Detections
Analytics

Item Search

NameAudit NamePluginCategory
4.1.2.3 Ensure audit system is set to single when the disk is full.CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.1.2.6 Ensure audit system action is defined for sending errorsCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.1.2.8 Ensure audit logs are stored on a different system.CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.1.2.9 Ensure audit logs on separate system are encrypted.CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.1.2.11 Ensure off-load of audit logs - directionCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.1.2.11 Ensure off-load of audit logs - pathCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.1.2.11 Ensure off-load of audit logs - typeCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.1.2.12 Ensure action is taken when audisp-remote buffer is fullCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.1.2.13 Ensure off-loaded audit logs are labeled.CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.7 Enable use of the au-remote pluginCIS Amazon Linux 2 STIG v1.0.0 L3Unix

AUDIT AND ACCOUNTABILITY

4.8 Ensure off-load of audit logs - directionCIS Amazon Linux 2 STIG v1.0.0 L3Unix

AUDIT AND ACCOUNTABILITY

4.8 Enure off-load of audit logs - pathCIS Amazon Linux 2 STIG v1.0.0 L3Unix

AUDIT AND ACCOUNTABILITY

4.8 Enure off-load of audit logs - typeCIS Amazon Linux 2 STIG v1.0.0 L3Unix

AUDIT AND ACCOUNTABILITY

4.10 Ensure off-loaded audit logs are labeled.CIS Amazon Linux 2 STIG v1.0.0 L3Unix

AUDIT AND ACCOUNTABILITY

4.10 init.ora - 'Establish redundant physically separate locations for redo log files.'CIS v1.1.0 Oracle 11g OS L1Unix

AUDIT AND ACCOUNTABILITY

4.10 init.ora - 'Establish redundant physically separate locations for redo log files.'CIS v1.1.0 Oracle 11g OS Windows Level 1Windows

AUDIT AND ACCOUNTABILITY

4.11 init.ora - 'Specify redo logging must be successful.'CIS v1.1.0 Oracle 11g OS Windows Level 1Windows

AUDIT AND ACCOUNTABILITY

20.39 Ensure 'Off-load of audit records of interconnected systems in real time and off-load standalone systems weekly'CIS Microsoft Windows Server 2022 STIG v1.0.0 STIG MSWindows

AUDIT AND ACCOUNTABILITY

20.39 Ensure 'Off-load of audit records of interconnected systems in real time and off-load standalone systems weekly'CIS Microsoft Windows Server 2022 STIG v1.0.0 STIG DCWindows

AUDIT AND ACCOUNTABILITY

Auditing and logging - serverArubaOS Switch 16.x Hardening Guide v1.0.0ArubaOS

AUDIT AND ACCOUNTABILITY

Big Sur - Off-Load Audit RecordsNIST macOS Big Sur v1.4.0 - All ProfilesUnix

AUDIT AND ACCOUNTABILITY

CASA-ND-001260 - The Cisco ASA must be configured to offload audit records onto a different system or media than the system being audited - logging hostDISA STIG Cisco ASA NDM v2r1Cisco

AUDIT AND ACCOUNTABILITY

CASA-ND-001260 - The Cisco ASA must be configured to offload audit records onto a different system or media than the system being audited - logging trapDISA STIG Cisco ASA NDM v2r1Cisco

AUDIT AND ACCOUNTABILITY

CASA-ND-001410 - The Cisco ASA must be configured to send log data to at least two central log servers for the purpose of forwarding alerts to organization-defined personnel and/or the firewall administrator - logging hostDISA STIG Cisco ASA NDM v2r1Cisco

AUDIT AND ACCOUNTABILITY

CASA-ND-001410 - The Cisco ASA must be configured to send log data to at least two central log servers for the purpose of forwarding alerts to organization-defined personnel and/or the firewall administrator - logging trapDISA STIG Cisco ASA NDM v2r1Cisco

AUDIT AND ACCOUNTABILITY

Catalina - Off-Load Audit RecordsNIST macOS Catalina v1.5.0 - All ProfilesUnix

AUDIT AND ACCOUNTABILITY

Ensure 'syslog hosts' is configured correctlyTenable Cisco Firepower Threat Defense Best Practices AuditCisco_Firepower

AUDIT AND ACCOUNTABILITY

ESXI-80-000233 The ESXi host must off-load audit records via syslog.DISA VMware vSphere 8.0 ESXi STIG v2r1VMware

