Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.2 Ensure monitoring and alerting exist for MANAGE GRANTS privilege grantsCIS Snowflake Foundations v1.0.0 L1Snowflake

AUDIT AND ACCOUNTABILITY

2.4 Ensure monitoring and alerting exist for password sign-in without MFACIS Snowflake Foundations v1.0.0 L1Snowflake

AUDIT AND ACCOUNTABILITY

2.6 Ensure monitoring and alerting exist for changes to network policies and associated objectsCIS Snowflake Foundations v1.0.0 L1Snowflake

AUDIT AND ACCOUNTABILITY

2.8 Ensure monitoring and alerting exists for new share exposuresCIS Snowflake Foundations v1.0.0 L1Snowflake

AUDIT AND ACCOUNTABILITY

4.1.1.1 Ensure auditd is installedCIS SUSE Linux Enterprise 15 Server L2 v1.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.1.1 Ensure auditd is installed - auditCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.1.1.3 Ensure auditing for processes that start prior to auditd is enabledCIS SUSE Linux Enterprise 15 Workstation L2 v1.1.1Unix

AUDIT AND ACCOUNTABILITY

4.2.1.1 Ensure rsyslog is installedCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

4.2.1.1 Ensure rsyslog Service is enabled - /etc/sysconfig/syslogCIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.2.1.2 Ensure logging is configuredCIS SUSE Linux Enterprise Server 11 L1 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.2.1.2 Ensure rsyslog service is enabledCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

4.2.1.2 Ensure rsyslog Service is enabled and runningCIS SUSE Linux Enterprise 15 Workstation L1 v1.1.1Unix

AUDIT AND ACCOUNTABILITY

4.2.2.3 Ensure journald is configured to write logfiles to persistent diskCIS SUSE Linux Enterprise 12 v3.1.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

4.2.2.4 Ensure syslog-ng is configured to send logs to a remote log hostCIS SUSE Linux Enterprise Server 11 L1 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

5.1.1.1 Ensure rsyslog is installedCIS Rocky Linux 8 Server L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

5.1.1.1 Ensure rsyslog is installedCIS Oracle Linux 8 Server L1 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

5.1.1.2 Ensure rsyslog service is enabledCIS Rocky Linux 8 Workstation L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

5.1.1.6 Ensure rsyslog is configured to send logs to a remote log hostCIS Oracle Linux 7 v4.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.1.1.6 Ensure rsyslog is configured to send logs to a remote log hostCIS Red Hat EL8 Workstation L1 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

5.1.2.1.2 Ensure systemd-journal-remote is configuredCIS Oracle Linux 7 v4.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

5.1.2.1.2 Ensure systemd-journal-remote is configuredCIS Red Hat EL8 Workstation L1 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

5.1.2.2 Ensure journald service is enabledCIS Red Hat EL8 Workstation L1 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

5.1.2.2 Ensure journald service is enabledCIS Red Hat Enterprise Linux 7 v4.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.1.2.2 Ensure journald service is enabledCIS Oracle Linux 8 Server L1 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

5.1.2.4 Ensure journald is configured to write logfiles to persistent diskCIS Red Hat Enterprise Linux 7 v4.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.1.2.4 Ensure journald is configured to write logfiles to persistent diskCIS Rocky Linux 8 Workstation L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

5.1.2.6 Ensure journald log rotation is configured per site policyCIS Oracle Linux 7 v4.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

5.1.2.6 Ensure journald log rotation is configured per site policyCIS Oracle Linux 7 v4.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.1.2.6 Ensure journald log rotation is configured per site policyCIS Rocky Linux 8 Workstation L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

5.1.5.1 Ensure the Application Usage report is reviewed at least weeklyCIS Microsoft 365 Foundations E3 L1 v3.1.0microsoft_azure

AUDIT AND ACCOUNTABILITY

5.1.15 Ensure sshd LogLevel is configuredCIS Rocky Linux 9 v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.1.15 Ensure sshd LogLevel is configuredCIS Red Hat Enterprise Linux 9 v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

5.1.15 Ensure sshd LogLevel is configuredCIS Oracle Linux 9 v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.2.1.4 Ensure auditd service is enabledCIS Red Hat EL8 Server L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

5.2.1.4 Ensure auditd service is enabledCIS Oracle Linux 8 Server L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

5.2.2.3 Ensure system is disabled when audit logs are fullCIS Red Hat Enterprise Linux 7 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

5.2.2.3 Ensure system is disabled when audit logs are fullCIS Rocky Linux 8 Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

5.2.2.4 Ensure system warns when audit logs are low on spaceCIS Red Hat EL8 Workstation L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

5.2.2.4 Ensure system warns when audit logs are low on spaceCIS Rocky Linux 8 Server L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

6.2.1.1 Ensure journald service is enabled and activeCIS Oracle Linux 9 v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.1.3 Ensure journald log file rotation is configuredCIS Red Hat Enterprise Linux 9 v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.2.1.1 Ensure systemd-journal-remote is installedCIS Red Hat Enterprise Linux 9 v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.2.1.1 Ensure systemd-journal-remote is installedCIS Oracle Linux 9 v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.2.1.3 Ensure systemd-journal-upload is enabled and activeCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.3.2 Ensure rsyslog service is enabled and activeCIS Oracle Linux 9 v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.3.6 Ensure rsyslog is configured to send logs to a remote log hostCIS Rocky Linux 9 v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

9.2.4 (L1) Ensure 'Windows Firewall: Private: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\privatefw.log'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BLWindows

AUDIT AND ACCOUNTABILITY

9.2.4 (L1) Ensure 'Windows Firewall: Private: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\privatefw.log'CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BL + NGWindows

AUDIT AND ACCOUNTABILITY

9.2.4 (L1) Ensure 'Windows Firewall: Private: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\privatefw.log'CIS Microsoft Windows 11 Stand-alone v3.0.0 L1 + BLWindows

AUDIT AND ACCOUNTABILITY

9.3.6 (L1) Ensure 'Windows Firewall: Public: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\publicfw.log'CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1Windows

AUDIT AND ACCOUNTABILITY