Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.2.16 Ensure that the --audit-log-path argument is setCIS Kubernetes v1.12.0 L1 Master NodeUnix

AUDIT AND ACCOUNTABILITY

2.2 Ensure the Log Config Module Is EnabledCIS Apache HTTP Server 2.2 L1 v3.6.0Unix

AUDIT AND ACCOUNTABILITY

3.1.1 (L1) Ensure Microsoft 365 audit log search is EnabledCIS Microsoft 365 Foundations v5.0.0 L1 E5microsoft_azure

AUDIT AND ACCOUNTABILITY

3.2 Ensure the PostgreSQL Audit Extension (pgAudit) is enabledCIS PostgreSQL 16 v1.1.0 L1 OS Linux PostgreSQLDBPostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.2 Ensure the PostgreSQL Audit Extension (pgAudit) is enabledCIS PostgreSQL 15 v1.2.0 L1 OS Linux PostgreSQLDBPostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.2.1 Ensure that a minimal audit policy is createdCIS Kubernetes v1.12.0 L1 Master NodeUnix

AUDIT AND ACCOUNTABILITY

4.2.8 Ensure that the eventRecordQPS argument is set to a level which ensures appropriate event captureCIS Kubernetes v1.12.0 L2 Worker NodeUnix

AUDIT AND ACCOUNTABILITY

4.2.9 Ensure that the --event-qps argument is set to 0 or a level which ensures appropriate event captureCIS Kubernetes v1.23 Benchmark v1.0.1 L2 WorkerUnix

AUDIT AND ACCOUNTABILITY

4.2.9 Ensure that the eventRecordQPS argument is set to a level which ensures appropriate event captureCIS Kubernetes v1.24 Benchmark v1.0.0 L2 WorkerUnix

AUDIT AND ACCOUNTABILITY

5.2.1.2 Ensure auditing for processes that start prior to auditd is enabledCIS Amazon Linux 2 v3.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

5.2.1.2 Ensure auditing for processes that start prior to auditd is enabledCIS Red Hat Enterprise Linux 7 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

5.2.1.3 Ensure audit_backlog_limit is sufficientCIS Amazon Linux 2023 v1.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

5.2.1.3 Ensure audit_backlog_limit is sufficientCIS Amazon Linux 2 v3.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

5.2.3.16 Ensure successful and unsuccessful attempts to use the setfacl command are recordedCIS Red Hat Enterprise Linux 7 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

5.2.3.17 Ensure successful and unsuccessful attempts to use the chacl command are recordedCIS Amazon Linux 2023 v1.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

5.2.3.17 Ensure successful and unsuccessful attempts to use the chacl command are recordedCIS Oracle Linux 7 v4.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.2.3.17 Ensure successful and unsuccessful attempts to use the chacl command are recordedCIS Red Hat Enterprise Linux 7 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

5.2.3.17 Ensure successful and unsuccessful attempts to use the chacl command are recordedCIS Red Hat Enterprise Linux 7 v4.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.2.3.18 Ensure successful and unsuccessful attempts to use the usermod command are recordedCIS Debian Linux 10 v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

5.2.3.18 Ensure successful and unsuccessful attempts to use the usermod command are recordedCIS CentOS Linux 7 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

5.2.3.18 Ensure successful and unsuccessful attempts to use the usermod command are recordedCIS Amazon Linux 2 v3.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

6.1 Ensure the Error Log Filename and Severity Level Are Configured Correctly - 'httpd.conf <VirtualHost> ErrorLog is configured'CIS Apache HTTP Server 2.2 L1 v3.6.0Unix

AUDIT AND ACCOUNTABILITY

6.2.3.15 Ensure successful and unsuccessful attempts to use the chcon command are collectedCIS Debian Linux 12 v1.1.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.3.15 Ensure successful and unsuccessful attempts to use the chcon command are collectedCIS Debian Linux 12 v1.1.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.3.1.2 Ensure auditing for processes that start prior to auditd is enabledCIS Red Hat Enterprise Linux 8 STIG v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.3.1.2 Ensure auditing for processes that start prior to auditd is enabledCIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

6.3.1.2 Ensure auditing for processes that start prior to auditd is enabledCIS Rocky Linux 8 v3.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.3.1.3 Ensure audit_backlog_limit is sufficientCIS Rocky Linux 9 v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.3.3.15 Ensure successful and unsuccessful attempts to use the chcon command are collectedCIS Oracle Linux 9 v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.3.3.15 Ensure successful and unsuccessful attempts to use the chcon command are collectedCIS Red Hat Enterprise Linux 8 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.3.15 Ensure successful and unsuccessful attempts to use the chcon command are collectedCIS AlmaLinux OS 8 v4.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.3.3.16 Ensure successful and unsuccessful attempts to use the setfacl command are collectedCIS Rocky Linux 9 v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.3.16 Ensure successful and unsuccessful attempts to use the setfacl command are collectedCIS Red Hat Enterprise Linux 8 STIG v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.3.3.16 Ensure successful and unsuccessful attempts to use the setfacl command are collectedCIS AlmaLinux OS 8 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.3.16 Ensure successful and unsuccessful attempts to use the setfacl command are collectedCIS Oracle Linux 8 v4.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.3.3.17 Ensure successful and unsuccessful attempts to use the chacl command are collectedCIS Rocky Linux 9 v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.3.17 Ensure successful and unsuccessful attempts to use the chacl command are collectedCIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

6.3.3.17 Ensure successful and unsuccessful attempts to use the chacl command are collectedCIS AlmaLinux OS 8 v4.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.3.3.17 Ensure successful and unsuccessful attempts to use the chacl command are collectedCIS Rocky Linux 8 v3.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.3.3.17 Ensure successful and unsuccessful attempts to use the chacl command are collectedCIS AlmaLinux OS 9 v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.3.18 Ensure successful and unsuccessful attempts to use the usermod command are collectedCIS Red Hat Enterprise Linux 9 v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.3.18 Ensure successful and unsuccessful attempts to use the usermod command are collectedCIS Red Hat Enterprise Linux 8 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.3.18 Ensure successful and unsuccessful attempts to use the usermod command are collectedCIS Rocky Linux 8 v3.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.3.27 Ensure successful and unsuccessful attempts to use the chcon command are collectedCIS AlmaLinux OS 10 v1.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.3.28 Ensure successful and unsuccessful attempts to use the setfacl command are collectedCIS Rocky Linux 10 v1.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.3.30 Ensure successful and unsuccessful attempts to use the usermod command are collectedCIS Oracle Linux 10 v1.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.4.1.3 Ensure auditing for processes that start prior to auditd is enabledCIS Debian Linux 11 v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.4.3.15 Ensure successful and unsuccessful attempts to use the chcon command are recordedCIS Debian Linux 11 v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.4.3.15 Ensure successful and unsuccessful attempts to use the chcon command are recordedCIS Debian Linux 11 v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

9.2 Configure a Logging File Channel - category xfer-inCIS BIND DNS v1.0.0 L1 Caching Only Name ServerUnix

AUDIT AND ACCOUNTABILITY