• Tenable
  • Audits
  • Settings
    Links
    Tenable Cloud Tenable Community & Support Tenable University
    Theme
  • Tenable
  • Plugins
  • Overview
  • Plugins Pipeline
  • Newest
  • Updated
  • Search
  • Nessus Families
  • WAS Families
  • NNM Families
  • LCE Families
  • Tenable OT Security Families
  • About Plugin Families
  • Release Notes
  • Audits
  • Overview
  • Newest
  • Updated
  • Search Audit Files
  • Search Items
  • References
  • Authorities
  • Documentation
  • Download All Audit Files
  • Indicators
  • Overview
  • Search
  • Indicators of Attack
  • Indicators of Exposure
  • CVEs
  • Overview
  • Newest
  • Updated
  • Search
  • Attack Path Techniques
  • Overview
  • Search
    • Links
    • Tenable Cloud
    • Tenable Community & Support
    • Tenable University
    • Settings
    • Theme
Detections
  • Plugins
  • Overview
  • Plugins Pipeline
  • Release Notes
  • Newest
  • Updated
  • Search
  • Nessus Families
  • WAS Families
  • NNM Families
  • LCE Families
  • Tenable OT Security Families
  • About Plugin Families
  • Audits
  • Overview
  • Newest
  • Updated
  • Search Audit Files
  • Search Items
  • References
  • Authorities
  • Documentation
  • Download All Audit Files
  • Indicators
  • Overview
  • Search
  • Indicators of Attack
  • Indicators of Exposure
Analytics
  • CVEs
  • Overview
  • Newest
  • Updated
  • Search
  • Attack Path Techniques
  • Overview
  • Search
  1. Audits
  2. References
  3. CCI
  4. CCI-001861
  1. CCI

CCI|CCI-001861

Title

Invoke a full system shutdown, partial system shutdown, or degraded operational mode with limited mission or business functionality available in the event of organization-defined audit logging failures, unless an alternate audit logging capability exists.

Reference Item Details

Reference: CCI - DISA Control Correlation Identifier

Category: 2024

Audit Items

View all Reference Audit Items

NamePluginAudit Name
CASA-VN-000080 - The Cisco ASA must be configured to queue log records locally in the event that the central audit server is down or not reachable.CiscoDISA STIG Cisco ASA VPN v2r2
SPLK-CL-000180 - Splunk Enterprise must notify the System Administrator (SA) or Information System Security Officer (ISSO) if communication with the host and devices within its scope of coverage is lost.SplunkDISA STIG Splunk Enterprise 8.x for Linux v2r1 STIG REST API
SPLK-CL-000310 - Splunk Enterprise must notify the System Administrator (SA) or Information System Security Officer (ISSO) if communication with the host and devices within its scope of coverage is lost.SplunkDISA STIG Splunk Enterprise 7.x for Windows v3r1 REST API
SQL2-00-012800 - SQL Server must shutdown immediately in the event of an audit failure, unless an alternative audit capability exists.MS_SQLDBDISA STIG SQL Server 2012 DB Instance Security v1r20
  • Tenable.com
  • Community & Support
  • Documentation
  • Education
  • © 2025 Tenable®, Inc. All Rights Reserved
  • Privacy Policy
  • Legal
  • 508 Compliance