CSCv7|6.3

Title

Enable Detailed Logging

Description

Enable system logging to include detailed information such as a event source, date, user, timestamp, source addresses, destination addresses, and other useful elements.

Reference Item Details

Category: Maintenance, Monitoring and Analysis of Audit Logs

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.1.3 Ensure auditing is configured for the Docker daemonUnixCIS Docker v1.6.0 L1 Docker Linux
1.1.3 Ensure auditing is configured for the Docker daemonUnixCIS Docker v1.6.0 L2 Docker Linux
1.1.15 Ensure that the --audit-log-path argument is set as appropriateUnixCIS Kubernetes 1.13 Benchmark v1.4.1 L1
1.2.20 Ensure that the --audit-log-path argument is setOpenShiftCIS RedHat OpenShift Container Platform 4 v1.5.0 L1
1.3.3 Ensure sudo log file existsUnixCIS SUSE Linux Enterprise Workstation 12 L1 v3.1.0
1.3.3 Ensure sudo log file existsUnixCIS Debian Family Workstation L1 v1.0.0
1.3.3 Ensure sudo log file existsUnixCIS Debian Family Server L1 v1.0.0
1.3.3 Ensure sudo log file existsUnixCIS SUSE Linux Enterprise 15 Server L1 v1.1.1
1.3.3 Ensure sudo log file existsUnixCIS SUSE Linux Enterprise Server 12 L1 v3.1.0
1.3.3 Ensure sudo log file existsUnixCIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0
1.3.3 Ensure sudo log file existsUnixCIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0
1.3.3 Ensure sudo log file existsUnixCIS Fedora 19 Family Linux Workstation L1 v1.0.0
1.3.3 Ensure sudo log file existsUnixCIS Fedora 19 Family Linux Server L1 v1.0.0
1.3.3 Ensure sudo log file existsUnixCIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0
1.3.3 Ensure sudo log file existsUnixCIS SUSE Linux Enterprise 15 Workstation L1 v1.1.1
1.3.10 Ensure 'Password Profiles' do not existPalo_AltoCIS Palo Alto Firewall 10 v1.1.0 L1
1.5.1 Ensure Syslog Logging is configured - logging levelCiscoCIS Cisco NX-OS L1 v1.0.0
1.5.1 Ensure Syslog Logging is configured - logging levelCiscoCIS Cisco NX-OS L2 v1.0.0
1.5.1 Ensure Syslog Logging is configured - logging server/source-interfaceCiscoCIS Cisco NX-OS L1 v1.0.0
1.5.1 Ensure Syslog Logging is configured - logging server/source-interfaceCiscoCIS Cisco NX-OS L2 v1.0.0
1.5.3 Configure Netflow on Strategic PortsCiscoCIS Cisco NX-OS L1 v1.0.0
1.5.3 Configure Netflow on Strategic PortsCiscoCIS Cisco NX-OS L2 v1.0.0
1.5.4 Configure Logging TimestampsCiscoCIS Cisco NX-OS L1 v1.0.0
1.10.6 Ensure 'logging history severity level' is set to greater than or equal to '5'CiscoCIS Cisco Firewall ASA 9 L1 v4.1.0
1.10.6 Ensure 'logging history severity level' is set to greater than or equal to '5'CiscoCIS Cisco ASA 9.x Firewall L1 v1.0.0
1.10.7 Ensure 'logging with timestamps' is enabledCiscoCIS Cisco ASA 9.x Firewall L1 v1.0.0
1.10.7 Ensure 'logging with timestamps' is enabledCiscoCIS Cisco Firewall ASA 9 L1 v4.1.0
1.10.9 Ensure 'logging buffer size' is greater than or equal to '524288' bytes (512kb)CiscoCIS Cisco Firewall ASA 9 L1 v4.1.0
1.10.9 Ensure 'logging buffered severity level' is greater than or equal to '3'CiscoCIS Cisco ASA 9.x Firewall L1 v1.0.0
1.10.10 Ensure 'logging buffered severity level' is greater than or equal to '3'CiscoCIS Cisco Firewall ASA 9 L1 v4.1.0
1.10.10 Ensure 'logging trap severity level' is greater than or equal to '5'CiscoCIS Cisco ASA 9.x Firewall L1 v1.0.0
10.18 Use the logEffectiveWebXml and metadata-complete settings for deploying applications in productionUnixCIS Apache Tomcat 9 L1 v1.2.0
10.18 Use the logEffectiveWebXml and metadata-complete settings for deploying applications in productionUnixCIS Apache Tomcat 10 L1 v1.1.0
10.18 Use the logEffectiveWebXml and metadata-complete settings for deploying applications in production - context.xmlUnixCIS Apache Tomcat 9 L1 v1.2.0 Middleware
10.18 Use the logEffectiveWebXml and metadata-complete settings for deploying applications in production - context.xmlUnixCIS Apache Tomcat 10 L1 v1.1.0 Middleware
10.18 Use the logEffectiveWebXml and metadata-complete settings for deploying applications in production - web.xmlUnixCIS Apache Tomcat 9 L1 v1.2.0 Middleware
10.18 Use the logEffectiveWebXml and metadata-complete settings for deploying applications in production - web.xmlUnixCIS Apache Tomcat 10 L1 v1.1.0 Middleware
10.19 Use the logEffectiveWebXml and metadata-complete settings for deploying applications in productionUnixCIS Apache Tomcat 8 L1 v1.1.0
10.19 Use the logEffectiveWebXml and metadata-complete settings for deploying applications in production - context.xmlUnixCIS Apache Tomcat 8 L1 v1.1.0 Middleware
10.19 Use the logEffectiveWebXml and metadata-complete settings for deploying applications in production - web.xmlUnixCIS Apache Tomcat 8 L1 v1.1.0 Middleware
17.1.1 (L1) Ensure 'Audit Credential Validation' is set to 'Success and Failure'WindowsCIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
17.1.1 Ensure 'Audit Credential Validation' is set to 'Success and Failure'WindowsCIS Microsoft Windows Server 2016 STIG DC STIG v1.1.0
17.1.1 Ensure 'Audit Credential Validation' is set to 'Success and Failure'WindowsCIS Microsoft Windows Server 2016 STIG MS STIG v1.1.0
17.1.1 Ensure 'Audit Credential Validation' is set to 'Success and Failure'WindowsCIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1
17.1.1 Ensure 'Audit Credential Validation' is set to 'Success and Failure'WindowsCIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.0
17.1.1 Ensure 'Audit Credential Validation' is set to 'Success and Failure'WindowsCIS Microsoft Windows 8.1 v2.4.1 L1
17.1.1 Ensure 'Audit Credential Validation' is set to 'Success and Failure'WindowsCIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC
17.1.1 Ensure 'Audit Credential Validation' is set to 'Success and Failure'WindowsCIS Microsoft Windows Server 2016 STIG MS L1 v1.1.0
17.1.1 Ensure 'Audit Credential Validation' is set to 'Success and Failure'WindowsCIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS
17.1.1 Ensure 'Audit Credential Validation' is set to 'Success and Failure'WindowsCIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1