Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.1.1 - Configuring syslog - local logging - '/var/adm/syslog exists'CIS AIX 5.3/6.1 L2 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

2.12 Ensure centralized and remote logging is configuredCIS Docker Community Edition v1.1.0 L2 DockerUnix

AUDIT AND ACCOUNTABILITY

4.2.1.3 Ensure rsyslog default file permissions configuredCIS Amazon Linux v2.1.0 L1Unix

AUDIT AND ACCOUNTABILITY

4.2.1.4 Ensure rsyslog is configured to send logs to a remote log host - rsyslog.confCIS Amazon Linux v2.1.0 L1Unix

AUDIT AND ACCOUNTABILITY

4.2.1.4 Ensure rsyslog is configured to send logs to a remote log host - rsyslog.conf/rsyslogd.CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

4.2.1.5 Ensure remote rsyslog messages are only accepted on designated log hosts. - $InputTCPServerRunCIS Aliyun Linux 2 L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.2.1 Ensure journald is configured to send logs to rsyslogCIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.2.1 Ensure journald is configured to send logs to rsyslogCIS Fedora 19 Family Linux Server L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.2.1 Ensure journald is configured to send logs to rsyslogCIS Debian Family Server L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.2.1 Ensure journald is configured to send logs to rsyslogCIS Debian Family Workstation L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.2.1 Ensure journald is configured to send logs to rsyslogCIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.2.1 Ensure journald is configured to send logs to rsyslogCIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.2.1 Ensure journald is configured to send logs to rsyslogCIS Distribution Independent Linux Workstation L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.2.1 Ensure journald is configured to send logs to rsyslogCIS Distribution Independent Linux Server L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.2.4 Ensure syslog-ng is configured to send logs to a remote log host - 'destination logserver'CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

4.2.2.4 Ensure syslog-ng is configured to send logs to a remote log host - 'destination logserver'CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

4.2.2.4 Ensure syslog-ng is configured to send logs to a remote log host - 'log'CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

4.2.2.4 Ensure syslog-ng is configured to send logs to a remote log host - destination logserverCIS Amazon Linux v2.1.0 L1Unix

AUDIT AND ACCOUNTABILITY

4.2.2.4 Ensure syslog-ng is configured to send logs to a remote log host - log srcCIS Amazon Linux v2.1.0 L1Unix

AUDIT AND ACCOUNTABILITY

4.2.2.5 Ensure remote syslog-ng messages are only accepted on designated log hostsCIS Amazon Linux v2.1.0 L1Unix

AUDIT AND ACCOUNTABILITY

4.2.3.4 Ensure syslog-ng is configured to send logs to a remote log host - destination logserverCIS Amazon Linux 2 STIG v1.0.0 L1Unix

AUDIT AND ACCOUNTABILITY

6.1.1 Ensure Accounting Destination is configuredCIS Juniper OS Benchmark v2.1.0 L1Juniper

AUDIT AND ACCOUNTABILITY

6.12.1 Ensure External SYSLOG Host is Set with Any Facility and Informational SeverityCIS Juniper OS Benchmark v2.1.0 L1Juniper

AUDIT AND ACCOUNTABILITY

6.12.2 Ensure At Least 2 External SYSLOG Hosts are Set with Any/InfoCIS Juniper OS Benchmark v2.1.0 L2Juniper

AUDIT AND ACCOUNTABILITY

8.3 Configure a Logging syslog Channel - syslogCIS BIND DNS v3.0.1 Authoritative Name ServerUnix

AUDIT AND ACCOUNTABILITY

8.3 Configure a Logging syslog Channel - syslogCIS BIND DNS v3.0.1 Caching Only Name ServerUnix

AUDIT AND ACCOUNTABILITY

9.1.5 (L1) Ensure 'Windows Firewall: Domain: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\domainfw.log'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

AUDIT AND ACCOUNTABILITY

9.1.6 (L1) Ensure 'Windows Firewall: Domain: Logging: Size limit (KB)' is set to '16,384 KB or greater'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

AUDIT AND ACCOUNTABILITY

9.1.6 Ensure 'Windows Firewall: Domain: Logging: Size limit (KB)' is set to '16,384 KB or greater'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

AUDIT AND ACCOUNTABILITY

9.1.7 (L1) Ensure 'Windows Firewall: Domain: Logging: Log dropped packets' is set to 'Yes'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

AUDIT AND ACCOUNTABILITY

9.1.8 (L1) Ensure 'Windows Firewall: Domain: Logging: Log successful connections' is set to 'Yes'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

AUDIT AND ACCOUNTABILITY

9.2.5 (L1) Ensure 'Windows Firewall: Private: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\privatefw.log'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

AUDIT AND ACCOUNTABILITY

9.2.6 (L1) Ensure 'Windows Firewall: Private: Logging: Size limit (KB)' is set to '16,384 KB or greater'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

AUDIT AND ACCOUNTABILITY

9.2.6 Ensure 'Windows Firewall: Private: Logging: Size limit (KB)' is set to '16,384 KB or greater'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

AUDIT AND ACCOUNTABILITY

9.2.7 (L1) Ensure 'Windows Firewall: Private: Logging: Log dropped packets' is set to 'Yes'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

AUDIT AND ACCOUNTABILITY

9.2.8 (L1) Ensure 'Windows Firewall: Private: Logging: Log successful connections' is set to 'Yes'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

AUDIT AND ACCOUNTABILITY

9.3.8 (L1) Ensure 'Windows Firewall: Public: Logging: Size limit (KB)' is set to '16,384 KB or greater'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

AUDIT AND ACCOUNTABILITY

9.3.8 Ensure 'Windows Firewall: Public: Logging: Size limit (KB)' is set to '16,384 KB or greater'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

AUDIT AND ACCOUNTABILITY

9.3.10 (L1) Ensure 'Windows Firewall: Public: Logging: Log successful connections' is set to 'Yes'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

AUDIT AND ACCOUNTABILITY

17.9.1 (L1) Ensure 'Audit IPsec Driver' is set to 'Success and Failure'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

AUDIT AND ACCOUNTABILITY

17.9.3 (L1) Ensure 'Audit Security State Change' is set to include 'Success'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

AUDIT AND ACCOUNTABILITY

17.9.4 (L1) Ensure 'Audit Security System Extension' is set to include 'Success'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

AUDIT AND ACCOUNTABILITY

17.9.5 (L1) Ensure 'Audit System Integrity' is set to 'Success and Failure'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

AUDIT AND ACCOUNTABILITY

18.4.13 (L1) Ensure 'MSS: (WarningLevel) Percentage threshold for the security event log at which the system will generate a warning' is set to 'Enabled: 90% or less'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

AUDIT AND ACCOUNTABILITY

18.9.81.2.1 Ensure 'Configure Default consent' is set to 'Enabled: Always ask before sending data'CIS Windows 7 Workstation Level 1 v3.2.0Windows

AUDIT AND ACCOUNTABILITY

18.9.81.2.1 Ensure 'Configure Default consent' is set to 'Enabled: Always ask before sending data'CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0Windows

AUDIT AND ACCOUNTABILITY

Ensure remote syslog-ng messages are only accepted on designated log hostsTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure rsyslog is configured to send logs to a remote log hostTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure syslog-ng is configured to send logs to a remote log hostTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure syslog-ng is configured to send logs to a remote log host - log srcTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY