CIS Red Hat EL7 Server L2 v3.1.1

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: CIS Red Hat EL7 Server L2 v3.1.1

Updated: 6/17/2024

Authority: CIS

Plugin: Unix

Revision: 1.10

Estimated Item Count: 128

File Details

Filename: CIS_Red_Hat_EL7_v3.1.1_Server_L2.audit

Size: 360 kB

MD5: 13f7db3a5bc98ae57b57f1172d4f67dc
SHA256: eb947aeb080fc6bd51cb7b2e79dc1fd7de236018086f77320a54851aefe53056

Audit Changelog

 
Revision 1.10

Jun 17, 2024

Miscellaneous
  • Metadata updated.
Revision 1.9

Apr 12, 2024

Miscellaneous
  • Audit deprecated.
  • Metadata updated.
  • References updated.
Revision 1.8

Oct 6, 2023

Functional Update
  • 4.1.15 Ensure system administrator command executions (sudo) are collected
  • 4.1.15 Ensure system administrator command executions (sudo) are collected - auditctl
  • 4.1.6 Ensure events that modify the system's Mandatory Access Controls are collected - /etc/selinux/
  • 4.1.6 Ensure events that modify the system's Mandatory Access Controls are collected - /usr/share/selinux/
  • 4.1.6 Ensure events that modify the system's Mandatory Access Controls are collected - auditctl /etc/selinux/
  • 4.1.6 Ensure events that modify the system's Mandatory Access Controls are collected - auditctl /usr/share/selinux/
Miscellaneous
  • Metadata updated.
  • References updated.
Added
  • 4.1.15 Ensure system administrator command executions (sudo) are collected - (64 bit)
  • 4.1.15 Ensure system administrator command executions (sudo) are collected - auditctl (64 bit)
Revision 1.7

Jul 5, 2023

Functional Update
  • 4.1.2.2 Ensure audit logs are not automatically deleted
  • 4.1.2.3 Ensure system is disabled when audit logs are full - 'action_mail_acct = root'
  • 4.1.2.3 Ensure system is disabled when audit logs are full - 'admin_space_left_action = halt'
  • 4.1.2.3 Ensure system is disabled when audit logs are full - 'space_left_action = email'
Revision 1.6

Apr 12, 2023

Functional Update
  • 4.1.8 Ensure session initiation information is collected - btmp
  • 4.1.8 Ensure session initiation information is collected - wtmp
Miscellaneous
  • Metadata updated.
  • Platform check updated.
  • Variables updated.
Revision 1.5

Mar 7, 2023

Miscellaneous
  • Metadata updated.
  • References updated.
Revision 1.4

Jan 4, 2023

Miscellaneous
  • Metadata updated.
  • Variables updated.
Revision 1.3

Dec 7, 2022

Miscellaneous
  • Metadata updated.
Revision 1.2

Sep 19, 2022

Functional Update
  • 4.1.5 Ensure events that modify the system's network environment are collected - sethostname (32-bit)
  • 4.1.5 Ensure events that modify the system's network environment are collected - sethostname (64-bit)
Miscellaneous
  • References updated.
Revision 1.1

Apr 25, 2022

Miscellaneous
  • Metadata updated.
  • References updated.