Item Search

Name	Audit Name	Plugin	Category
2.3.9.4 Ensure 'Microsoft network server: Disconnect clients when logon hours expire' is set to 'Enabled'	CIS Microsoft Windows 8.1 v2.4.1 L1	Windows	ACCESS CONTROL
2.3.11.6 Ensure 'Network security: Force logoff when logon hours expire' is set to 'Enabled'	CIS Microsoft Windows 8.1 v2.4.1 L1	Windows	ACCESS CONTROL
4.1.7 Ensure login and logout events are collected - auditctl /var/log/lastlog	CIS CentOS 6 Server L2 v3.0.0	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.7 Ensure login and logout events are collected - auditctl /var/run/faillock/	CIS CentOS 6 Workstation L2 v3.0.0	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.7 Ensure login and logout events are collected - auditctl lastlog	CIS Debian Family Workstation L2 v1.0.0	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.7 Ensure login and logout events are collected - faillog	CIS Debian Family Workstation L2 v1.0.0	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.7 Ensure login and logout events are collected - lastlog	CIS Debian Family Workstation L2 v1.0.0	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.8 Ensure session initiation information is collected - /var/run/utmp	CIS Debian Family Workstation L2 v1.0.0	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.8 Ensure session initiation information is collected - auditctl /var/log/btmp	CIS CentOS 6 Server L2 v3.0.0	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.8 Ensure session initiation information is collected - auditctl /var/log/btmp	CIS Debian Family Server L2 v1.0.0	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.8 Ensure session initiation information is collected - auditctl /var/log/btmp	CIS Debian Family Workstation L2 v1.0.0	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.8 Ensure session initiation information is collected - auditctl /var/run/utmp	CIS CentOS 6 Workstation L2 v3.0.0	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.8 Ensure session initiation information is collected - rules.d /var/run/utmp	CIS CentOS 6 Workstation L2 v3.0.0	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.9 Ensure session initiation information is collected - /var/log/btmp	CIS Aliyun Linux 2 L2 v1.0.0	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.9 Ensure session initiation information is collected - /var/run/utmp	CIS Debian 9 Server L2 v1.0.1	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.9 Ensure session initiation information is collected - auditctl /var/log/btmp	CIS Debian 9 Server L2 v1.0.1	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.2.16 Ensure sshd MaxAuthTries is configured	CIS CentOS Linux 7 v4.0.0 L1 Server	Unix	AUDIT AND ACCOUNTABILITY
5.1.7 Ensure SSH MaxAuthTries is set to 4 or less	CIS Google Container-Optimized OS v1.2.0 L2 Server	Unix	AUDIT AND ACCOUNTABILITY
5.1.18 Ensure sshd MaxAuthTries is configured	CIS Rocky Linux 8 v3.0.0 L1 Server	Unix	AUDIT AND ACCOUNTABILITY
5.2.2.6 (L1) Enable Identity Protection user risk policies	CIS Microsoft 365 Foundations v6.0.1 L1 E5	microsoft_azure	SYSTEM AND INFORMATION INTEGRITY
5.2.2.7 (L1) Enable Identity Protection sign-in risk policies	CIS Microsoft 365 Foundations v6.0.1 L1 E5	microsoft_azure	SYSTEM AND INFORMATION INTEGRITY
5.3 Ensure 'Login Auditing' is set to 'failed logins'	CIS Microsoft SQL Server 2019 v1.5.2 L1 Database Engine	MS_SQLDB	AUDIT AND ACCOUNTABILITY
5.3 Ensure 'Login Auditing' is set to 'failed logins'	CIS Microsoft SQL Server 2025 v1.0.0 L1 Database Engine MS_SQLDB	MS_SQLDB	AUDIT AND ACCOUNTABILITY
