Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.2.2 Ensure 'AUDIT_TRAIL' Is Set to 'DB', 'XML', 'OS', 'DB,EXTENDED', or 'XML,EXTENDED'CIS Oracle Server 12c DB Traditional Auditing v3.0.0OracleDB

AUDIT AND ACCOUNTABILITY

2.2.2 Ensure 'AUDIT_TRAIL' Is Set to 'DB', 'XML', 'OS', 'DB,EXTENDED', or 'XML,EXTENDED'CIS Oracle Server 18c DB Traditional Auditing v1.1.0OracleDB

AUDIT AND ACCOUNTABILITY

3.3.4 Ensure suspicious packets are logged - 'net.ipv4.conf.all.log_martians = 1 /etc/sysctl.conf /etc/sysctl.d/*'CIS Oracle Linux 6 Workstation L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

3.3.4 Ensure suspicious packets are logged - 'net.ipv4.conf.default.log_martians = 1 /sbin/sysctl'CIS Oracle Linux 6 Server L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

3.3.4 Ensure suspicious packets are logged - 'net.ipv4.conf.default.log_martians = 1 /sbin/sysctl'CIS Red Hat 6 Workstation L1 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.1.1 Ensure auditd is installed - auditCIS Oracle Linux 6 Server L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.1.1 Ensure auditd is installed - auditCIS Oracle Linux 6 Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.1.1 Ensure auditd is installed - audit-libsCIS Oracle Linux 6 Server L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.1.4 Ensure auditing for processes that start prior to auditd is enabledCIS Red Hat 6 Workstation L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.17 Ensure the audit configuration is immutableCIS Red Hat 6 Server L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.17 Ensure the audit configuration is immutableCIS Red Hat 6 Workstation L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.1.1 Ensure rsyslog is installedCIS Oracle Linux 6 Workstation L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.1.2 Ensure rsyslog Service is enabledCIS Oracle Linux 6 Workstation L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

5.2.1.2 Ensure auditing for processes that start prior to auditd is enabledCIS Red Hat EL8 Workstation L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

5.2.1.2 Ensure auditing for processes that start prior to auditd is enabledCIS Rocky Linux 8 Server L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

5.2.1.2 Ensure auditing for processes that start prior to auditd is enabledCIS Rocky Linux 8 Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

5.2.1.3 Ensure audit_backlog_limit is sufficientCIS Oracle Linux 8 Server L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

5.2.1.3 Ensure audit_backlog_limit is sufficientCIS Rocky Linux 8 Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

5.2.3.15 Ensure successful and unsuccessful attempts to use the chcon command are recordedCIS Oracle Linux 7 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

5.2.3.16 Ensure successful and unsuccessful attempts to use the setfacl command are recordedCIS Oracle Linux 8 Server L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

5.2.3.16 Ensure successful and unsuccessful attempts to use the setfacl command are recordedCIS Red Hat EL8 Server L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

5.2.3.16 Ensure successful and unsuccessful attempts to use the setfacl command are recordedCIS Red Hat Enterprise Linux 7 v4.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.2.3.17 Ensure successful and unsuccessful attempts to use the chacl command are recordedCIS Oracle Linux 7 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

5.2.3.17 Ensure successful and unsuccessful attempts to use the chacl command are recordedCIS Oracle Linux 8 Server L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

5.2.3.18 Ensure successful and unsuccessful attempts to use the usermod command are recordedCIS Red Hat EL8 Workstation L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

5.2.3.18 Ensure successful and unsuccessful attempts to use the usermod command are recordedCIS Red Hat Enterprise Linux 7 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.1 Ensure 'log_error' Is Not EmptyCIS MySQL 5.6 Community Database L1 v2.0.0MySQLDB

