Detections
Analytics

Item Search

NameAudit NamePluginCategory
3.2.4 Ensure suspicious packets are logged - 'sysctl net.ipv4.conf.all.log_martians'CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

4.2.1.2 Ensure logging is configured - '*.*;mail.none;news.none -/var/log/messages'CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

4.2.1.2 Ensure logging is configured - '*.crit /var/log/warn'CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

4.2.1.2 Ensure logging is configured - '*.emerg :omusrmsg:*'CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

4.2.1.2 Ensure logging is configured - 'local2,local3.* -/var/log/localmessages'CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

4.2.1.2 Ensure logging is configured - 'mail.* -/var/log/mail'CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

4.2.1.2 Ensure logging is configured - 'mail.err /var/log/mail.err'CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

4.2.1.2 Ensure logging is configured - 'mail.info -/var/log/mail.info'CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

4.2.1.2 Ensure logging is configured - 'news.err -/var/log/news/news.err'CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

4.2.2.2 Ensure logging is configuredCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

Audit Account LockoutMSCT Windows Server v2004 MS v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Account LockoutMSCT Windows Server 2012 R2 DC v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Audit Policy ChangeMSCT Windows Server 2012 R2 MS v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Authentication Policy ChangeMSCT Windows Server 1903 DC v1.19.9Windows

AUDIT AND ACCOUNTABILITY

Audit Computer Account ManagementMSCT Windows Server 1903 DC v1.19.9Windows

AUDIT AND ACCOUNTABILITY

Audit LogonMSCT Windows Server 1903 MS v1.19.9Windows

AUDIT AND ACCOUNTABILITY

Audit LogonMSCT Windows Server v2004 MS v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit LogonMSCT Windows Server 2012 R2 MS v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Other Account Management EventsMSCT Windows Server 1903 DC v1.19.9Windows

AUDIT AND ACCOUNTABILITY

Audit Other Account Management EventsMSCT Windows Server 2012 R2 MS v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Other Logon/Logoff EventsMSCT Windows 10 v21H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Other Logon/Logoff EventsMSCT Windows Server 1903 DC v1.19.9Windows

AUDIT AND ACCOUNTABILITY

Audit Other Logon/Logoff EventsMSCT Windows Server v1909 DC v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Other Logon/Logoff EventsMSCT Windows Server v1909 MS v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Other System EventsMSCT Windows 10 v21H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Other System EventsMSCT Windows Server v1909 MS v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Other System EventsMSCT Windows Server v2004 MS v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Removable StorageMSCT Windows 10 v21H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Removable StorageMSCT Windows Server 1903 MS v1.19.9Windows

AUDIT AND ACCOUNTABILITY

Audit Security Group ManagementMSCT Windows 10 v21H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Security Group ManagementMSCT Windows Server 1903 DC v1.19.9Windows

AUDIT AND ACCOUNTABILITY

Audit Security Group ManagementMSCT Windows Server v1909 DC v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Security Group ManagementMSCT Windows Server v1909 MS v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Security Group ManagementMSCT Windows Server 2012 R2 DC v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Sensitive Privilege UseMSCT Windows Server v1909 MS v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Sensitive Privilege UseMSCT Windows Server v2004 MS v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Sensitive Privilege UseMSCT Windows Server 2012 R2 DC v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Special LogonMSCT Windows 10 v21H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Special LogonMSCT Windows Server v2004 DC v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Special LogonMSCT Windows Server v2004 MS v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit System IntegrityMSCT Windows Server v1909 MS v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit User Account ManagementMSCT Windows Server v2004 DC v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit User Account ManagementMSCT Windows Server 2012 R2 MS v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settingsMSCT Windows Server v1909 MS v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settingsMSCT Windows Server 2012 R2 MS v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Ensure events that modify user/group information are collected - auditctl /etc/shadowTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure kernel module loading and unloading is collected - rmmodTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure successful file system mounts are collected - b32Tenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure unsuccessful unauthorized file access attempts are collected - auditctl b32 EPERMTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Windows Defender Firewall: Allow logging - LogDroppedPacketsMSCT Windows 10 v21H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY