Detections
Analytics

CSCv7|6.7

Title

Regularly Review Logs

Description

On a regular basis, review logs to identify anomalies or abnormal events.

Reference Item Details

Category: Maintenance, Monitoring and Analysis of Audit Logs

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.7 Ensure logging data is monitoredJuniperCIS Juniper OS Benchmark v2.0.0 L1
1.7 Ensure logging data is monitoredJuniperCIS Juniper OS Benchmark v2.1.0 L1
2.1 Ensure NTP time synchronization is configured properlyVMwareCIS VMware ESXi 6.7 v1.1.0 Level 1
2.1 Ensure That Cloud Audit Logging Is Configured ProperlyGCPCIS Google Cloud Platform v3.0.0 L1
2.1 Ensure That Cloud Audit Logging Is Configured Properly - allServicesGCPCIS Google Cloud Platform v2.0.0 L1
2.1 Ensure That Cloud Audit Logging Is Configured Properly - exemptedMembersGCPCIS Google Cloud Platform v2.0.0 L1
2.1 Ensure That Cloud Audit Logging Is Configured Properly Across All Services and All Users From a Project - allServicesGCPCIS Google Cloud Platform v1.3.0 L1
2.1 Ensure that Cloud Audit Logging is configured properly across all services and all users from a project - allServicesGCPCIS Google Cloud Platform v1.1.0 L1
2.1 Ensure That Cloud Audit Logging Is Configured Properly Across All Services and All Users From a Project - exemptedMembersGCPCIS Google Cloud Platform v1.3.0 L1
2.1 Ensure that Cloud Audit Logging is configured properly across all services and all users from a project - exemptedMembersGCPCIS Google Cloud Platform v1.1.0 L1
2.12 Ensure That Cloud DNS Logging Is Enabled for All VPC NetworksGCPCIS Google Cloud Platform v3.0.0 L1
2.12 Ensure That Cloud DNS Logging Is Enabled for All VPC Networks - dns policiesGCPCIS Google Cloud Platform v2.0.0 L1
2.12 Ensure That Cloud DNS Logging Is Enabled for All VPC Networks - dns policiesGCPCIS Google Cloud Platform v1.3.0 L1
2.12 Ensure that Cloud DNS logging is enabled for all VPC networks - dns policiesGCPCIS Google Cloud Platform v1.1.0 L1
2.12 Ensure That Cloud DNS Logging Is Enabled for All VPC Networks - vpc networksGCPCIS Google Cloud Platform v2.0.0 L1
2.12 Ensure That Cloud DNS Logging Is Enabled for All VPC Networks - vpc networksGCPCIS Google Cloud Platform v1.3.0 L1
2.12 Ensure that Cloud DNS logging is enabled for all VPC networks - vpc networksGCPCIS Google Cloud Platform v1.1.0 L1
3.3 Ensure install.log Is Retained for 365 or More Days and No Maximum SizeUnixCIS Apple macOS 13.0 Ventura v2.0.0 L1
3.3 Ensure install.log Is Retained for 365 or More Days and No Maximum SizeUnixCIS Apple macOS 12.0 Monterey Cloud-tailored v1.0.0 L1
3.3 Ensure install.log Is Retained for 365 or More Days and No Maximum SizeUnixCIS Apple macOS 12.0 Monterey v3.0.0 L1
3.3 Ensure install.log Is Retained for 365 or More Days and No Maximum SizeUnixCIS Apple macOS 13.0 Ventura Cloud-tailored v1.0.0 L1
3.3 Ensure install.log Is Retained for 365 or More Days and No Maximum SizeUnixCIS Apple macOS 11.0 Big Sur v4.0.0 L1
3.3 Ensure install.log Is Retained for 365 or More Days and No Maximum SizeUnixCIS Apple macOS 12.0 Monterey v2.1.0 L1
3.3 Ensure install.log Is Retained for 365 or More Days and No Maximum SizeUnixCIS Apple macOS 14.0 Sonoma v1.0.0 L1
