Item Search

Name	Audit Name	Plugin	Category
17.9.3 (L1) Ensure 'Audit Security State Change' is set to include 'Success'	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker	Windows	AUDIT AND ACCOUNTABILITY
Big Sur - Enforce Dual Authorization for Movement and Deletion of Audit Information	NIST macOS Big Sur v1.4.0 - All Profiles	Unix	AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT
Catalina - Configure Audit Log Folder to Not Contain Access Control Lists	NIST macOS Catalina v1.5.0 - 800-53r5 High	Unix	AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY
Catalina - Configure Audit Log Folder to Not Contain Access Control Lists	NIST macOS Catalina v1.5.0 - 800-171	Unix	AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY
Catalina - Configure Audit Log Folder to Not Contain Access Control Lists	NIST macOS Catalina v1.5.0 - 800-53r4 Moderate	Unix	AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY
Catalina - Configure Audit Log Folder to Not Contain Access Control Lists	NIST macOS Catalina v1.5.0 - CNSSI 1253	Unix	AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY
Catalina - Enforce Dual Authorization for Movement and Deletion of Audit Information	NIST macOS Catalina v1.5.0 - All Profiles	Unix	AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT
DG7003-ORACLE11 - A minimum of two Oracle redo log groups/files must be defined and configured to be stored on separate, archived physical disks or archived directories on a RAID device.	DISA STIG Oracle 11 Installation v9r1 Database	OracleDB	AUDIT AND ACCOUNTABILITY
DO0270-ORACLE11 - A minimum of two Oracle redo log groups/files should be defined and configured to be stored on separate, archived physical disks or archived directories on a RAID device - 'V$LOG count > 2'	DISA STIG Oracle 11 Instance v9r1 Database	OracleDB	AUDIT AND ACCOUNTABILITY
DO5037-ORACLE11 - Oracle SQLNet and listener log files should not be accessible to unauthorized users - '%ORACLE_HOME%\NETWORK\ADMIN\SQLNET.ORA LOG_DIRECTORY_SERVER is configured'	DISA STIG Oracle 11 Installation v9r1 Windows	Windows	AUDIT AND ACCOUNTABILITY
DO5037-ORACLE11 - Oracle SQLNet and listener log files should not be accessible to unauthorized users - '%ORACLE_HOME%\NETWORK\ADMIN\SQLNET.ORA LOG_FILE_SERVER is configured'	DISA STIG Oracle 11 Installation v9r1 Windows	Windows	AUDIT AND ACCOUNTABILITY
DO5037-ORACLE11 - Oracle SQLNet and listener log files should not be accessible to unauthorized users - '$ORACLE_HOME/network/log/listener.log mode 640'	DISA STIG Oracle 11 Installation v9r1 Linux	Unix	AUDIT AND ACCOUNTABILITY
DO5037-ORACLE11 - Oracle SQLNet and listener log files should not be accessible to unauthorized users - '$ORACLE_HOME/network/log/sqlnet.log mode 640'	DISA STIG Oracle 11 Installation v9r1 Linux	Unix	AUDIT AND ACCOUNTABILITY
DO5037-ORACLE11 - Oracle SQLNet and listener log files should not be accessible to unauthorized users - 'LOG_DIRECTORY_{listener} is configured'	DISA STIG Oracle 11 Installation v9r1 Linux	Unix	AUDIT AND ACCOUNTABILITY
DO5037-ORACLE11 - Oracle SQLNet and listener log files should not be accessible to unauthorized users - 'TRACE_DIRECTORY_{listener} is configured'	DISA STIG Oracle 11 Installation v9r1 Linux	Unix	AUDIT AND ACCOUNTABILITY
GEN002680 - System audit logs must be owned by root.	DISA STIG AIX 5.3 v1r2	Unix	AUDIT AND ACCOUNTABILITY
GEN002690 - System audit logs must be group-owned by bin, sys, or system.	DISA STIG AIX 5.3 v1r2	Unix	AUDIT AND ACCOUNTABILITY
GEN002700 - System audit logs must have mode 0640 or less permissive.	DISA STIG AIX 5.3 v1r2	Unix	AUDIT AND ACCOUNTABILITY
GEN002710 - All system audit files must not have extended ACLs.	DISA STIG AIX 5.3 v1r2	Unix	AUDIT AND ACCOUNTABILITY
GEN002715 - System audit tool executables must be owned by root - '/usr/sbin/audit'	DISA STIG AIX 5.3 v1r2	Unix	AUDIT AND ACCOUNTABILITY
GEN002715 - System audit tool executables must be owned by root - '/usr/sbin/auditbin'	DISA STIG AIX 5.3 v1r2	Unix	AUDIT AND ACCOUNTABILITY
GEN002715 - System audit tool executables must be owned by root - '/usr/sbin/auditcat'	DISA STIG AIX 5.3 v1r2	Unix	AUDIT AND ACCOUNTABILITY
GEN002715 - System audit tool executables must be owned by root - '/usr/sbin/auditconv'	DISA STIG AIX 5.3 v1r2	Unix	AUDIT AND ACCOUNTABILITY
