Item Search

Name	Audit Name	Plugin	Category
Big Sur - Configure the System to Notify upon Account Enabled Actions	NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate	Unix	ACCESS CONTROL
Big Sur - Configure the System to Notify upon Account Enabled Actions	NIST macOS Big Sur v1.4.0 - All Profiles	Unix	ACCESS CONTROL
Big Sur - Configure the System to Notify upon Account Modified Actions	NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate	Unix	ACCESS CONTROL
Big Sur - Configure the System to Notify upon Account Modified Actions	NIST macOS Big Sur v1.4.0 - CNSSI 1253	Unix	ACCESS CONTROL
CASA-ND-000100 - The Cisco ASA must be configured to automatically audit account modification - Buffer Enabled	DISA STIG Cisco ASA NDM v2r1	Cisco	ACCESS CONTROL
CASA-ND-000120 - The Cisco ASA must be configured to automatically audit account removal actions - Buffer Enabled	DISA STIG Cisco ASA NDM v2r1	Cisco	ACCESS CONTROL
Catalina - Configure the System to Notify upon Account Created Actions	NIST macOS Catalina v1.5.0 - 800-53r4 High	Unix	ACCESS CONTROL
Catalina - Configure the System to Notify upon Account Disabled Actions	NIST macOS Catalina v1.5.0 - CNSSI 1253	Unix	ACCESS CONTROL
Catalina - Configure the System to Notify upon Account Modified Actions	NIST macOS Catalina v1.5.0 - 800-53r4 Moderate	Unix	ACCESS CONTROL
Catalina - Configure the System to Notify upon Account Modified Actions	NIST macOS Catalina v1.5.0 - CNSSI 1253	Unix	ACCESS CONTROL
GEN002750 - The audit system must be configured to audit account creation - '/etc/security/audit/config USER_Create exists'	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN002750 - The audit system must be configured to audit account creation - '/etc/security/audit/events USER_Create exists'	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN002750 - The audit system must be configured to audit account creation - 'User audit class assignments should be reviewed'	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN002751 - The audit system must be configured to audit account modification - '/etc/security/audit/config USER_Change exists'	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN002751 - The audit system must be configured to audit account modification - '/etc/security/audit/events USER_Change exists'	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN002751 - The audit system must be configured to audit account modification - 'User audit class assignments should be reviewed'	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN002752 - The audit system must be configured to audit account disabling - '/etc/security/audit/config USER_Change exists'	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN002752 - The audit system must be configured to audit account disabling - '/etc/security/audit/config USER_Locked exists'	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN002752 - The audit system must be configured to audit account disabling - '/etc/security/audit/events USER_Change exists'	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN002752 - The audit system must be configured to audit account disabling - 'User audit class assignments should be reviewed'	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN002753 - The audit system must be configured to audit account termination - '/etc/security/audit/config USER_Remove exists'	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN002753 - The audit system must be configured to audit account termination - '/etc/security/audit/events USER_Remove exists'	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
GEN002753 - The audit system must be configured to audit account termination - 'User audit class assignments should be reviewed'	DISA STIG AIX 5.3 v1r2	Unix	ACCESS CONTROL
Monterey - Configure the System to Notify upon Account Enabled Actions	NIST macOS Monterey v1.0.0 - CNSSI 1253	Unix	ACCESS CONTROL
Monterey - Configure the System to Notify upon Account Modified Actions	NIST macOS Monterey v1.0.0 - CNSSI 1253	Unix	ACCESS CONTROL
PHTN-30-000001 - The Photon operating system must audit all account creations.	DISA STIG VMware vSphere 7.0 Photon OS v1r3	Unix	ACCESS CONTROL
PHTN-30-000042 - The Photon operating system must audit all account modifications.	DISA STIG VMware vSphere 7.0 Photon OS v1r3	Unix	ACCESS CONTROL
PHTN-30-000044 - The Photon operating system must audit all account disabling actions.	DISA STIG VMware vSphere 7.0 Photon OS v1r3	Unix	ACCESS CONTROL
PHTN-40-000076 The Photon operating system must audit all account modifications.	DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1	Unix	ACCESS CONTROL
PHTN-67-000001 - The Photon operating system must audit all account creations - useradd	DISA STIG VMware vSphere 6.7 Photon OS v1r6	Unix	ACCESS CONTROL
PHTN-67-000046 - The Photon operating system must audit all account disabling actions.	DISA STIG VMware vSphere 6.7 Photon OS v1r6	Unix	ACCESS CONTROL
PHTN-67-000047 - The Photon operating system must audit all account removal actions - groupdel	DISA STIG VMware vSphere 6.7 Photon OS v1r6	Unix	ACCESS CONTROL
PHTN-67-000047 - The Photon operating system must audit all account removal actions - userdel	DISA STIG VMware vSphere 6.7 Photon OS v1r6	Unix	ACCESS CONTROL
SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 15'	DISA STIG SQL Server 2012 DB Instance Security v1r20	MS_SQLDB	ACCESS CONTROL
SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 104'	DISA STIG SQL Server 2012 DB Instance Security v1r20	MS_SQLDB	ACCESS CONTROL
SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 106'	DISA STIG SQL Server 2012 DB Instance Security v1r20	MS_SQLDB	ACCESS CONTROL
SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 113'	DISA STIG SQL Server 2012 DB Instance Security v1r20	MS_SQLDB	ACCESS CONTROL
SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 116'	DISA STIG SQL Server 2012 DB Instance Security v1r20	MS_SQLDB	ACCESS CONTROL
SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 117'	DISA STIG SQL Server 2012 DB Instance Security v1r20	MS_SQLDB	ACCESS CONTROL
SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 132'	DISA STIG SQL Server 2012 DB Instance Security v1r20	MS_SQLDB	ACCESS CONTROL
SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 133'	DISA STIG SQL Server 2012 DB Instance Security v1r20	MS_SQLDB	ACCESS CONTROL
SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 171'	DISA STIG SQL Server 2012 DB Instance Security v1r20	MS_SQLDB	ACCESS CONTROL
SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 172'	DISA STIG SQL Server 2012 DB Instance Security v1r20	MS_SQLDB	ACCESS CONTROL
SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 176'	DISA STIG SQL Server 2012 DB Instance Security v1r20	MS_SQLDB	ACCESS CONTROL
SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 178'	DISA STIG SQL Server 2012 DB Instance Security v1r20	MS_SQLDB	ACCESS CONTROL
SQL2-00-023300 - SQL Server must notify appropriate individuals when accounts are modified - 'Event ID 20'	DISA STIG SQL Server 2012 DB Instance Security v1r20	MS_SQLDB	ACCESS CONTROL
SQL2-00-023300 - SQL Server must notify appropriate individuals when accounts are modified - 'Event ID 102'	DISA STIG SQL Server 2012 DB Instance Security v1r20	MS_SQLDB	ACCESS CONTROL
SQL2-00-023300 - SQL Server must notify appropriate individuals when accounts are modified - 'Event ID 105'	DISA STIG SQL Server 2012 DB Instance Security v1r20	MS_SQLDB	ACCESS CONTROL
SQL2-00-023300 - SQL Server must notify appropriate individuals when accounts are modified - 'Event ID 109'	DISA STIG SQL Server 2012 DB Instance Security v1r20	MS_SQLDB	ACCESS CONTROL
WN11-AU-000040 - The system must be configured to audit Account Management - User Account Management successes.	DISA Windows 11 STIG v2r2	Windows	ACCESS CONTROL

Detections

Analytics

Item Search