5.3 Ensure 'Login Auditing' is set to 'failed logins'	CIS SQL Server 2016 Database L1 AWS RDS v1.4.0	MS_SQLDB	AUDIT AND ACCOUNTABILITY
5.3 Ensure 'Login Auditing' is set to 'failed logins'	CIS SQL Server 2016 Database L1 DB v1.4.0	MS_SQLDB	AUDIT AND ACCOUNTABILITY
5.3 Ensure 'Login Auditing' is set to 'failed logins'	CIS SQL Server 2017 Database L1 AWS RDS v1.3.0	MS_SQLDB	AUDIT AND ACCOUNTABILITY
5.3 Ensure 'Login Auditing' is set to 'failed logins'	CIS SQL Server 2017 Database L1 DB v1.3.0	MS_SQLDB	AUDIT AND ACCOUNTABILITY
5.3 Ensure 'Login Auditing' is set to 'failed logins'	CIS Microsoft SQL Server 2025 v1.0.0 L1 AWS RDS MS_SQLDB	MS_SQLDB	AUDIT AND ACCOUNTABILITY
5.3 Ensure 'Login Auditing' is set to 'failed logins'	CIS Microsoft SQL Server 2019 v1.5.2 L1 AWS RDS	MS_SQLDB	AUDIT AND ACCOUNTABILITY
5.3 Ensure 'Login Auditing' is set to 'failed logins'	CIS Microsoft SQL Server 2022 v1.2.1 L1 AWS RDS	MS_SQLDB	AUDIT AND ACCOUNTABILITY
5.3 Ensure 'Login Auditing' is set to 'failed logins'	CIS Microsoft SQL Server 2022 v1.2.1 L1 Database Engine	MS_SQLDB	AUDIT AND ACCOUNTABILITY
5.3.9 Collect Login and Logout Events - /var/log/btmp	CIS Red Hat Enterprise Linux 5 L2 v2.2.1	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
5.3.9 Collect Login and Logout Events - /var/log/faillog	CIS Red Hat Enterprise Linux 5 L2 v2.2.1	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
5.3.9 Collect Login and Logout Events - /var/log/lastlog	CIS Red Hat Enterprise Linux 5 L2 v2.2.1	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
5.3.9 Collect Login and Logout Events - /var/log/tallylog	CIS Red Hat Enterprise Linux 5 L2 v2.2.1	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
5.3.10 Collect Session Initiation Information - /var/log/wtmp	CIS Red Hat Enterprise Linux 5 L2 v2.2.1	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
5.3.10 Collect Session Initiation Information - /var/run/utmp	CIS Red Hat Enterprise Linux 5 L2 v2.2.1	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
6.2.3.12 Ensure login and logout events are collected	CIS Amazon Linux 2 v4.0.0 L2 Server	Unix	AUDIT AND ACCOUNTABILITY
6.3.3.12 Ensure login and logout events are collected	CIS Red Hat Enterprise Linux 8 v4.0.0 L2 Workstation	Unix	AUDIT AND ACCOUNTABILITY
6.3.3.12 Ensure login and logout events are collected	CIS AlmaLinux OS 8 v4.0.0 L2 Workstation	Unix	AUDIT AND ACCOUNTABILITY
6.3.3.12 Ensure login and logout events are collected	CIS Oracle Linux 8 v4.0.0 L2 Workstation	Unix	AUDIT AND ACCOUNTABILITY
6.3.3.12 Ensure login and logout events are collected	CIS Rocky Linux 8 v3.0.0 L2 Workstation	Unix	AUDIT AND ACCOUNTABILITY
6.3.3.12 Ensure login and logout events are collected	CIS AlmaLinux OS 8 v4.0.0 L2 Server	Unix	AUDIT AND ACCOUNTABILITY
6.3.3.12 Ensure login and logout events are collected	CIS Oracle Linux 8 v4.0.0 L2 Server	Unix	AUDIT AND ACCOUNTABILITY
6.3.3.23 Ensure login and logout events are collected	CIS Oracle Linux 10 v1.0.0 L2 Workstation	Unix	AUDIT AND ACCOUNTABILITY
6.3.3.23 Ensure login and logout events are collected	CIS AlmaLinux OS 10 v1.0.0 L2 Server	Unix	AUDIT AND ACCOUNTABILITY
6.3.3.23 Ensure login and logout events are collected	CIS Oracle Linux 10 v1.0.0 L2 Server	Unix	AUDIT AND ACCOUNTABILITY
6.3.3.23 Ensure login and logout events are collected	CIS AlmaLinux OS 10 v1.0.0 L2 Workstation	Unix	AUDIT AND ACCOUNTABILITY
6.3.3.23 Ensure login and logout events are collected	CIS Red Hat Enterprise Linux 10 v1.0.1 L2 Workstation	Unix	AUDIT AND ACCOUNTABILITY
6.3.3.23 Ensure login and logout events are collected	CIS Red Hat Enterprise Linux 10 v1.0.1 L2 Server	Unix	AUDIT AND ACCOUNTABILITY

Detections

Analytics

Item Search