Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.2.28 Ensure 'Generate security audits' is set to 'LOCAL SERVICE, NETWORK SERVICE' - LOCAL SERVICE, NETWORK SERVICECIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

2.2.30 (L1) Ensure 'Generate security audits' is set to 'LOCAL SERVICE, NETWORK SERVICE'CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1Windows

AUDIT AND ACCOUNTABILITY

2.4 Ensure Log Metric Filter and Alerts Exist for Project Ownership Assignments/ChangesCIS Google Cloud Platform v3.0.0 L1GCP

AUDIT AND ACCOUNTABILITY

3.1.10 Ensure the correct syslog facility is selectedCIS PostgreSQL 15 DB v1.1.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.2 Ensure the PostgreSQL Audit Extension (pgAudit) is enabledCIS PostgreSQL 14 DB v 1.2.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

4.1.3.18 Ensure successful and unsuccessful attempts to use the usermod command are recordedCIS CentOS Linux 8 Server L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.3.18 Ensure successful and unsuccessful attempts to use the usermod command are recordedCIS CentOS Linux 8 Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.5 Ensure 'Message tracking logging' is set to 'True'CIS Microsoft Exchange Server 2019 L1 Edge v1.0.0Windows

AUDIT AND ACCOUNTABILITY

5.2.1.2 Ensure auditing for processes that start prior to auditd is enabledCIS Oracle Linux 7 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

5.2.1.2 Ensure auditing for processes that start prior to auditd is enabledCIS Oracle Linux 8 Workstation L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

5.2.1.2 Ensure auditing for processes that start prior to auditd is enabledCIS AlmaLinux OS 8 Server L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

5.2.1.3 Ensure audit_backlog_limit is sufficientCIS Red Hat Enterprise Linux 7 v4.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.2.1.3 Ensure audit_backlog_limit is sufficientCIS Oracle Linux 8 Workstation L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

5.2.1.3 Ensure audit_backlog_limit is sufficientCIS Amazon Linux 2 v3.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

5.2.3.15 Ensure successful and unsuccessful attempts to use the chcon command are recordedCIS Ubuntu Linux 20.04 LTS Server L2 v2.0.1Unix

AUDIT AND ACCOUNTABILITY

5.2.3.15 Ensure successful and unsuccessful attempts to use the chcon command are recordedCIS Ubuntu Linux 18.04 LTS v2.2.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.2.3.15 Ensure successful and unsuccessful attempts to use the chcon command are recordedCIS Red Hat EL8 Workstation L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

5.2.3.15 Ensure successful and unsuccessful attempts to use the chcon command are recordedCIS Oracle Linux 7 v4.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.2.3.15 Ensure successful and unsuccessful attempts to use the chcon command are recordedCIS AlmaLinux OS 8 Server L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

5.2.3.15 Ensure successful and unsuccessful attempts to use the chcon command are recordedCIS Amazon Linux 2 v3.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

5.2.3.17 Ensure successful and unsuccessful attempts to use the chacl command are recordedCIS Rocky Linux 8 Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

5.2.3.18 Ensure successful and unsuccessful attempts to use the usermod command are recordedCIS Rocky Linux 8 Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

5.2.3.18 Ensure successful and unsuccessful attempts to use the usermod command are recordedCIS Oracle Linux 7 v4.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.2.3.18 Ensure successful and unsuccessful attempts to use the usermod command are recordedCIS Oracle Linux 8 Workstation L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

5.2.3.18 Ensure successful and unsuccessful attempts to use the usermod command are recordedCIS Amazon Linux 2 v3.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

5.7.1 Ensure Logging and Cloud Monitoring is EnabledCIS Google Kubernetes Engine (GKE) v1.6.1 L1GCP

AUDIT AND ACCOUNTABILITY

6.1.1 Configuring syslog - local logging - /var/adm/syslogCIS IBM AIX 7.1 L1 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

6.2.1.1.4 Ensure journald ForwardToSyslog is disabledCIS Ubuntu Linux 22.04 LTS v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.2.2 Ensure journald ForwardToSyslog is disabledCIS Oracle Linux 9 v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.2.2 Ensure journald ForwardToSyslog is disabledCIS AlmaLinux OS 9 v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.3.15 Ensure successful and unsuccessful attempts to use the chcon command are collectedCIS Ubuntu Linux 24.04 LTS v1.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.3.17 Ensure successful and unsuccessful attempts to use the chacl command are collectedCIS Ubuntu Linux 24.04 LTS v1.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.3.18 Ensure successful and unsuccessful attempts to use the usermod command are collectedCIS Ubuntu Linux 24.04 LTS v1.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.1.2 Ensure auditing for processes that start prior to auditd is enabledCIS Red Hat Enterprise Linux 9 v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.1.2 Ensure auditing for processes that start prior to auditd is enabledCIS Rocky Linux 9 v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.3.1.3 Ensure audit_backlog_limit is sufficientCIS Oracle Linux 9 v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.3.1.3 Ensure audit_backlog_limit is sufficientCIS Rocky Linux 9 v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.3.15 Ensure successful and unsuccessful attempts to use the chcon command are collectedCIS AlmaLinux OS 9 v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.3.15 Ensure successful and unsuccessful attempts to use the chcon command are recordedCIS Ubuntu Linux 22.04 LTS v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.3.3.16 Ensure successful and unsuccessful attempts to use the setfacl command are collectedCIS Red Hat Enterprise Linux 9 v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.3.3.16 Ensure successful and unsuccessful attempts to use the setfacl command are collectedCIS Oracle Linux 9 v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.5 Ensure Audit Logging Is EnabledCIS MySQL 5.6 Community Database L2 v2.0.0MySQLDB

AUDIT AND ACCOUNTABILITY

7.1.3 Ensure Audit Policies are Enabled Within the DatabaseCIS IBM DB2 11 v1.1.0 Database Level 1IBM_DB2DB

AUDIT AND ACCOUNTABILITY

18.10.43.1 (L1) Ensure 'Allow auditing events in Microsoft Defender Application Guard' is set to 'Enabled'CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

18.10.43.1 (L1) Ensure 'Allow auditing events in Microsoft Defender Application Guard' is set to 'Enabled'CIS Microsoft Windows 11 Stand-alone v3.0.0 L1 + BLWindows

AUDIT AND ACCOUNTABILITY

18.10.43.1 (L1) Ensure 'Allow auditing events in Microsoft Defender Application Guard' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v3.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

20.2 Ensure 'Active Directory AdminSDHolder object is configured with proper audit settings' (STIG DC only)CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

AUDIT AND ACCOUNTABILITY

20.3 Ensure 'Active Directory Domain Controllers Organizational Unit (OU) object have the proper access control permissions' (STIG DC only)CIS Microsoft Windows Server 2019 STIG v2.0.0 STIG DCWindows

AUDIT AND ACCOUNTABILITY

20.8 Ensure 'Active Directory Infrastructure object is configured with proper audit settings' (STIG DC only)CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

AUDIT AND ACCOUNTABILITY

20.9 Ensure 'Active Directory RID Manager$ object is configured with proper audit settings' (STIG DC only)CIS Microsoft Windows Server 2019 STIG v2.0.0 STIG DCWindows

AUDIT AND ACCOUNTABILITY