Item Search

Name	Audit Name	Plugin	Category
1.1.13 Ensure separate partition exists for /home	CIS Aliyun Linux 2 L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.6.1.1 Ensure SELinux is not disabled in bootloader configuration - enforcing	CIS Aliyun Linux 2 L2 v1.0.0	Unix	ACCESS CONTROL
1.6.1.2 Ensure the SELinux state is enforcing - /etc/selinux/config	CIS Aliyun Linux 2 L2 v1.0.0	Unix	ACCESS CONTROL
1.6.1.4 Ensure SETroubleshoot is not installed	CIS Aliyun Linux 2 L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.4 Ensure events that modify date and time information are collected - /etc/localtime	CIS Aliyun Linux 2 L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.4 Ensure events that modify date and time information are collected - adjtimex	CIS Aliyun Linux 2 L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.4 Ensure events that modify date and time information are collected - clock_settime (32-bit)	CIS Aliyun Linux 2 L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.6 Ensure events that modify the system's network environment are collected - /etc/issue.net	CIS Aliyun Linux 2 L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.6 Ensure events that modify the system's network environment are collected - auditctl /etc/sysconfig/network	CIS Aliyun Linux 2 L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.6 Ensure events that modify the system's network environment are collected - auditctl /etc/sysconfig/network-scripts	CIS Aliyun Linux 2 L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.6 Ensure events that modify the system's network environment are collected - sethostname (32-bit)	CIS Aliyun Linux 2 L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.9 Ensure session initiation information is collected - /var/run/utmp	CIS Aliyun Linux 2 L2 v1.0.0	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.9 Ensure session initiation information is collected - auditctl /var/log/btmp	CIS Aliyun Linux 2 L2 v1.0.0	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.10 Ensure discretionary access control permission modification events are collected - auditctl chmod/fchmod/fchmodat (64-bit)	CIS Aliyun Linux 2 L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EPERM (32-bit)	CIS Aliyun Linux 2 L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EPERM (64-bit)	CIS Aliyun Linux 2 L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - EPERM (32-bit)	CIS Aliyun Linux 2 L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - EPERM (64-bit)	CIS Aliyun Linux 2 L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.13 Ensure successful file system mounts are collected - auditctl (64-bit)	CIS Aliyun Linux 2 L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.15 Ensure changes to system administration scope (sudoers) is collected - /etc/sudoers	CIS Aliyun Linux 2 L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.15 Ensure changes to system administration scope (sudoers) is collected - auditctl /etc/sudoers.d	CIS Aliyun Linux 2 L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.16 Ensure system administrator actions (sudolog) are collected - auditctl	CIS Aliyun Linux 2 L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
5.2.3.6 Ensure use of privileged commands are collected	CIS Amazon Linux 2 v3.0.0 L2	Unix	AUDIT AND ACCOUNTABILITY
5.2.3.16 Ensure successful and unsuccessful attempts to use the setfacl command are recorded	CIS Amazon Linux 2 v3.0.0 L2	Unix	AUDIT AND ACCOUNTABILITY
5.2.4.4 Ensure only authorized groups are assigned ownership of audit log files	CIS Amazon Linux 2 v3.0.0 L2	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.2.4.10 Ensure audit tools belong to group root	CIS Amazon Linux 2 v3.0.0 L2	Unix	ACCESS CONTROL, MEDIA PROTECTION
auditctl /etc/gshadow	CIS Amazon Linux 2 v3.0.0 L2	Unix
auditctl /etc/passwd	CIS Amazon Linux 2 v3.0.0 L2	Unix
auditctl /etc/security/opasswd	CIS Amazon Linux 2 v3.0.0 L2	Unix
auditctl /etc/selinux	CIS Amazon Linux 2 v3.0.0 L2	Unix
auditctl /etc/sysconfig/network-scripts	CIS Amazon Linux 2 v3.0.0 L2	Unix
auditctl b32 EACCES	CIS Amazon Linux 2 v3.0.0 L2	Unix
auditctl b32 lchown	CIS Amazon Linux 2 v3.0.0 L2	Unix
auditctl b32 removexattr	CIS Amazon Linux 2 v3.0.0 L2	Unix
auditctl b64 fchmod	CIS Amazon Linux 2 v3.0.0 L2	Unix
auditctl b64 fchownat	CIS Amazon Linux 2 v3.0.0 L2	Unix
auditctl faillock	CIS Amazon Linux 2 v3.0.0 L2	Unix
auditctl settimeofday x32	CIS Amazon Linux 2 v3.0.0 L2	Unix
b32 EACCES	CIS Amazon Linux 2 v3.0.0 L2	Unix
b32 EPERM	CIS Amazon Linux 2 v3.0.0 L2	Unix
b64	CIS Amazon Linux 2 v3.0.0 L2	Unix
b64 fchown	CIS Amazon Linux 2 v3.0.0 L2	Unix
b64 fchownat	CIS Amazon Linux 2 v3.0.0 L2	Unix
b64 sethostname	CIS Amazon Linux 2 v3.0.0 L2	Unix
Check selinux is installed	CIS Aliyun Linux 2 L2 v1.0.0	Unix
CIS_Amazon_Linux_2_v3.0.0_L2.audit from CIS Amazon Linux 2 Benchmark v3.0.0	CIS Amazon Linux 2 v3.0.0 L2	Unix
init_module b64	CIS Amazon Linux 2 v3.0.0 L2	Unix
sshd_config	CIS Amazon Linux 2 v3.0.0 L2	Unix
sudo log	CIS Amazon Linux 2 v3.0.0 L2	Unix
utmp	CIS Amazon Linux 2 v3.0.0 L2	Unix

Detections

Analytics

Item Search