Detections
Analytics

Item Search

NameAudit NamePluginCategory
3.1.13 Ensure the program name for PostgreSQL syslog messages is correctCIS PostgreSQL 14 DB v 1.2.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.13 Ensure the program name for PostgreSQL syslog messages is correctCIS PostgreSQL 16 DB v1.0.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.20 Ensure 'log_connections' is enabledCIS PostgreSQL 16 DB v1.0.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.20 Ensure 'log_connections' is enabled - log_connections is enabledCIS PostgreSQL 12 DB v1.1.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.22 Ensure 'log_error_verbosity' is set correctlyCIS PostgreSQL 14 DB v 1.2.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.24 Ensure 'log_line_prefix' is set correctlyCIS PostgreSQL 16 DB v1.0.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.24 Ensure 'log_line_prefix' is set correctly - log_line_prefix is set correctlyCIS PostgreSQL 12 DB v1.1.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.25 Ensure 'log_statement' is set correctlyCIS PostgreSQL 13 DB v1.2.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.26 Ensure 'log_timezone' is set correctlyCIS PostgreSQL 13 DB v1.2.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify date and time information are collected - audit.rules b32 adjtimexCIS SUSE Linux Enterprise Workstation 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify date and time information are collected - audit.rules b64 clock_settimeCIS SUSE Linux Enterprise Workstation 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify date and time information are collected - auditctl b32 clock_settimeCIS SUSE Linux Enterprise Server 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify date and time information are collected - auditctl b64 adjtimexCIS SUSE Linux Enterprise Server 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify date and time information are collected - auditctl b64 clock_settimeCIS SUSE Linux Enterprise Workstation 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.5 Ensure events that modify user/group information are collected - /etc/groupCIS SUSE Linux Enterprise Workstation 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.5 Ensure events that modify user/group information are collected - /etc/gshadowCIS SUSE Linux Enterprise Server 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.5 Ensure events that modify user/group information are collected - /etc/security/opasswdCIS SUSE Linux Enterprise Workstation 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.5 Ensure events that modify user/group information are collected - /etc/security/opasswdCIS SUSE Linux Enterprise Server 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.5 Ensure events that modify user/group information are collected - auditctl /etc/groupCIS SUSE Linux Enterprise Workstation 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.5 Ensure events that modify user/group information are collected - auditctl /etc/gshadowCIS SUSE Linux Enterprise Workstation 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.7 Ensure events that modify the system's Mandatory Access Controls are collected - /usr/share/selinux/CIS SUSE Linux Enterprise Workstation 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.7 Ensure events that modify the system's Mandatory Access Controls are collected - auditctl /usr/share/selinux/CIS SUSE Linux Enterprise Workstation 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.7 Ensure events that modify the system's Mandatory Access Controls are collected - auditctl /usr/share/selinux/CIS SUSE Linux Enterprise Server 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.10 Ensure discretionary access control permission modification events are collected - auditctl b64 setxattrCIS SUSE Linux Enterprise Workstation 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.10 Ensure discretionary access control permission modification events are collected - auditctl b64 setxattrCIS SUSE Linux Enterprise Server 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.10 Ensure discretionary access control permission modification events are collected - b32 setxattrCIS SUSE Linux Enterprise Server 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.10 Ensure discretionary access control permission modification events are collected - b64 chmod fchmodCIS SUSE Linux Enterprise Workstation 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.10 Ensure discretionary access control permission modification events are collected - b64 chown fchownCIS SUSE Linux Enterprise Workstation 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - auditctl b64 EPERMCIS SUSE Linux Enterprise Workstation 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - auditctl b64 EPERMCIS SUSE Linux Enterprise Server 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - b32 EACCESCIS SUSE Linux Enterprise Workstation 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - b32 EPERMCIS SUSE Linux Enterprise Server 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - b64 EACCESCIS SUSE Linux Enterprise Server 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - b64 EPERMCIS SUSE Linux Enterprise Server 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.15 Ensure changes to system administration scope (sudoers) is collected - /etc/sudoers.dCIS SUSE Linux Enterprise Server 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.16 Ensure system administrator actions (sudolog) are collectedCIS SUSE Linux Enterprise Workstation 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.2 Ensure 'Turn on administrator audit logging' is set to ''CIS Microsoft Exchange Server 2019 L1 Mailbox v1.0.0Windows

AUDIT AND ACCOUNTABILITY

5.2.3 Ensure sudo log file existsCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

5.3.9 Ensure SSH MaxAuthTries is set to 4 or lessCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

5.4 Ensure 'SQL Server Audit' is set to capture both 'failed' and 'successful logins'CIS SQL Server 2017 Database L1 DB v1.3.0MS_SQLDB

AUDIT AND ACCOUNTABILITY

5.4 Ensure 'SQL Server Audit' is set to capture both 'failed' and 'successful logins'CIS Microsoft SQL Server 2019 v1.4.0 L1 Database EngineMS_SQLDB

AUDIT AND ACCOUNTABILITY

6.1.2 Ensure Diagnostic Setting captures appropriate categoriesCIS Microsoft Azure Foundations v3.0.0 L1microsoft_azure

AUDIT AND ACCOUNTABILITY

6.2 AIX Auditing - cron audit rotationCIS IBM AIX 7.1 L2 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

6.2.2 Ensure that Activity Log Alert exists for Delete Policy AssignmentCIS Microsoft Azure Foundations v3.0.0 L1microsoft_azure

AUDIT AND ACCOUNTABILITY

6.2.6 Ensure that Activity Log Alert exists for Delete Security SolutionCIS Microsoft Azure Foundations v3.0.0 L1microsoft_azure

AUDIT AND ACCOUNTABILITY

7.2 Specify file handler in logging.properties files - check if java.util.logging.ConsoleHandler exists in web applicationCIS Apache Tomcat 10 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

7.2 Specify file handler in logging.properties files - check if java.util.logging.ConsoleHandler logging is enabled in defaultCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

AUDIT AND ACCOUNTABILITY

7.2 Specify file handler in logging.properties files - check if org.apache.juli.FileHandler exists in web applicationCIS Apache Tomcat 10 L1 v1.1.0 MiddlewareUnix

AUDIT AND ACCOUNTABILITY

7.2 Specify file handler in logging.properties files - check if org.apache.juli.FileHandler logging is enabled in web applicationCIS Apache Tomcat 9 L1 v1.2.0Unix

AUDIT AND ACCOUNTABILITY

10.18 Use the logEffectiveWebXml and metadata-complete settings for deploying applications in production - web.xmlCIS Apache Tomcat 10 L1 v1.1.0 MiddlewareUnix

AUDIT AND ACCOUNTABILITY