CCI|CCI-001858

Title

Provide an alert in an organization-defined real-time-period to organization-defined personnel, roles, and/or locations when organization-defined audit failure events requiring real-time alerts occur.

Reference Item Details

Category: 2024

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.9 PHTN-40-000021UnixCIS VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v1.0.0 CAT II
1.13 CISC-ND-001000CiscoCIS Cisco IOS XR Router NDM STIG v1.0.0 CAT II
1.15 O19C-00-006000WindowsCIS Oracle Database 19c STIG v1.1.0 CAT II Windows
1.15 O19C-00-006000UnixCIS Oracle Database 19c STIG v1.1.0 CAT II Unix
1.23 CISC-ND-001000CiscoCIS Cisco NX OS Switch NDM STIG v1.1.0 CAT II
1.23 VCSA-80-000150VMwareCIS VMware vSphere 8.0 vCenter STIG v1.0.0 CAT II
1.27 SOL-11.1-010380UnixCIS Solaris 11 SPARC STIG v1.0.0 CAT I
1.27 SOL-11.1-010380UnixCIS Solaris 11 X86 STIG v1.0.0 CAT I
1.28 CISC-ND-001000CiscoCIS Cisco IOS Switch NDM STIG v1.1.0 CAT II
1.28 CISC-ND-001000CiscoCIS Cisco IOS XE Switch NDM STIG v1.1.0 CAT II
1.47 SQLI-22-011100MS_SQLDBCIS Microsoft SQL Server 2022 Instance STIG v1.0.0 CAT II MS_SQLDB
1.49 APPL-14-001031UnixCIS Apple macOS 14 Sonoma STIG v1.0.0 CAT II
1.49 APPL-26-001031UnixCIS Apple macOS 26 Tahoe STIG v1.0.0 CAT II
1.62 MADB-10-007500UnixCIS MariaDB Enterprise 10.x STIG v1.1.0 CAT II Unix
3.092 - The system must generate an audit event when the audit log reaches a percentage of full threshold.WindowsDISA Windows Vista STIG v6r41
AOSX-13-000310 - The macOS system must provide an immediate real-time alert to the System Administrator (SA) and Information System Security Officer (ISSO), at a minimum, of all audit failure events requiring real-time alerts.UnixDISA STIG Apple Mac OSX 10.13 v2r5
AOSX-14-001031 - The macOS system must provide an immediate real-time alert to the System Administrator (SA) and Information System Security Officer (ISSO), at a minimum, of all audit failure events requiring real-time alerts.UnixDISA STIG Apple Mac OSX 10.14 v2r6
AOSX-15-001031 - The macOS system must provide an immediate real-time alert to the System Administrator (SA) and Information System Security Officer (ISSO), at a minimum, of all audit failure events requiring real-time alerts.UnixDISA STIG Apple Mac OSX 10.15 v1r10
APPL-11-001031 - The macOS system must provide an immediate real-time alert to the System Administrator (SA) and Information System Security Officer (ISSO), at a minimum, of all audit failure events requiring real-time alerts.UnixDISA STIG Apple macOS 11 v1r5
APPL-11-001031 - The macOS system must provide an immediate real-time alert to the System Administrator (SA) and Information System Security Officer (ISSO), at a minimum, of all audit failure events requiring real-time alerts.UnixDISA STIG Apple macOS 11 v1r8
APPL-12-001031 - The macOS system must provide an immediate real-time alert to the System Administrator (SA) and Information System Security Officer (ISSO), at a minimum, of all audit failure events requiring real-time alerts.UnixDISA STIG Apple macOS 12 v1r9
APPL-13-001031 - The macOS system must provide an immediate real-time alert to the System Administrator (SA) and Information System Security Officer (ISSO), at a minimum, of all audit failure events requiring real-time alerts.UnixDISA STIG Apple macOS 13 v1r5
APPL-14-001031 - The macOS system must configure audit failure notification.UnixDISA Apple macOS 14 Sonoma STIG v2r4
APPL-15-001031 - The macOS system must configure audit failure notification.UnixDISA Apple macOS 15 Sequoia STIG v1r7
APPL-26-001031 - The macOS system must configure audit failure notification.UnixDISA Apple macOS 26 Tahoe STIG v1r2
ARBA-ND-000295 - AOS must generate an immediate real-time alert of all audit failure events requiring real-time alerts.ArubaOSDISA HPE Aruba Networking AOS NDM STIG v1r1
