CSCv7|6

Title

Maintenance, Monitoring and Analysis of Audit Logs

Reference Item Details

Category: Maintenance, Monitoring and Analysis of Audit Logs

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.1.8 Set 'aaa accounting exec'CiscoCIS Cisco IOS 17 L2 v2.0.0
1.1.8 Set 'aaa accounting exec' - aaa accounting execCiscoCIS Cisco IOS 16 L2 v2.0.0
1.1.9 Set 'aaa accounting exec'CiscoCIS Cisco IOS 15 L2 v4.1.1
1.1.9 Set 'aaa accounting network'CiscoCIS Cisco IOS 17 L2 v2.0.0
1.1.9 Set 'aaa accounting network' - aaa accounting networkCiscoCIS Cisco IOS 16 L2 v2.0.0
1.1.10 Set 'aaa accounting network'CiscoCIS Cisco IOS 15 L2 v4.1.1
1.1.10 Set 'aaa accounting system'CiscoCIS Cisco IOS 17 L2 v2.0.0
1.1.10 Set 'aaa accounting system' - aaa accounting systemCiscoCIS Cisco IOS 16 L2 v2.0.0
1.1.11 Set 'aaa accounting system'CiscoCIS Cisco IOS 15 L2 v4.1.1
1.2.16 Ensure that the --profiling argument is set to falseUnixCIS Kubernetes Benchmark v1.8.0 L1 Master
1.2.17 Ensure that the --profiling argument is set to falseUnixCIS Kubernetes v1.23 Benchmark v1.0.1 L1 Master
1.2.17 Ensure that the --profiling argument is set to falseUnixCIS Kubernetes v1.24 Benchmark v1.0.0 L1 Master
1.2.20 Ensure that the --profiling argument is set to falseUnixCIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master
1.6.4 Configure NTP AuthenticationCiscoCIS Cisco NX-OS L2 v1.0.0
3.1.14 Ensure 'debug_print_parse' is disabledPostgreSQLDBCIS PostgreSQL 10 DB v1.0.0
3.1.14 Ensure 'debug_print_parse' is disabledPostgreSQLDBCIS PostgreSQL 9.6 DB v1.0.0
3.1.15 Ensure 'debug_print_rewritten' is disabledPostgreSQLDBCIS PostgreSQL 10 DB v1.0.0
3.1.15 Ensure 'debug_print_rewritten' is disabledPostgreSQLDBCIS PostgreSQL 9.6 DB v1.0.0
3.1.15 Ensure 'log_min_duration_statement' is disabledPostgreSQLDBCIS PostgreSQL 9.5 DB v1.1.0
3.1.16 Ensure 'debug_print_parse' is disabledPostgreSQLDBCIS PostgreSQL 9.5 DB v1.1.0
3.1.16 Ensure 'debug_print_plan' is disabledPostgreSQLDBCIS PostgreSQL 10 DB v1.0.0
3.1.16 Ensure 'debug_print_plan' is disabledPostgreSQLDBCIS PostgreSQL 9.6 DB v1.0.0
3.1.17 Ensure 'debug_print_rewritten' is disabledPostgreSQLDBCIS PostgreSQL 9.5 DB v1.1.0
3.1.18 Ensure 'debug_print_plan' is disabledPostgreSQLDBCIS PostgreSQL 9.5 DB v1.1.0
3.1.21 Ensure 'log_hostname' is set correctlyPostgreSQLDBCIS PostgreSQL 10 DB v1.0.0
3.1.21 Ensure 'log_hostname' is set correctlyPostgreSQLDBCIS PostgreSQL 9.6 DB v1.0.0
3.1.25 Ensure 'log_hostname' is set correctlyPostgreSQLDBCIS PostgreSQL 9.5 DB v1.1.0
3.1.31 Ensure 'log_parser_stats' is disabledPostgreSQLDBCIS PostgreSQL 9.5 DB v1.1.0
3.1.32 Ensure 'log_planner_stats' is disabledPostgreSQLDBCIS PostgreSQL 9.5 DB v1.1.0
3.1.33 Ensure 'log_executor_stats' is disabledPostgreSQLDBCIS PostgreSQL 9.5 DB v1.1.0
3.1.34 Ensure 'log_statement_stats' is disabledPostgreSQLDBCIS PostgreSQL 9.5 DB v1.1.0
3.2 Ensure CloudTrail log file validation is enabledamazon_awsCIS Amazon Web Services Foundations L2 2.0.0
3.7 Ensure CloudTrail logs are encrypted at rest using KMS CMKsamazon_awsCIS Amazon Web Services Foundations L2 2.0.0
3.8 Ensure rotation for customer created symmetric CMKs is enabledamazon_awsCIS Amazon Web Services Foundations L2 2.0.0
4.2.4 Ensure permissions on all logfiles are configuredUnixCIS Debian 9 Server L1 v1.0.1
4.2.4 Ensure permissions on all logfiles are configuredUnixCIS Debian 9 Workstation L1 v1.0.1
4.5 Ensure CloudTrail configuration changes are monitoredamazon_awsCIS Amazon Web Services Foundations L1 2.0.0
5.1.1 Ensure cron daemon is enabledUnixCIS Oracle Linux 6 Workstation L1 v2.0.0
5.1.1 Ensure cron daemon is enabledUnixCIS Red Hat 6 Server L1 v3.0.0
5.1.1 Ensure cron daemon is enabledUnixCIS Red Hat 6 Workstation L1 v3.0.0
5.1.1 Ensure cron daemon is enabledUnixCIS CentOS 6 Workstation L1 v3.0.0
5.1.1 Ensure cron daemon is enabledUnixCIS CentOS 6 Server L1 v3.0.0
5.1.1 Ensure cron daemon is enabledUnixCIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0
5.1.1 Ensure cron daemon is enabledUnixCIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0
5.1.1 Ensure cron daemon is enabledUnixCIS Oracle Linux 6 Server L1 v2.0.0
5.1.1 Ensure cron daemon is enabledUnixCIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0
5.1.1 Ensure cron daemon is enabled and running - enabledUnixCIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0
5.1.1 Ensure cron daemon is enabled and running - enabledUnixCIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0
5.1.1 Ensure cron daemon is enabled and running - is-enabledUnixCIS Debian Family Workstation L1 v1.0.0
5.1.1 Ensure cron daemon is enabled and running - is-enabledUnixCIS Debian Family Server L1 v1.0.0