AUDIT AND ACCOUNTABILITY

6.1.1 Ensure the 'USER' Audit Option Is EnabledCIS Oracle Server 12c DB Traditional Auditing v3.0.0OracleDB

AUDIT AND ACCOUNTABILITY

6.1.2 Ensure the 'ROLE' Audit Option Is EnabledCIS Oracle Server 12c DB Traditional Auditing v3.0.0OracleDB

AUDIT AND ACCOUNTABILITY

6.1.5 Ensure the 'DATABASE LINK' Audit Option Is EnabledCIS Oracle Server 12c DB Traditional Auditing v3.0.0OracleDB

AUDIT AND ACCOUNTABILITY

6.1.6 Ensure the 'PUBLIC DATABASE LINK' Audit Option Is EnabledCIS Oracle Server 12c DB Traditional Auditing v3.0.0OracleDB

AUDIT AND ACCOUNTABILITY

6.1.8 Ensure the 'SYNONYM' Audit Option Is EnabledCIS Oracle Server 18c DB Traditional Auditing v1.1.0OracleDB

AUDIT AND ACCOUNTABILITY

6.1.9 Ensure the 'DIRECTORY' Audit Option Is EnabledCIS Oracle Server 18c DB Traditional Auditing v1.1.0OracleDB

AUDIT AND ACCOUNTABILITY

6.1.15 Ensure the 'PROCEDURE' Audit Option Is EnabledCIS Oracle Server 12c DB Traditional Auditing v3.0.0OracleDB

AUDIT AND ACCOUNTABILITY

6.2.2.2 Ensure journald ForwardToSyslog is disabledCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.13 Ensure the 'ALTER DATABASE LINK' Action Audit Is EnabledCIS Oracle Server 18c DB Unified Auditing v1.1.0OracleDB

AUDIT AND ACCOUNTABILITY

6.2.17 Ensure the 'DROP SYNONYM' Action Audit Is EnabledCIS Oracle Server 18c DB Unified Auditing v1.1.0OracleDB

AUDIT AND ACCOUNTABILITY

6.2.25 Ensure the 'ALTER TRIGGER' Action Audit IS EnabledCIS Oracle Server 18c DB Unified Auditing v1.1.0OracleDB

AUDIT AND ACCOUNTABILITY

6.2.26 Ensure the 'DROP TRIGGER' Action Audit Is EnabledCIS Oracle Server 12c DB Unified Auditing v3.0.0OracleDB

AUDIT AND ACCOUNTABILITY

6.3.1.3 Ensure audit_backlog_limit is sufficientCIS Oracle Linux 9 v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.1.3 Ensure audit_backlog_limit is sufficientCIS Red Hat Enterprise Linux 9 v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.3.3.15 Ensure successful and unsuccessful attempts to use the chcon command are collectedCIS Oracle Linux 9 v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.3.3.16 Ensure successful and unsuccessful attempts to use the setfacl command are collectedCIS Red Hat Enterprise Linux 9 v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.3.17 Ensure successful and unsuccessful attempts to use the chacl command are collectedCIS Oracle Linux 9 v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.3.3.17 Ensure successful and unsuccessful attempts to use the chacl command are collectedCIS Red Hat Enterprise Linux 9 v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.3.3.18 Ensure successful and unsuccessful attempts to use the usermod command are collectedCIS Red Hat Enterprise Linux 9 v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.5 Ensure Audit Logging Is Enabled - audit_log_userCIS MySQL 5.7 Community Database L2 v2.0.0MySQLDB

AUDIT AND ACCOUNTABILITY

6.8 Ensure the Audit Plugin Can't be UnloadedCIS MySQL 8.0 Enterprise Database L1 v1.3.0MySQLDB

AUDIT AND ACCOUNTABILITY

18.10.43.1 (NG) Ensure 'Allow auditing events in Microsoft Defender Application Guard' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NGWindows

AUDIT AND ACCOUNTABILITY

18.10.43.1 (NG) Ensure 'Allow auditing events in Microsoft Defender Application Guard' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v3.0.0 NGWindows

AUDIT AND ACCOUNTABILITY