| 1.1.3.2.2 Enable 'Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.1.14 Ensure that the --audit-log-path argument is set as appropriate | CIS Kubernetes 1.8 Benchmark v1.2.0 L1 | Unix | AUDIT AND ACCOUNTABILITY |
| 1.5 Ensure auditing is configured for the docker daemon | CIS Docker Community Edition v1.1.0 L1 Linux Host OS | Unix | AUDIT AND ACCOUNTABILITY |
| 2.3.2.1 Ensure 'Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings' is set to 'Enabled' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 2.3.2.1 Ensure 'Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings' is set to 'Enabled' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 4.1.2 Ensure auditd service is enabled | CIS Amazon Linux v2.1.0 L2 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.3 Ensure auditing for processes that start prior to auditd is enabled - '/boot/grub/grub.cfg' | CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3 Ensure auditing for processes that start prior to auditd is enabled - '/etc/default/grub' | CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3 Ensure auditing for processes that start prior to auditd is enabled - '/etc/default/grub' | CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.1 Ensure rsyslog Service is enabled | CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.1 Ensure rsyslog Service is enabled | CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.2 Ensure logging is configured - '*.*;mail.none;news.none -/var/log/messages' | CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.2 Ensure logging is configured - '*.*;mail.none;news.none -/var/log/messages' | CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.2 Ensure logging is configured - '*.crit /var/log/warn' | CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.2 Ensure logging is configured - 'local2,local3.* -/var/log/localmessages' | CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.2 Ensure logging is configured - 'local4,local5.* -/var/log/localmessages' | CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.2 Ensure logging is configured - 'mail.* -/var/log/mail' | CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.2 Ensure logging is configured - 'mail.err /var/log/mail.err' | CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.2 Ensure logging is configured - 'mail.info -/var/log/mail.info' | CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.2 Ensure logging is configured - 'mail.warning -/var/log/mail.warn' | CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.2 Ensure logging is configured - 'mail.warning -/var/log/mail.warn' | CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.2 Ensure logging is configured - 'news.crit -/var/log/news/news.crit' | CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.2 Ensure logging is configured - 'news.err -/var/log/news/news.err' | CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.2 Ensure logging is configured - 'news.notice -/var/log/news/news.notice' | CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.2.1 Ensure syslog-ng service is enabled | CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.2.3 Ensure rsyslog or syslog-ng is installed | CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.3 Ensure rsyslog or syslog-ng is installed | CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1 Ensure that system activity is audited | CIS MongoDB 3.4 L1 Windows Audit v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 5.2 Ensure that audit filters are configured properly | CIS MongoDB 3.2 L1 Windows Audit v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 5.2 Ensure that audit filters are configured properly | CIS MongoDB 3.4 L1 Unix Audit v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.3 Ensure that logging captures as much information as possible | CIS MongoDB 3.4 L2 Windows Audit v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 8.2 Configure a Logging File Channel - category network | CIS BIND DNS v3.0.1 Authoritative Name Server | Unix | AUDIT AND ACCOUNTABILITY |
| 8.2 Configure a Logging File Channel - category network | CIS BIND DNS v3.0.1 Caching Only Name Server | Unix | AUDIT AND ACCOUNTABILITY |
| 8.2 Configure a Logging File Channel - category security | CIS BIND DNS v3.0.1 Caching Only Name Server | Unix | AUDIT AND ACCOUNTABILITY |
| 8.2 Configure a Logging File Channel - category update | CIS BIND DNS v3.0.1 Authoritative Name Server | Unix | AUDIT AND ACCOUNTABILITY |
| 8.2 Configure a Logging File Channel - category update | CIS BIND DNS v3.0.1 Caching Only Name Server | Unix | AUDIT AND ACCOUNTABILITY |
| 8.2 Configure a Logging File Channel - logging section | CIS BIND DNS v3.0.1 Caching Only Name Server | Unix | AUDIT AND ACCOUNTABILITY |
| 9.3.9 Ensure 'Windows Firewall: Public: Logging: Log dropped packets' is set to 'Yes' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 9.3.9 Ensure 'Windows Firewall: Public: Logging: Log dropped packets' is set to 'Yes' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 9.3.10 Ensure 'Windows Firewall: Public: Logging: Log successful connections' is set to 'Yes' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings | MSCT Windows Server v1909 MS v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings | MSCT Windows Server 2016 DC v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings | MSCT Windows Server 2019 MS v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Ensure rsyslog or syslog-ng is installed | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY |
| Windows Defender Firewall: Allow logging - Domain Profile - LogDroppedPackets | MSCT Windows 10 1909 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Windows Defender Firewall: Allow logging - Domain Profile - LogSuccessfulConnections | MSCT Windows 10 1903 v1.19.9 | Windows | AUDIT AND ACCOUNTABILITY |
| Windows Defender Firewall: Allow logging - Domain Profile - LogSuccessfulConnections | MSCT Windows 10 v2004 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Windows Defender Firewall: Allow logging - LogSuccessfulConnections - Domain Profile | MSCT Windows 10 1809 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Windows Firewall: Allow logging - LogSuccessfulConnections - Domain Profile | MSCT Windows 10 v1507 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
