 Ensure kernel module loading and unloading is collected - auditctl init_module, delete_moduleCIS SUSE Linux Enterprise 15 Workstation L2 v1.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.16 Ensure kernel module loading and unloading is collected - auditctl modprobeCIS SUSE Linux Enterprise 15 Workstation L2 v1.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.16 Ensure kernel module loading and unloading is collected - auditctl rmmodCIS SUSE Linux Enterprise 15 Workstation L2 v1.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.16 Ensure kernel module loading and unloading is collected - modprobeCIS SUSE Linux Enterprise 15 Workstation L2 v1.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.16 Ensure kernel module loading and unloading is collected - rmmodCIS SUSE Linux Enterprise 15 Workstation L2 v1.1.1Unix

AUDIT AND ACCOUNTABILITY

17.1.3 Ensure 'Audit Kerberos Service Ticket Operations' is set to 'Success and Failure' (DC Only)CIS Windows Server 2012 R2 DC L1 v2.5.0Windows

AUDIT AND ACCOUNTABILITY

17.3.1 Ensure 'Audit Process Creation' is set to include 'Success'CIS Windows Server 2012 R2 DC L1 v2.5.0Windows

AUDIT AND ACCOUNTABILITY

17.7.4 Ensure 'Audit MPSSVC Rule-Level Policy Change' is set to 'Success and Failure'CIS Windows Server 2012 R2 MS L1 v2.5.0Windows

AUDIT AND ACCOUNTABILITY

17.7.5 Ensure 'Audit Other Policy Change Events' is set to include 'Failure'CIS Windows Server 2012 R2 DC L1 v2.5.0Windows

AUDIT AND ACCOUNTABILITY