GEN002715 - System audit tool executables must be owned by root - '/usr/sbin/auditmerge'	DISA STIG AIX 5.3 v1r2	Unix	AUDIT AND ACCOUNTABILITY
GEN002715 - System audit tool executables must be owned by root - '/usr/sbin/auditpr'	DISA STIG AIX 5.3 v1r2	Unix	AUDIT AND ACCOUNTABILITY
GEN002715 - System audit tool executables must be owned by root - '/usr/sbin/auditselect'	DISA STIG AIX 5.3 v1r2	Unix	AUDIT AND ACCOUNTABILITY
GEN002715 - System audit tool executables must be owned by root - '/usr/sbin/auditstream'	DISA STIG AIX 5.3 v1r2	Unix	AUDIT AND ACCOUNTABILITY
GEN002716 - System audit tool executables must be group-owned by bin, sys, or system - '/usr/sbin/audit'	DISA STIG AIX 5.3 v1r2	Unix	AUDIT AND ACCOUNTABILITY
GEN002716 - System audit tool executables must be group-owned by bin, sys, or system - '/usr/sbin/auditbin'	DISA STIG AIX 5.3 v1r2	Unix	AUDIT AND ACCOUNTABILITY
GEN002716 - System audit tool executables must be group-owned by bin, sys, or system - '/usr/sbin/auditcat'	DISA STIG AIX 5.3 v1r2	Unix	AUDIT AND ACCOUNTABILITY
GEN002716 - System audit tool executables must be group-owned by bin, sys, or system - '/usr/sbin/auditconv'	DISA STIG AIX 5.3 v1r2	Unix	AUDIT AND ACCOUNTABILITY
GEN002716 - System audit tool executables must be group-owned by bin, sys, or system - '/usr/sbin/auditselect'	DISA STIG AIX 5.3 v1r2	Unix	AUDIT AND ACCOUNTABILITY
GEN002717 - System audit tool executables must have mode 0750 or less permissive - '/usr/sbin/audit umask'	DISA STIG AIX 5.3 v1r2	Unix	AUDIT AND ACCOUNTABILITY
GEN002717 - System audit tool executables must have mode 0750 or less permissive - '/usr/sbin/audit' - suid	DISA STIG AIX 5.3 v1r2	Unix	AUDIT AND ACCOUNTABILITY
GEN002717 - System audit tool executables must have mode 0750 or less permissive - '/usr/sbin/auditconv'	DISA STIG AIX 5.3 v1r2	Unix	AUDIT AND ACCOUNTABILITY
GEN002717 - System audit tool executables must have mode 0750 or less permissive - '/usr/sbin/auditconv' - suid	DISA STIG AIX 5.3 v1r2	Unix	AUDIT AND ACCOUNTABILITY
GEN002717 - System audit tool executables must have mode 0750 or less permissive - '/usr/sbin/auditmerge' - suid	DISA STIG AIX 5.3 v1r2	Unix	AUDIT AND ACCOUNTABILITY
GEN002717 - System audit tool executables must have mode 0750 or less permissive - '/usr/sbin/auditpr'	DISA STIG AIX 5.3 v1r2	Unix	AUDIT AND ACCOUNTABILITY
GEN002717 - System audit tool executables must have mode 0750 or less permissive - '/usr/sbin/auditpr' - suid	DISA STIG AIX 5.3 v1r2	Unix	AUDIT AND ACCOUNTABILITY
GEN002717 - System audit tool executables must have mode 0750 or less permissive - '/usr/sbin/auditselect'	DISA STIG AIX 5.3 v1r2	Unix	AUDIT AND ACCOUNTABILITY
GEN002717 - System audit tool executables must have mode 0750 or less permissive - '/usr/sbin/auditselect' - suid	DISA STIG AIX 5.3 v1r2	Unix	AUDIT AND ACCOUNTABILITY
GEN002717 - System audit tool executables must have mode 0750 or less permissive - '/usr/sbin/auditstream'	DISA STIG AIX 5.3 v1r2	Unix	AUDIT AND ACCOUNTABILITY
GEN002717 - System audit tool executables must have mode 0750 or less permissive - '/usr/sbin/auditstream' - suid	DISA STIG AIX 5.3 v1r2	Unix	AUDIT AND ACCOUNTABILITY
GEN002718 - System audit tool executables must not have extended ACLs - '/usr/sbin/audit'	DISA STIG AIX 5.3 v1r2	Unix	AUDIT AND ACCOUNTABILITY
GEN002718 - System audit tool executables must not have extended ACLs - '/usr/sbin/auditcat'	DISA STIG AIX 5.3 v1r2	Unix	AUDIT AND ACCOUNTABILITY
GEN002718 - System audit tool executables must not have extended ACLs - '/usr/sbin/auditconv'	DISA STIG AIX 5.3 v1r2	Unix	AUDIT AND ACCOUNTABILITY
GEN002718 - System audit tool executables must not have extended ACLs - '/usr/sbin/auditmerge'	DISA STIG AIX 5.3 v1r2	Unix	AUDIT AND ACCOUNTABILITY
GEN002718 - System audit tool executables must not have extended ACLs - '/usr/sbin/auditpr'	DISA STIG AIX 5.3 v1r2	Unix	AUDIT AND ACCOUNTABILITY
GEN002718 - System audit tool executables must not have extended ACLs - '/usr/sbin/auditselect'	DISA STIG AIX 5.3 v1r2	Unix	AUDIT AND ACCOUNTABILITY
Monterey - Enforce Dual Authorization for Movement and Deletion of Audit Information	NIST macOS Monterey v1.0.0 - All Profiles	Unix	AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

Detections

Analytics

Item Search