Detections
Analytics

Item Search

NameAudit NamePluginCategory
3.4 Enable remote logging for Desktops on trusted networksCIS Apple OSX 10.10 Yosemite L2 v1.2.0Unix

AUDIT AND ACCOUNTABILITY

4.1.14 Ensure file deletion events by users are collectedCIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

4.1.14 Ensure file deletion events by users are collected - auditctl deleteCIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

4.1.14 Ensure file deletion events by users are collected - auditctl delete (64-bit)CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

4.06 init.ora - 'audit_trail parameter set to OS, DB, DB_EXTENDED, XML, or XML, EXTENDED'CIS v1.1.0 Oracle 11g OS Windows Level 1Windows

AUDIT AND ACCOUNTABILITY

4.36 init.ora - 'sec_protocol_error_trace_action = LOG or ALERT'CIS v1.1.0 Oracle 11g OS L1Unix

AUDIT AND ACCOUNTABILITY

5.2 Ensure that audit filters are configured properlyCIS MongoDB L1 Windows Audit v1.0.0Windows

AUDIT AND ACCOUNTABILITY

5.3 Ensure that logging captures as much information as possibleCIS MongoDB L2 Windows Audit v1.0.0Windows

AUDIT AND ACCOUNTABILITY

5.4 Ensure that new entries are appended to the end of the log fileCIS MongoDB L2 Windows Audit v1.0.0Windows

AUDIT AND ACCOUNTABILITY

5.8 Enable 'DROP PROFILE' Audit OptionCIS Oracle Server 11g R2 DB v2.2.0OracleDB

AUDIT AND ACCOUNTABILITY

5.15 Enable 'GRANT ANY OBJECT PRIVILEGE' Audit OptionCIS Oracle Server 11g R2 DB v2.2.0OracleDB

AUDIT AND ACCOUNTABILITY

5.19 Enable 'PROCEDURE' Audit OptionCIS Oracle Server 11g R2 DB v2.2.0OracleDB

AUDIT AND ACCOUNTABILITY

8.1.9 Collect Session Initiation Information- '/var/log/btmp'CIS Ubuntu 12.04 LTS Benchmark L2 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

8.1.9 Collect Session Initiation Information- '/var/log/wtmp'CIS Ubuntu 12.04 LTS Benchmark L2 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

17.6.2 Ensure 'Audit File Share' is set to 'Success and Failure'CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0Windows

AUDIT AND ACCOUNTABILITY

17.7.3 Ensure 'Audit Authorization Policy Change' is set to include 'Success'CIS Windows 7 Workstation Level 1 v3.2.0Windows

AUDIT AND ACCOUNTABILITY

17.9.3 Ensure 'Audit Security State Change' is set to include 'Success'CIS Windows 7 Workstation Level 1 v3.2.0Windows

AUDIT AND ACCOUNTABILITY

20.13 Ensure 'Audit records must be backed up to a different system or media than the system being audited'CIS Microsoft Windows Server 2022 STIG v1.0.0 STIG DCWindows

AUDIT AND ACCOUNTABILITY

Audit Authentication Policy ChangeMSCT Windows 10 v21H1 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Detailed File ShareMSCT Windows 10 v2004 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit File ShareMSCT Windows 10 1809 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit File ShareMSCT Windows 10 1903 v1.19.9Windows

AUDIT AND ACCOUNTABILITY

Audit File ShareMSCT Windows 10 1909 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit File ShareMSCT Windows 10 v2004 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Group MembershipMSCT Windows 10 v1507 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Group MembershipMSCT Windows 10 1803 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Group MembershipMSCT Windows 10 1903 v1.19.9Windows

AUDIT AND ACCOUNTABILITY

Audit Group MembershipMSCT Windows 10 v21H1 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Group MembershipMSCT Windows 11 v22H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit MPSSVC Rule-Level Policy ChangeMSCT Windows 10 1903 v1.19.9Windows

AUDIT AND ACCOUNTABILITY

Audit MPSSVC Rule-Level Policy ChangeMSCT Windows 10 v21H1 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit MPSSVC Rule-Level Policy ChangeMSCT Windows 10 v21H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit MPSSVC Rule-Level Policy ChangeMSCT Windows 10 v22H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Other Object Access EventsMSCT Windows 11 v22H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Other System EventsMSCT Windows 10 v21H1 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Other System EventsMSCT Windows 11 v22H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit PNP ActivityMSCT Windows 10 1803 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit PNP ActivityMSCT Windows 10 1903 v1.19.9Windows

AUDIT AND ACCOUNTABILITY

Audit PNP ActivityMSCT Windows 10 v22H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Process CreationMSCT Windows 10 1809 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Process CreationMSCT Windows 10 v21H1 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Removable StorageMSCT Windows 10 v22H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Security State ChangeMSCT Windows 10 v22H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Sensitive Privilege UseMSCT Windows 10 v22H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit User Account ManagementMSCT Windows 10 v22H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

IBM i : Auditing for New Objects (QCRTOBJAUD) - '*CHANGE'IBM System i Security Reference for V7R3AS/400

AUDIT AND ACCOUNTABILITY

IBM i : Auditing Level (QAUDLVL) - '*NONE'IBM iSeries Security Reference v5r4AS/400

AUDIT AND ACCOUNTABILITY

IBM i : Auditing Level (QAUDLVL) - '*SECURITY'IBM System i Security Reference for V7R1 and V6R1AS/400

AUDIT AND ACCOUNTABILITY

IBM i : Auditing Level (QAUDLVL) - '*SECURITY'IBM System i Security Reference for V7R2AS/400

AUDIT AND ACCOUNTABILITY

Windows Defender Firewall: Allow logging - Domain Profile - LogSuccessfulConnectionsMSCT Windows 10 v22H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY