Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.2.16 Ensure that the --audit-log-path argument is setCIS Kubernetes v1.10.0 L1 MasterUnix

AUDIT AND ACCOUNTABILITY

2.2.12 Ensure 'SEC_PROTOCOL_ERROR_TRACE_ACTION' Is Set to 'LOG'CIS Oracle Server 18c DB Traditional Auditing v1.1.0OracleDB

AUDIT AND ACCOUNTABILITY

2.2.12 Ensure 'SEC_PROTOCOL_ERROR_TRACE_ACTION' Is Set to 'LOG'CIS Oracle Server 18c DB Unified Auditing v1.1.0OracleDB

AUDIT AND ACCOUNTABILITY

2.2.28 (L1) Ensure 'Generate security audits' is set to 'LOCAL SERVICE, NETWORK SERVICE'CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

3.3.4 Ensure suspicious packets are logged - 'net.ipv4.conf.all.log_martians = 1 /etc/sysctl.conf /etc/sysctl.d/*'CIS Oracle Linux 6 Server L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

3.3.4 Ensure suspicious packets are logged - 'net.ipv4.conf.all.log_martians = 1 /etc/sysctl.conf /etc/sysctl.d/*'CIS CentOS 6 Server L1 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

3.3.4 Ensure suspicious packets are logged - 'net.ipv4.conf.all.log_martians = 1 /etc/sysctl.conf /etc/sysctl.d/*'CIS CentOS 6 Workstation L1 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

3.3.4 Ensure suspicious packets are logged - 'net.ipv4.conf.all.log_martians = 1 /sbin/sysctl'CIS CentOS 6 Server L1 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

3.3.4 Ensure suspicious packets are logged - 'net.ipv4.conf.default.log_martians = 1 /etc/sysctl.conf /etc/sysctl.d/*'CIS CentOS 6 Server L1 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.1.1 Ensure auditd is installed - audit-libsCIS Oracle Linux 6 Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.1.3 Ensure auditd service is enabledCIS Oracle Linux 6 Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.1.3 Ensure auditd service is enabledCIS CentOS 6 Workstation L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.1.4 Ensure audit_backlog_limit is sufficientCIS Fedora 28 Family Linux Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.1.4 Ensure auditing for processes that start prior to auditd is enabledCIS CentOS 6 Server L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.3.18 Ensure successful and unsuccessful attempts to use the usermod command are recordedCIS Fedora 28 Family Linux Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.1.1 Ensure rsyslog is installedCIS Oracle Linux 6 Server L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.1.2 Ensure rsyslog Service is enabledCIS Oracle Linux 6 Server L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.1.2 Ensure rsyslog Service is enabledCIS CentOS 6 Server L1 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.1.2 Ensure rsyslog Service is enabledCIS CentOS 6 Workstation L1 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.1.3 Ensure logging is configuredCIS Oracle Linux 6 Server L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.5 Configure Solaris AuditingCIS Oracle Solaris 11.4 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

5.1.7 Ensure SSH MaxAuthTries is set to 4 or lessCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

5.2.1.3 Ensure audit_backlog_limit is sufficientCIS Oracle Linux 7 v4.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.2.3.15 Ensure successful and unsuccessful attempts to use the chcon command are recordedCIS Oracle Linux 8 Workstation L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

5.2.3.17 Ensure successful and unsuccessful attempts to use the chacl command are recordedCIS Oracle Linux 8 Workstation L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

5.2.3.18 Ensure successful and unsuccessful attempts to use the usermod command are recordedCIS Oracle Linux 8 Server L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

6.1 Ensure 'log_error' is configured correctlyCIS MySQL 5.7 Enterprise Database L1 v2.0.0MySQLDB

AUDIT AND ACCOUNTABILITY

6.1 Ensure 'log_error' is configured correctlyCIS MySQL 8.0 Community Database L1 v1.0.0MySQLDB

AUDIT AND ACCOUNTABILITY

6.1 Ensure 'log_error' is configured correctlyCIS MySQL 8.0 Enterprise Database L1 v1.3.0MySQLDB

AUDIT AND ACCOUNTABILITY

6.1.5 Ensure the 'DATABASE LINK' Audit Option Is EnabledCIS Oracle Server 18c DB Traditional Auditing v1.1.0OracleDB

AUDIT AND ACCOUNTABILITY

6.1.11 Ensure the 'GRANT ANY OBJECT PRIVILEGE' Audit Option Is EnabledCIS Oracle Server 18c DB Traditional Auditing v1.1.0OracleDB

