Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.1.13 Ensure malware trends are reviewed at least weeklyCIS Microsoft 365 Foundations E3 L1 v3.1.0microsoft_azure

AUDIT AND ACCOUNTABILITY

2.2 Ensure the Log Config Module Is EnabledCIS Apache HTTP Server 2.4 L1 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

4.1.1.2 Ensure auditd service is enabledCIS CentOS Linux 8 Server L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.1.1 Ensure rsyslog service is enabledCIS Debian 9 Workstation L1 v1.0.1Unix

AUDIT AND ACCOUNTABILITY

4.2.1.2 Ensure logging is configuredCIS Debian 9 Server L1 v1.0.1Unix

AUDIT AND ACCOUNTABILITY

4.2.1.4 Ensure rsyslog is configured to send logs to a remote log hostCIS Debian 8 Workstation L1 v2.0.2Unix

AUDIT AND ACCOUNTABILITY

4.2.1.5 Ensure logging is configuredCIS CentOS Linux 8 Server L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.1.6 Ensure rsyslog is configured to send logs to a remote log hostCIS Debian Family Workstation L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.2.1.1 Ensure systemd-journal-remote is installedCIS CentOS Linux 8 Server L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.2.1.3 Ensure systemd-journal-remote is enabledCIS CentOS Linux 8 Server L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.2.2 Ensure journald service is enabledCIS CentOS Linux 8 Workstation L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.2.4 Ensure journald is configured to write logfiles to persistent diskCIS CentOS Linux 8 Server L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

5.1.1.1 Ensure rsyslog is installedCIS AlmaLinux OS 8 Workstation L1 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

5.1.1.1.2 Ensure systemd-journal-remote is configuredCIS Debian 10 Server L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

5.1.1.2 Ensure rsyslog service is enabledCIS AlmaLinux OS 8 Server L1 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

5.1.1.5 Ensure logging is configuredCIS CentOS Linux 7 v4.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.1.2.1.1 Ensure systemd-journal-remote is installedCIS CentOS Linux 7 v4.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

5.1.2.1.1 Ensure systemd-journal-remote is installedCIS CentOS Linux 7 v4.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.1.2.1.2 Ensure systemd-journal-remote is configuredCIS Amazon Linux 2 v3.0.0 L1Unix

AUDIT AND ACCOUNTABILITY

5.1.2.1.2 Ensure systemd-journal-remote is configuredCIS AlmaLinux OS 8 Workstation L1 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

5.1.2.1.3 Ensure systemd-journal-remote is enabledCIS AlmaLinux OS 8 Server L1 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

5.1.2.2 Ensure rsyslog service is enabledCIS Debian 10 Workstation L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

5.1.2.4 Ensure journald is configured to write logfiles to persistent diskCIS CentOS Linux 7 v4.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

5.1.2.6 Ensure journald log rotation is configured per site policyCIS Amazon Linux 2023 Server L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

5.1.15 Ensure sshd LogLevel is configuredCIS AlmaLinux OS 9 v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

5.1.15 Ensure sshd LogLevel is configuredCIS AlmaLinux OS 9 v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.2.1.2 Ensure auditd service is enabled and activeCIS Debian 10 Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

5.2.1.4 Ensure auditd service is enabledCIS CentOS Linux 7 v4.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.2.1.4 Ensure auditd service is enabledCIS AlmaLinux OS 8 Server L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

5.2.2.4 Ensure system warns when audit logs are low on spaceCIS CentOS Linux 7 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

5.2.2.4 Ensure system warns when audit logs are low on spaceCIS CentOS Linux 7 v4.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.2.2.4 Ensure system warns when audit logs are low on spaceCIS Amazon Linux 2 v3.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

6.1 Ensure the Error Log Filename and Severity Level Are Configured Correctly - 'httpd.conf <VirtualHost> ErrorLog is configured'CIS Apache HTTP Server 2.4 L1 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

6.1 Ensure the Error Log Filename and Severity Level Are Configured Correctly - VirtualHostCIS Apache HTTP Server 2.4 L1 v2.1.0 MiddlewareUnix

AUDIT AND ACCOUNTABILITY

6.1.3.2 Ensure rsyslog service is enabled and activeCIS Debian Linux 12 v1.1.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.1.3.5 Ensure rsyslog logging is configuredCIS Debian Linux 12 v1.1.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.1.3.5 Ensure rsyslog logging is configuredCIS Debian Linux 12 v1.1.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2 Ensure a Syslog Facility Is Configured for Error Logging - 'Main'CIS Apache HTTP Server 2.4 L2 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

6.2.1.1.1 Ensure journald service is enabled and activeCIS Debian Linux 11 v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.1.2 Ensure auditd service is enabled and activeCIS Debian Linux 12 v1.1.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.1.2.2 Ensure systemd-journal-remote authentication is configuredCIS Debian Linux 11 v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.1.2.3 Ensure systemd-journal-upload is enabled and activeCIS Debian Linux 11 v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.1.3 Ensure journald log file rotation is configuredCIS AlmaLinux OS 9 v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.2.1.2 Ensure systemd-journal-upload authentication is configuredCIS AlmaLinux OS 9 v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.3.2 Ensure rsyslog service is enabled and activeCIS AlmaLinux OS 9 v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.3.5 Ensure rsyslog logging is configuredCIS AlmaLinux OS 9 v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.4.1.2 Ensure auditd service is enabled and activeCIS Debian Linux 11 v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.4.1.4 Ensure audit_backlog_limit is sufficientCIS Debian Linux 11 v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.4.2.3 Ensure system is disabled when audit logs are fullCIS Debian Linux 11 v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

35.13 (L1) Ensure 'Enable Private Network Firewall: Log File Path' is set to '%SystemRoot%\System32\logfiles\firewall\privatefw.log'CIS Microsoft Intune for Windows 11 v3.0.1 L1Windows

AUDIT AND ACCOUNTABILITY