Detections
Analytics

Revision 1.11

Mar 18, 2024
Functional Update
  • 4.1.4.1 Ensure audit log files are mode 0640 or less permissive
  • 4.1.4.2 Ensure only authorized users own audit log files
  • 4.1.4.5 Ensure audit configuration files are 640 or more restrictive
  • 4.1.4.6 Ensure audit configuration files are owned by root
  • 4.1.4.7 Ensure audit configuration files belong to group root
Miscellaneous
  • Metadata updated.
  • Variables updated.
Added
  • 4.1.3.6 Ensure use of privileged commands are collected
Removed
  • 4.1.3.6 Ensure use of privileged commands are collected - /etc/audit/rules.d
  • 4.1.3.6 Ensure use of privileged commands are collected - auditctl