ARST-ND-000790 - The Arista network device must be configured to capture all DOD auditable events.AristaDISA STIG Arista MLS EOS 4.2x NDM v2r1
ARST-ND-000790 - The Arista network device must be configured to capture all DOD auditable events.AristaDISA Arista MLS EOS 4.X NDM STIG v2r2
Big Sur - Configure Audit Failure NotificationUnixNIST macOS Big Sur v1.4.0 - 800-171
Big Sur - Configure Audit Failure NotificationUnixNIST macOS Big Sur v1.4.0 - 800-53r4 High
Big Sur - Configure Audit Failure NotificationUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Low
Big Sur - Configure Audit Failure NotificationUnixNIST macOS Big Sur v1.4.0 - 800-53r5 High
Big Sur - Configure Audit Failure NotificationUnixNIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Configure Audit Failure NotificationUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Moderate
CASA-FW-000210 - The Cisco ASA must be configured to generate a real-time alert to organization-defined personnel and/or the firewall administrator in the event communication with the central audit server is lost - From-addressCiscoDISA STIG Cisco ASA FW v2r1
CASA-FW-000210 - The Cisco ASA must be configured to generate a real-time alert to organization-defined personnel and/or the firewall administrator in the event communication with the central audit server is lost - Logging ErrorsCiscoDISA STIG Cisco ASA FW v2r1
CASA-FW-000210 - The Cisco ASA must be configured to generate a real-time alert to organization-defined personnel and/or the firewall administrator in the event communication with the central audit server is lost - Recipient-addressCiscoDISA STIG Cisco ASA FW v2r1
CASA-FW-000210 - The Cisco ASA must be configured to generate a real-time alert to organization-defined personnel and/or the firewall administrator in the event communication with the central audit server is lost - SeverityCiscoDISA STIG Cisco ASA FW v2r1
CASA-FW-000210 - The Cisco ASA must be configured to generate a real-time alert to organization-defined personnel and/or the firewall administrator in the event communication with the central audit server is lost - smtpCiscoDISA STIG Cisco ASA FW v2r1
CASA-ND-000930 - The Cisco ASA must be configured to generate an immediate real-time alert of all audit failure events requiring real-time alerts.CiscoDISA STIG Cisco ASA NDM v2r4
CASA-VN-000090 - The Cisco ASA must be configured to generate an alert that can be forwarded as an alert to organization-defined personnel and/or firewall administrator of all log failure events.CiscoDISA STIG Cisco ASA VPN v2r2
Catalina - Configure Audit Failure NotificationUnixNIST macOS Catalina v1.5.0 - 800-171
CD12-00-002700 - PostgreSQL must provide an immediate alert to appropriate support staff of all audit log failures.PostgreSQLDBDISA STIG Crunchy Data PostgreSQL DB v3r1
CD16-00-007400 - PostgreSQL must provide an immediate real-time alert to appropriate support staff of all audit log failures.UnixDISA Crunchy Data Postgres 16 STIG v1r2 Unix
CISC-ND-001000 - The Cisco router must be configured to generate an alert for all audit failure events.CiscoDISA Cisco IOS Router NDM STIG v3r7
CISC-ND-001000 - The Cisco router must be configured to generate an alert for all audit failure events.CiscoDISA Cisco IOS XE Router NDM STIG v3r7
CISC-ND-001000 - The Cisco router must be configured to generate an alert for all audit failure events.CiscoDISA Cisco IOS XR Router NDM STIG v3r6
CISC-ND-001000 - The Cisco switch must be configured to generate an alert for all audit failure events.CiscoDISA Cisco NX OS Switch NDM STIG v3r6
CISC-ND-001000 - The Cisco switch must be configured to generate an alert for all audit failure events.CiscoDISA Cisco IOS XE Switch NDM STIG v3r6
CISC-ND-001000 - The Cisco switch must be configured to generate an alert for all audit failure events.CiscoDISA Cisco IOS Switch NDM STIG v3r7