Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.10 Audit Docker files and directories - docker.serviceCIS Docker 1.11.0 v1.0.0 L1 LinuxUnix

AUDIT AND ACCOUNTABILITY

1.11 Audit Docker files and directories - docker.socketCIS Docker 1.12.0 v1.0.0 L1 LinuxUnix

AUDIT AND ACCOUNTABILITY

1.12 Audit Docker files and directories - docker.serviceCIS Docker 1.6 v1.0.0 L1 LinuxUnix

AUDIT AND ACCOUNTABILITY

1.17 Audit Docker files and directories - /etc/sysconfig/docker-storageCIS Docker 1.6 v1.0.0 L1 LinuxUnix

AUDIT AND ACCOUNTABILITY

1.18 Audit Docker files and directories - /etc/default/dockerCIS Docker 1.6 v1.0.0 L1 LinuxUnix

AUDIT AND ACCOUNTABILITY

2.2.3 Ensure SNMP traps is enabled - authorizationErrorCIS Check Point Firewall L1 v1.1.0CheckPoint

AUDIT AND ACCOUNTABILITY

2.2.3 Set 'logging console critical'CIS Cisco IOS 12 L1 v4.0.0Cisco

AUDIT AND ACCOUNTABILITY

2.6.3 Ensure cplogs is set to onCIS Check Point Firewall L1 v1.1.0CheckPoint

AUDIT AND ACCOUNTABILITY

3.1 Enable security auditingCIS Apple macOS 10.12 L1 v1.2.0Unix

AUDIT AND ACCOUNTABILITY

3.1.12 Set administrative notification levelCIS IBM DB2 v10 v1.1.0 Linux OS Level 1Unix

AUDIT AND ACCOUNTABILITY

3.2 Configure Security Auditing Flags - 'audit successful/failed login/logout events'CIS Apple macOS 10.12 L2 v1.2.0Unix

AUDIT AND ACCOUNTABILITY

3.2 Configure Security Auditing Flags per local organizational requirements - 'audit successful/failed file attribute modification events'CIS Apple macOS 10.13 L2 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

3.6 Ensure Firewall is configured to logCIS Apple macOS 10.13 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

4.1.2.2 Ensure auditing of the unix_chkpwd commandCIS Amazon Linux 2 STIG v1.0.0 L3Unix

AUDIT AND ACCOUNTABILITY

4.1.2.5 Ensure audit all uses of the newgrp command.CIS Amazon Linux 2 STIG v1.0.0 L3Unix

AUDIT AND ACCOUNTABILITY

4.1.2.9 Ensure audit of postqueue command.CIS Amazon Linux 2 STIG v1.0.0 L3Unix

AUDIT AND ACCOUNTABILITY

4.1.2.15 Ensure audit of unlink syscall - 32 bitCIS Amazon Linux 2 STIG v1.0.0 L3Unix

AUDIT AND ACCOUNTABILITY

4.1.2.15 Ensure audit of unlink syscall - 64 bitCIS Amazon Linux 2 STIG v1.0.0 L3Unix

AUDIT AND ACCOUNTABILITY

4.1.14 Ensure file deletion events by users are collected - auditctlCIS Amazon Linux v2.1.0 L2Unix

AUDIT AND ACCOUNTABILITY

4.1.14 Ensure file deletion events by users are collected - b64CIS Amazon Linux v2.1.0 L2Unix

AUDIT AND ACCOUNTABILITY

4.3.1 Configure a syslog channel 'general local_syslog'CIS ISC BIND 9.0/9.5 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.3.2 Configure a File Channel 'debug.log print-time'CIS ISC BIND 9.0/9.5 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.3.2 Configure a File Channel 'print-time'CIS ISC BIND 9.0/9.5 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

5.2 SnapMirror - 'snapmirror.log.enable = on'TNS NetApp Data ONTAP 7GNetApp

AUDIT AND ACCOUNTABILITY

5.3 Enable logging of packets received on closed ports (net.inet.tcp.log_in_vain)CIS FreeBSD v1.0.5Unix

AUDIT AND ACCOUNTABILITY

5.4 CIFS - 'cifs.audit.autosave.file.limit has been configured'TNS NetApp Data ONTAP 7GNetApp

AUDIT AND ACCOUNTABILITY

5.5 Ensure Cloudwatch Log Group is created for App TierCIS Amazon Web Services Three-tier Web Architecture L1 1.0.0amazon_aws

AUDIT AND ACCOUNTABILITY

8.1.1.3 Keep All Auditing InformationCIS Debian Linux 7 L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

8.1.4 Record Events That Modify Date and Time Information - 64 bit clock_settimeCIS Debian Linux 7 L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

8.1.5 Record Events That Modify User/Group Information - /etc/groupCIS Debian Linux 7 L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

8.1.6 Record Events That Modify the System's Network Environment - /etc/hostsCIS Debian Linux 7 L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

8.1.6 Record Events That Modify the System's Network Environment - /etc/issue.netCIS Debian Linux 7 L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

8.1.8 Collect Login and Logout Events - /var/log/faillogCIS Debian Linux 7 L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

8.1.10 Collect Discretionary Access Control Permission Modification Events - 32 bit setxattrCIS Debian Linux 7 L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

8.1.10 Collect Discretionary Access Control Permission Modification Events - 64 bit chmodCIS Debian Linux 7 L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

8.1.11 Collect Unsuccessful Unauthorized Access Attempts to Files - 64 bit EPERMCIS Debian Linux 7 L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

8.1.12 Collect Use of Privileged CommandsCIS Debian Linux 7 L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

8.1.15 Collect Changes to System Administration Scope (sudoers)CIS Debian Linux 7 L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

8.2.4 Create and Set Permissions on rsyslog Log Files - createdCIS Debian Linux 7 L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

9.3.2 Set LogLevel to INFOCIS Debian Linux 7 L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

Brocade - Configures filters for a specified audit classTenable Best Practices Brocade FabricOSBrocade

AUDIT AND ACCOUNTABILITY

Brocade - Enable HTTPS ssl logTenable Best Practices Brocade FabricOSBrocade

AUDIT AND ACCOUNTABILITY

Ensure 'logging' is enabledTenable Cisco Firepower Threat Defense Best Practices AuditCisco_Firepower

AUDIT AND ACCOUNTABILITY

FireEye - Remote syslog is enabledTNS FireEyeFireEye

AUDIT AND ACCOUNTABILITY

Fortigate - Enable logs of failed connection attemptsTNS Fortigate FortiOS Best Practices v2.0.0FortiGate

AUDIT AND ACCOUNTABILITY

Fortigate - External Logging - 'syslog3'TNS Fortigate FortiOS Best Practices v2.0.0FortiGate

AUDIT AND ACCOUNTABILITY

SonicWALL - Logging Level - InformationTNS SonicWALL v5.9SonicWALL

AUDIT AND ACCOUNTABILITY

SonicWALL - SSL Control - Block the conn. and log the eventTNS SonicWALL v5.9SonicWALL

AUDIT AND ACCOUNTABILITY

Syslog - Admin StateTenable Cisco ACICisco_ACI

AUDIT AND ACCOUNTABILITY

WatchGuard : IPS Logging Threat Level Medium - EnabledTNS Best Practice WatchGuard Audit 1.0.0WatchGuard

AUDIT AND ACCOUNTABILITY