Detections
Analytics

Item Search

NameAudit NamePluginCategory
4.1.3.13 Ensure login and logout events are collected - lastlogCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

4.1.3.38 Ensure audit of the su commandCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

APPL-14-001002 - The macOS system must be configured to audit all log on and log out events.DISA Apple macOS 14 (Sonoma) STIG v2r2Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE

Big Sur - Configure System to Audit All Authorization and Authentication EventsNIST macOS Big Sur v1.4.0 - 800-171Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE

Big Sur - Configure System to Audit All Authorization and Authentication EventsNIST macOS Big Sur v1.4.0 - 800-53r4 HighUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE

Big Sur - Configure System to Audit All Authorization and Authentication EventsNIST macOS Big Sur v1.4.0 - 800-53r5 HighUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE

Big Sur - Configure System to Audit All Authorization and Authentication EventsNIST macOS Big Sur v1.4.0 - 800-53r5 LowUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE

Big Sur - Configure System to Audit All Authorization and Authentication EventsNIST macOS Big Sur v1.4.0 - 800-53r4 LowUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE

Big Sur - Configure System to Audit All Authorization and Authentication EventsNIST macOS Big Sur v1.4.0 - CNSSI 1253Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE

Big Sur - Configure System to Audit All Log In and Log Out EventsNIST macOS Big Sur v1.4.0 - 800-171Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE

Big Sur - Configure System to Audit All Log In and Log Out EventsNIST macOS Big Sur v1.4.0 - 800-53r4 HighUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE

Big Sur - Configure System to Audit All Log In and Log Out EventsNIST macOS Big Sur v1.4.0 - 800-53r5 HighUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE

Big Sur - Configure System to Audit All Log In and Log Out EventsNIST macOS Big Sur v1.4.0 - 800-53r5 ModerateUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE

Catalina - Configure System to Audit All Log In and Log Out EventsNIST macOS Catalina v1.5.0 - 800-53r5 HighUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE

Catalina - Configure System to Audit All Log In and Log Out EventsNIST macOS Catalina v1.5.0 - 800-53r4 HighUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE

Catalina - Configure System to Audit All Log In and Log Out EventsNIST macOS Catalina v1.5.0 - 800-53r4 LowUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE

Monterey - Configure System to Audit All Changes of Object AttributesNIST macOS Monterey v1.0.0 - All ProfilesUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE

Monterey - Configure System to Audit All Deletions of Object AttributesNIST macOS Monterey v1.0.0 - 800-53r5 HighUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE

Monterey - Configure System to Audit All Deletions of Object AttributesNIST macOS Monterey v1.0.0 - 800-53r5 ModerateUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE

Monterey - Configure System to Audit All Deletions of Object AttributesNIST macOS Monterey v1.0.0 - All ProfilesUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE

Monterey - Configure System to Audit All Deletions of Object AttributesNIST macOS Monterey v1.0.0 - 800-53r5 LowUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE

Monterey - Configure System to Audit All Failed Read Actions on the SystemNIST macOS Monterey v1.0.0 - 800-53r4 HighUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE

Monterey - Configure System to Audit All Failed Read Actions on the SystemNIST macOS Monterey v1.0.0 - 800-53r4 ModerateUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE

Monterey - Configure System to Audit All Failed Read Actions on the SystemNIST macOS Monterey v1.0.0 - 800-53r4 LowUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE

Monterey - Configure System to Audit All Failed Read Actions on the SystemNIST macOS Monterey v1.0.0 - 800-53r5 HighUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE

Monterey - Configure System to Audit All Failed Read Actions on the SystemNIST macOS Monterey v1.0.0 - 800-53r5 ModerateUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE

Monterey - Configure System to Audit All Failed Read Actions on the SystemNIST macOS Monterey v1.0.0 - All ProfilesUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE

Monterey - Configure System to Audit All Failed Read Actions on the SystemNIST macOS Monterey v1.0.0 - 800-53r5 LowUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE

Monterey - Configure System to Audit All Failed Read Actions on the SystemNIST macOS Monterey v1.0.0 - CNSSI 1253Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE

Monterey - Configure System to Audit All Failed Read Actions on the SystemNIST macOS Monterey v1.0.0 - 800-171Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE

OL07-00-030510 - The Oracle Linux operating system must audit all uses of the creat, open, openat, open_by_handle_at, truncate, and ftruncate syscalls.DISA Oracle Linux 7 STIG v2r14Unix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

OL07-00-030610 - The Oracle Linux operating system must generate audit records for all unsuccessful account access events.DISA Oracle Linux 7 STIG v2r14Unix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

OL07-00-030620 - The Oracle Linux operating system must generate audit records for all successful account access events.DISA Oracle Linux 7 STIG v2r14Unix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

OL07-00-030910 - The Oracle Linux operating system must audit all uses of the unlink, unlinkat, rename, renameat, and rmdir syscalls.DISA Oracle Linux 7 STIG v2r14Unix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

RHEL-07-030510 - The Red Hat Enterprise Linux operating system must audit all uses of the creat, open, openat, open_by_handle_at, truncate, and ftruncate syscalls.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

RHEL-07-030570 - The Red Hat Enterprise Linux operating system must audit all uses of the setsebool command.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

UBTU-20-010101 - The Ubuntu operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/group.DISA STIG Ubuntu 20.04 LTS v2r1Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

UBTU-20-010102 - The Ubuntu operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/shadow.DISA STIG Ubuntu 20.04 LTS v2r1Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

UBTU-22-654135 - Ubuntu 22.04 LTS must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/gshadow.DISA STIG Canonical Ubuntu 22.04 LTS v2r2Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

UBTU-22-654145 - Ubuntu 22.04 LTS must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd.DISA STIG Canonical Ubuntu 22.04 LTS v2r2Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

WN10-AU-000045 - The system must be configured to audit Detailed Tracking - PNP Activity successes.DISA Windows 10 STIG v3r2Windows

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

WN10-AU-000050 - The system must be configured to audit Detailed Tracking - Process Creation successes.DISA Windows 10 STIG v3r2Windows

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

WN12-AU-000011-DC - Windows Server 2012/2012 R2 domain controllers must be configured to audit Account Management - Computer Account Management successes.DISA Windows Server 2012 and 2012 R2 DC STIG v3r7Windows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

WN12-AU-000032-DC - The system must be configured to audit DS Access - Directory Service Access failures.DISA Windows Server 2012 and 2012 R2 DC STIG v3r7Windows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

WN12-AU-000207-DC - Active Directory Group Policy objects must be configured with proper audit settings.DISA Windows Server 2012 and 2012 R2 DC STIG v3r7Windows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

WN12-AU-000208-DC - The Active Directory Domain object must be configured with proper audit settings.DISA Windows Server 2012 and 2012 R2 DC STIG v3r7Windows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

WN12-AU-000209-DC - The Active Directory Infrastructure object must be configured with proper audit settings.DISA Windows Server 2012 and 2012 R2 DC STIG v3r7Windows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

WN12-AU-000212-DC - The Active Directory RID Manager$ object must be configured with proper audit settings.DISA Windows Server 2012 and 2012 R2 DC STIG v3r7Windows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

WN22-AU-000110 - Windows Server 2022 must be configured to audit Account Management - User Account Management successes.DISA Windows Server 2022 STIG v2r2Windows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

WN22-AU-000120 - Windows Server 2022 must be configured to audit Account Management - User Account Management failures.DISA Windows Server 2022 STIG v2r2Windows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY