Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.2 Ensure the Log Config Module Is EnabledCIS Apache HTTP Server 2.2 L2 v3.6.0Unix

AUDIT AND ACCOUNTABILITY

2.2.12 Ensure 'SEC_PROTOCOL_ERROR_TRACE_ACTION' Is Set to 'LOG'CIS Oracle Server 18c DB Unified Auditing v1.1.0OracleDB

AUDIT AND ACCOUNTABILITY

2.2.28 (L1) Ensure 'Generate security audits' is set to 'LOCAL SERVICE, NETWORK SERVICE'CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

3.1.2 Ensure the log destinations are set correctlyCIS PostgreSQL 9.6 DB v1.0.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.3 Ensure the logging collector is enabledCIS PostgreSQL 11 DB v1.0.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.4 Ensure the log file destination directory is set correctlyCIS PostgreSQL 10 DB v1.0.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.4 Ensure the log file destination directory is set correctlyCIS PostgreSQL 9.5 DB v1.1.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.10 Ensure the correct syslog facility is selectedCIS PostgreSQL 14 DB v 1.3.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.2 Ensure the PostgreSQL Audit Extension (pgAudit) is enabledCIS PostgreSQL 13 v1.3.0 L1 Database PostgreSQLDBPostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.2.1 Ensure that a minimal audit policy is createdCIS Red Hat OpenShift Container Platform v1.9.0 L1OpenShift

AUDIT AND ACCOUNTABILITY

3.2.4 Ensure suspicious packets are logged - 'net.ipv4.conf.default.log_martians = 1'CIS Distribution Independent Linux Workstation L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

3.2.4 Ensure suspicious packets are logged - sysctl net.ipv4.conf.all.log_martiansCIS Distribution Independent Linux Server L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

3.3.4 Ensure suspicious packets are logged - 'net.ipv4.conf.all.log_martians' (sysctl.conf/sysctl.d)CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0Unix

AUDIT AND ACCOUNTABILITY

3.3.4 Ensure suspicious packets are logged - 'net.ipv4.conf.default.log_martians = 1 /etc/sysctl.conf /etc/sysctl.d/*'CIS CentOS 6 Workstation L1 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

3.3.4 Ensure suspicious packets are logged - 'net.ipv4.conf.default.log_martians = 1 /sbin/sysctl'CIS CentOS 6 Server L1 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

3.3.4 Ensure suspicious packets are logged - 'net.ipv4.conf.default.log_martians' (sysctl.conf/sysctl.d)CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0Unix

AUDIT AND ACCOUNTABILITY

3.3.4 Ensure suspicious packets are logged - 'sysctl net.ipv4.conf.all.log_martians'CIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.1.1 Ensure auditd is installed - audit-libsCIS CentOS 6 Server L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.1.2 Ensure auditd service is enabledCIS Ubuntu Linux 18.04 LXD Host L2 Server v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.1.2 Ensure auditd service is enabledCIS Debian Family Server L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.1.2 Ensure auditd service is enabledCIS Debian Family Workstation L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.1.3 Ensure auditd service is enabledCIS Red Hat 6 Server L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.1.3 Ensure auditd service is enabledCIS Red Hat 6 Workstation L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.1.3 Ensure auditing for processes that start prior to auditd is enabledCIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.1.4 Ensure audit_backlog_limit is sufficientCIS CentOS Linux 8 Server L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.1.4 Ensure auditing for processes that start prior to auditd is enabledCIS Red Hat 6 Server L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.1.4 Ensure auditing for processes that start prior to auditd is enabledCIS Red Hat 6 Workstation L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.2 Ensure auditd service is enabledCIS Debian 9 Workstation L2 v1.0.1Unix

AUDIT AND ACCOUNTABILITY

4.1.3 Ensure auditing for processes that start prior to auditd is enabledCIS Debian 8 Server L2 v2.0.2Unix

AUDIT AND ACCOUNTABILITY

4.1.3.16 Ensure successful and unsuccessful attempts to use the setfacl command are recordedCIS CentOS Linux 8 Server L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.3.17 Ensure successful and unsuccessful attempts to use the chacl command are recordedCIS CentOS Linux 8 Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure auditing for processes that start prior to auditd is enabledCIS Distribution Independent Linux Server L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.17 Ensure the audit configuration is immutableCIS Debian Family Workstation L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.1.1 Ensure rsyslog is installedCIS CentOS 6 Workstation L1 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.1.2 Ensure rsyslog Service is enabledCIS CentOS 6 Workstation L1 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.2.2 Ensure logging is configuredCIS Debian 8 Server L1 v2.0.2Unix

AUDIT AND ACCOUNTABILITY

5.2.1.2 Ensure auditing for processes that start prior to auditd is enabledCIS Red Hat Enterprise Linux 7 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

5.2.1.2 Ensure auditing for processes that start prior to auditd is enabledCIS Amazon Linux 2023 v1.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

5.2.1.2 Ensure auditing for processes that start prior to auditd is enabledCIS CentOS Linux 7 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

5.2.1.3 Ensure audit_backlog_limit is sufficientCIS Amazon Linux 2023 v1.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

5.2.1.3 Ensure audit_backlog_limit is sufficientCIS CentOS Linux 7 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

5.2.3.16 Ensure successful and unsuccessful attempts to use the setfacl command are recordedCIS CentOS Linux 7 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

5.2.3.18 Ensure successful and unsuccessful attempts to use the usermod command are recordedCIS CentOS Linux 7 v4.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.2.5 Ensure SSH LogLevel is appropriateCIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0Unix

AUDIT AND ACCOUNTABILITY

6.1.1 Configuring syslog - local logging - /var/adm/authlogCIS IBM AIX 7.1 L1 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

6.1.4 Ensure the 'PROFILE' Audit Option Is EnabledCIS Oracle Server 18c DB Traditional Auditing v1.1.0OracleDB

AUDIT AND ACCOUNTABILITY

6.2.20 Ensure the 'CREATE PROCEDURE/FUNCTION/PACKAGE/PACKAGE BODY' Action Audit Is EnabledCIS Oracle Server 18c DB Unified Auditing v1.1.0OracleDB

AUDIT AND ACCOUNTABILITY

6.3.1.2 Ensure auditing for processes that start prior to auditd is enabledCIS SUSE Linux Enterprise 15 v2.0.1 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.4 Ensure Audit Logging Is EnabledCIS MariaDB 10.11 v1.0.0 L2 MariaDB RDBMS MySQLDBMySQLDB

AUDIT AND ACCOUNTABILITY

18.10.43.1 Ensure 'Allow auditing events in Microsoft Defender Application Guard' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v5.0.1 L1 BLWindows

AUDIT AND ACCOUNTABILITY