AUDIT AND ACCOUNTABILITY

IBM i : Auditing Force Level (QAUDFRCLVL) - '*SYS'IBM System i Security Reference for V7R2AS/400

AUDIT AND ACCOUNTABILITY

IBM i : Auditing Force Level (QAUDFRCLVL) - '*SYS'IBM iSeries Security Reference v5r4AS/400

AUDIT AND ACCOUNTABILITY

IBM i : Auditing Force Level (QAUDFRCLVL) - '*SYS'IBM System i Security Reference for V7R1 and V6R1AS/400

AUDIT AND ACCOUNTABILITY

JUEX-NM-000600 - The Juniper EX switch must be configured to offload audit records onto a different system or media than the system being audited.DISA Juniper EX Series Network Device Management v2r1Juniper

AUDIT AND ACCOUNTABILITY

Logging: capture level is set to at least infoTNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice AuditAlcatel

AUDIT AND ACCOUNTABILITY

Logging: Use an external syslog hostTNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice AuditAlcatel

AUDIT AND ACCOUNTABILITY

MADB-10-012400 - MariaDB must off-load audit data to a separate log management facility; this must be continuous and in near real time for systems with a network connection to the storage facility and weekly or more often for stand-alone systems.DISA MariaDB Enterprise 10.x v2r1 DBMySQLDB

AUDIT AND ACCOUNTABILITY

Monterey - Off-Load Audit RecordsNIST macOS Monterey v1.0.0 - All ProfilesUnix

AUDIT AND ACCOUNTABILITY

RHEL-08-030720 - RHEL 8 must authenticate the remote logging server for off-loading audit logs.DISA Red Hat Enterprise Linux 8 STIG v2r1Unix

AUDIT AND ACCOUNTABILITY

RHEL-09-652050 - RHEL 9 must encrypt via the gtls driver the transfer of audit records offloaded onto a different system or media from the system being audited via rsyslog.DISA Red Hat Enterprise Linux 9 STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

SLES-15-030680 - The SUSE operating system audit event multiplexor must be configured to use Kerberos.DISA SLES 15 STIG v2r1Unix

AUDIT AND ACCOUNTABILITY

SLES-15-030690 - Audispd must off-load audit records onto a different system or media from the SUSE operating system being audited.DISA SLES 15 STIG v2r1Unix

AUDIT AND ACCOUNTABILITY

SLES-15-030790 - The SUSE operating system must off-load audit records onto a different system or media from the system being audited.DISA SLES 15 STIG v2r1Unix

AUDIT AND ACCOUNTABILITY

SLES-15-030800 - Audispd must take appropriate action when the SUSE operating system audit storage is full.DISA SLES 15 STIG v2r1Unix

AUDIT AND ACCOUNTABILITY

SYMP-AG-000210 - Symantec ProxySG must use a centralized log server.DISA Symantec ProxySG Benchmark ALG v1r3BlueCoat

AUDIT AND ACCOUNTABILITY

Syslog Remote Destination - HostTenable Cisco ACICisco_ACI

AUDIT AND ACCOUNTABILITY

UBTU-22-653020 - Ubuntu 22.04 LTS audit event multiplexor must be configured to offload audit logs onto a different system from the system being audited.DISA STIG Canonical Ubuntu 22.04 LTS v2r2Unix

AUDIT AND ACCOUNTABILITY

VCRP-70-000007 - Envoy (rhttpproxy) log files must be shipped via syslog to a central log server.DISA STIG VMware vSphere 7.0 RhttpProxy v1r1Unix

AUDIT AND ACCOUNTABILITY

VCSA-70-000148 - The vCenter Server must be configured to send logs to a central log server.DISA STIG VMware vSphere 7.0 vCenter v1r3VMware

AUDIT AND ACCOUNTABILITY

VCSA-70-000280 - The vCenter server must be configured to send events to a central log server.DISA STIG VMware vSphere 7.0 vCenter v1r3VMware

AUDIT AND ACCOUNTABILITY

VCSA-80-000148 The vCenter Server must be configured to send logs to a central log server.DISA VMware vSphere 8.0 vCenter STIG v2r1VMware

AUDIT AND ACCOUNTABILITY

VCSA-80-000280 The vCenter server must be configured to send events to a central log server.DISA VMware vSphere 8.0 vCenter STIG v2r1VMware

AUDIT AND ACCOUNTABILITY