3.3 Ensure install.log Is Retained for 365 or More Days and No Maximum SizeUnixCIS Apple macOS 14.0 Sonoma Cloud-tailored v1.0.0 L1
3.3 Ensure install.log Is Retained for 365 or More Days and No Maximum Size - all_maxUnixCIS Apple macOS 10.14 v2.0.0 L1
3.3 Ensure install.log Is Retained for 365 or More Days and No Maximum Size - all_maxUnixCIS Apple macOS 10.15 v2.0.0 L1
3.3 Ensure install.log Is Retained for 365 or More Days and No Maximum Size - all_maxUnixCIS Apple macOS 10.15 v2.1.0 L1
3.3 Ensure install.log Is Retained for 365 or More Days and No Maximum Size - all_maxUnixCIS Apple macOS 11.0 Big Sur v3.0.0 L1
3.3 Ensure install.log Is Retained for 365 or More Days and No Maximum Size - all_maxUnixCIS Apple macOS 11 v2.1.0 L1
3.3 Ensure install.log Is Retained for 365 or More Days and No Maximum Size - all_maxUnixCIS Apple macOS 10.15 Catalina v3.0.0 L1
3.3 Ensure install.log Is Retained for 365 or More Days and No Maximum Size - all_maxUnixCIS Apple macOS 13.0 Ventura v1.0.0 L1
3.3 Ensure install.log Is Retained for 365 or More Days and No Maximum Size - all_maxUnixCIS Apple macOS 11 v2.0.0 L1
3.3 Ensure install.log Is Retained for 365 or More Days and No Maximum Size - all_maxUnixCIS Apple macOS 12.0 Monterey v1.1.0 L1
3.3 Ensure install.log Is Retained for 365 or More Days and No Maximum Size - all_maxUnixCIS Apple macOS 12.0 Monterey v1.0.0 L1
3.3 Ensure install.log Is Retained for 365 or More Days and No Maximum Size - all_maxUnixCIS Apple macOS 12.0 Monterey v2.0.0 L1
3.3 Ensure install.log Is Retained for 365 or More Days and No Maximum Size - ttlUnixCIS Apple macOS 13.0 Ventura v1.0.0 L1
3.3 Ensure install.log Is Retained for 365 or More Days and No Maximum Size - ttlUnixCIS Apple macOS 10.15 Catalina v3.0.0 L1
3.3 Ensure install.log Is Retained for 365 or More Days and No Maximum Size - ttlUnixCIS Apple macOS 12.0 Monterey v1.1.0 L1
3.3 Ensure install.log Is Retained for 365 or More Days and No Maximum Size - ttlUnixCIS Apple macOS 11 v2.1.0 L1
3.3 Ensure install.log Is Retained for 365 or More Days and No Maximum Size - ttlUnixCIS Apple macOS 10.15 v2.0.0 L1
3.3 Ensure install.log Is Retained for 365 or More Days and No Maximum Size - ttlUnixCIS Apple macOS 11 v2.0.0 L1
3.3 Ensure install.log Is Retained for 365 or More Days and No Maximum Size - ttlUnixCIS Apple macOS 12.0 Monterey v1.0.0 L1
3.3 Ensure install.log Is Retained for 365 or More Days and No Maximum Size - ttlUnixCIS Apple macOS 10.14 v2.0.0 L1
3.3 Ensure install.log Is Retained for 365 or More Days and No Maximum Size - ttlUnixCIS Apple macOS 12.0 Monterey v2.0.0 L1
3.3 Ensure install.log Is Retained for 365 or More Days and No Maximum Size - ttlUnixCIS Apple macOS 10.15 v2.1.0 L1
3.3 Ensure install.log Is Retained for 365 or More Days and No Maximum Size - ttlUnixCIS Apple macOS 11.0 Big Sur v3.0.0 L1
3.4 Ensure Security Auditing Retention Is EnabledUnixCIS Apple macOS 11.0 Big Sur v4.0.0 L1
3.4 Ensure Security Auditing Retention Is EnabledUnixCIS Apple macOS 11 v2.0.0 L1
3.4 Ensure Security Auditing Retention Is EnabledUnixCIS Apple macOS 12.0 Monterey v1.1.0 L1