AUDIT AND ACCOUNTABILITY

6.2.12 Ensure the 'CREATE DATABASE LINK' Action Audit Is EnabledCIS Oracle Server 18c DB Unified Auditing v1.1.0OracleDB

AUDIT AND ACCOUNTABILITY

6.2.15 Ensure the 'CREATE SYNONYM' Action Audit Is EnabledCIS Oracle Server 18c DB Unified Auditing v1.1.0OracleDB

AUDIT AND ACCOUNTABILITY

6.2.16 Ensure the 'ALTER SYNONYM' Action Audit Is EnabledCIS Oracle Server 18c DB Unified Auditing v1.1.0OracleDB

AUDIT AND ACCOUNTABILITY

6.2.18 Ensure the 'SELECT ANY DICTIONARY' Privilege Audit Is EnabledCIS Oracle Server 12c DB Unified Auditing v3.0.0OracleDB

AUDIT AND ACCOUNTABILITY

6.2.20 Ensure the 'CREATE PROCEDURE/FUNCTION/PACKAGE/PACKAGE BODY' Action Audit Is EnabledCIS Oracle Server 12c DB Unified Auditing v3.0.0OracleDB

AUDIT AND ACCOUNTABILITY

6.2.21 Ensure the 'ALTER PROCEDURE/FUNCTION/PACKAGE/PACKAGE BODY' Action Audit Is EnabledCIS Oracle Server 12c DB Unified Auditing v3.0.0OracleDB

AUDIT AND ACCOUNTABILITY

6.2.21 Ensure the 'ALTER PROCEDURE/FUNCTION/PACKAGE/PACKAGE BODY' Action Audit Is EnabledCIS Oracle Server 18c DB Unified Auditing v1.1.0OracleDB

AUDIT AND ACCOUNTABILITY

6.2.24 Ensure the 'CREATE TRIGGER' Action Audit Is EnabledCIS Oracle Server 18c DB Unified Auditing v1.1.0OracleDB

AUDIT AND ACCOUNTABILITY

6.11 Ensure the Audit Plugin Can't be UnloadedCIS MySQL 5.6 Enterprise Database L1 v2.0.0MySQLDB

AUDIT AND ACCOUNTABILITY

7.1.4 Ensure Audit is Enabled Within the InstanceCIS IBM DB2 11 v1.1.0 Windows OS Level 1Windows

AUDIT AND ACCOUNTABILITY

9.2 Configure a Logging File Channel - category configCIS BIND DNS v1.0.0 L1 Authoritative Name ServerUnix

AUDIT AND ACCOUNTABILITY

9.2 Configure a Logging File Channel - category dnssecCIS BIND DNS v1.0.0 L1 Caching Only Name ServerUnix

AUDIT AND ACCOUNTABILITY

9.2 Configure a Logging File Channel - category securityCIS BIND DNS v1.0.0 L1 Authoritative Name ServerUnix

AUDIT AND ACCOUNTABILITY

9.2 Configure a Logging File Channel - category xfer-outCIS BIND DNS v1.0.0 L1 Authoritative Name ServerUnix

AUDIT AND ACCOUNTABILITY

18.10.43.1 (L1) Ensure 'Allow auditing events in Microsoft Defender Application Guard' is set to 'Enabled'CIS Microsoft Windows 11 Stand-alone v3.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

18.10.43.1 (NG) Ensure 'Allow auditing events in Microsoft Defender Application Guard' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BL NGWindows

AUDIT AND ACCOUNTABILITY

20.2 Ensure 'Active Directory AdminSDHolder object is configured with proper audit settings' (STIG DC only)CIS Microsoft Windows Server 2019 STIG v2.0.0 STIG DCWindows

AUDIT AND ACCOUNTABILITY

20.3 Ensure 'Active Directory Domain Controllers Organizational Unit (OU) object have the proper access control permissions' (STIG DC only)CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

AUDIT AND ACCOUNTABILITY

20.5 Ensure 'Active Directory Domain object is configured with proper audit settings' (STIG DC only)CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

AUDIT AND ACCOUNTABILITY