Detections
Analytics

CCI|CCI-000158

Title

Provide the capability to process, sort, and search audit records for events of interest based on organization-defined audit fields within audit records.

Reference Item Details

Category: 2024

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.13 UBTU-24-100400UnixCIS Ubuntu Linux 24.04 LTS STIG v1.0.0 CAT II
1.14 UBTU-24-100410UnixCIS Ubuntu Linux 24.04 LTS STIG v1.0.0 CAT II
1.119 UBTU-22-653010UnixCIS Ubuntu Linux 22.04 LTS STIG v1.0.0 CAT II
1.120 UBTU-22-653015UnixCIS Ubuntu Linux 22.04 LTS STIG v1.0.0 CAT II
1.229 OL08-00-030180UnixCIS Oracle Linux 8 STIG v1.0.0 CAT II
1.230 OL08-00-030181UnixCIS Oracle Linux 8 STIG v1.0.0 CAT II
1.367 RHEL-09-653010UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.368 RHEL-09-653015UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
ALMA-09-047100 - The audit package must be installed on AlmaLinux OS 9.UnixDISA CloudLinux AlmaLinux OS 9 STIG v1r2
ALMA-09-054910 - The auditd service must be enabled on AlmaLinux OS 9.UnixDISA CloudLinux AlmaLinux OS 9 STIG v1r2
AOSX-13-000240 - The macOS system must enable System Integrity Protection.UnixDISA STIG Apple Mac OSX 10.13 v2r5
AOSX-14-005001 - The macOS system must enable System Integrity Protection.UnixDISA STIG Apple Mac OSX 10.14 v2r6
AOSX-15-005001 - The macOS system must enable System Integrity Protection.UnixDISA STIG Apple Mac OSX 10.15 v1r10
APPL-11-005001 - The macOS system must enable System Integrity Protection.UnixDISA STIG Apple macOS 11 v1r8
APPL-11-005001 - The macOS system must enable System Integrity Protection.UnixDISA STIG Apple macOS 11 v1r5
APPL-12-005001 - The macOS system must enable System Integrity Protection.UnixDISA STIG Apple macOS 12 v1r9
APPL-13-005001 - The macOS system must enable System Integrity Protection.UnixDISA STIG Apple macOS 13 v1r5
APPL-14-005001 The macOS system must ensure System Integrity Protection is enabled.UnixDISA Apple macOS 14 (Sonoma) STIG v2r3
APPL-15-005001 - The macOS system must ensure System Integrity Protection is enabled.UnixDISA Apple macOS 15 (Sequoia) STIG v1r4
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Low
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Moderate
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - CNSSI 1253
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - 800-171
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - 800-53r4 High
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Low
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - 800-53r5 High
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Moderate
Catalina - Ensure System Integrity Protection is EnabledUnixNIST macOS Catalina v1.5.0 - 800-171
Catalina - Ensure System Integrity Protection is EnabledUnixNIST macOS Catalina v1.5.0 - 800-53r5 Low
Catalina - Ensure System Integrity Protection is EnabledUnixNIST macOS Catalina v1.5.0 - CNSSI 1253
Catalina - Ensure System Integrity Protection is EnabledUnixNIST macOS Catalina v1.5.0 - 800-53r4 Moderate
Catalina - Ensure System Integrity Protection is EnabledUnixNIST macOS Catalina v1.5.0 - 800-53r4 High
Catalina - Ensure System Integrity Protection is EnabledUnixNIST macOS Catalina v1.5.0 - All Profiles
Catalina - Ensure System Integrity Protection is EnabledUnixNIST macOS Catalina v1.5.0 - 800-53r4 Low
Catalina - Ensure System Integrity Protection is EnabledUnixNIST macOS Catalina v1.5.0 - 800-53r5 High
Catalina - Ensure System Integrity Protection is EnabledUnixNIST macOS Catalina v1.5.0 - 800-53r5 Moderate
DKER-EE-001090 - The host operating systems auditing policies for the Docker Engine - Enterprise component of Docker Enterprise must be set - docker pathsUnixDISA STIG Docker Enterprise 2.x Linux/Unix v2r2
DKER-EE-001090 - The host operating systems auditing policies for the Docker Engine - Enterprise component of Docker Enterprise must be set - docker servicesUnixDISA STIG Docker Enterprise 2.x Linux/Unix v2r2
Monterey - Ensure System Integrity Protection is EnabledUnixNIST macOS Monterey v1.0.0 - 800-53r4 Moderate
Monterey - Ensure System Integrity Protection is EnabledUnixNIST macOS Monterey v1.0.0 - 800-53r5 High
Monterey - Ensure System Integrity Protection is EnabledUnixNIST macOS Monterey v1.0.0 - 800-53r5 Low
Monterey - Ensure System Integrity Protection is EnabledUnixNIST macOS Monterey v1.0.0 - All Profiles
Monterey - Ensure System Integrity Protection is EnabledUnixNIST macOS Monterey v1.0.0 - CNSSI 1253
Monterey - Ensure System Integrity Protection is EnabledUnixNIST macOS Monterey v1.0.0 - 800-53r4 Low
Monterey - Ensure System Integrity Protection is EnabledUnixNIST macOS Monterey v1.0.0 - 800-53r5 Moderate
Monterey - Ensure System Integrity Protection is EnabledUnixNIST macOS Monterey v1.0.0 - 800-53r4 High
Monterey - Ensure System Integrity Protection is EnabledUnixNIST macOS Monterey v1.0.0 - 800-171
OL08-00-030180 - The OL 8 audit package must be installed.UnixDISA Oracle Linux 8 STIG v2r5
OL08-00-030181 - OL 8 audit records must contain information to establish what type of events occurred, the source of events, where events occurred, and the outcome of events.UnixDISA Oracle Linux 8 STIG v2r5