Item Search

NameAudit NamePluginCategory
4.1.5 Ensure events that modify the system's network environment are collected - auditctl /etc/issueCIS CentOS 6 Workstation L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

4.1.5 Ensure events that modify the system's network environment are collected - auditctl sethostname setdomainname 32-bitCIS CentOS 6 Workstation L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

4.2.1.2 Ensure rsyslog service is enabledCIS CentOS Linux 8 Workstation L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.1.5 Ensure logging is configuredCIS CentOS Linux 8 Workstation L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.1.6 Ensure rsyslog is configured to send logs to a remote log hostCIS CentOS Linux 8 Server L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.2.1.2 Ensure systemd-journal-remote is configuredCIS CentOS Linux 8 Workstation L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.2.4 Ensure journald is configured to write logfiles to persistent diskCIS CentOS Linux 8 Workstation L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.2.6 Ensure journald log rotation is configured per site policyCIS CentOS Linux 8 Server L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

5.1.1.2 Ensure rsyslog service is enabledCIS AlmaLinux OS 8 Workstation L1 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

5.1.1.6 Ensure rsyslog is configured to send logs to a remote log hostCIS AlmaLinux OS 8 Server L1 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

5.1.1.6 Ensure rsyslog is configured to send logs to a remote log hostCIS AlmaLinux OS 8 Workstation L1 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

5.1.2.1.1 Ensure systemd-journal-remote is installedCIS Amazon Linux 2 v3.0.0 L1Unix

AUDIT AND ACCOUNTABILITY

5.1.2.1.3 Ensure systemd-journal-remote is enabledCIS AlmaLinux OS 8 Workstation L1 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

5.1.2.2 Ensure journald service is enabledCIS Amazon Linux 2 v3.0.0 L1Unix

AUDIT AND ACCOUNTABILITY

5.1.2.2 Ensure journald service is enabledCIS AlmaLinux OS 8 Server L1 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

5.1.2.2 Ensure journald service is enabledCIS AlmaLinux OS 8 Workstation L1 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

5.1.2.4 Ensure journald is configured to write logfiles to persistent diskCIS Amazon Linux 2023 Server L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

5.1.2.6 Ensure journald log rotation is configured per site policyCIS Amazon Linux 2 v3.0.0 L1Unix

AUDIT AND ACCOUNTABILITY

5.1.2.6 Ensure journald log rotation is configured per site policyCIS AlmaLinux OS 8 Server L1 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

5.1.15 Ensure sshd LogLevel is configuredCIS Oracle Linux 9 v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

5.2.1.4 Ensure audit_backlog_limit is sufficientCIS Debian 10 Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

5.2.1.4 Ensure auditd service is enabledCIS Amazon Linux 2 v3.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

5.2.1.4 Ensure auditd service is enabledCIS Amazon Linux 2023 Server L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

5.2.2.4 Ensure system warns when audit logs are low on spaceCIS AlmaLinux OS 8 Server L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

6.1 Ensure the Error Log Filename and Severity Level Are Configured Correctly - 'httpd.conf LogLevel = notice info or debug'CIS Apache HTTP Server 2.4 L1 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

6.2.1.1.3 Ensure journald log file rotation is configuredCIS Debian Linux 11 v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.1.1.5 Ensure journald Storage is configuredCIS Debian Linux 11 v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.1.2.1 Ensure systemd-journal-remote is installedCIS Debian Linux 11 v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.1.2.3 Ensure systemd-journal-upload is enabled and activeCIS Debian Linux 11 v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.1.3 Ensure journald log file rotation is configuredCIS AlmaLinux OS 9 v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.2.1.1 Ensure systemd-journal-remote is installedCIS AlmaLinux OS 9 v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.2.1.2 Ensure systemd-journal-upload authentication is configuredCIS Oracle Linux 9 v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.2.1.3 Ensure systemd-journal-upload is enabled and activeCIS AlmaLinux OS 9 v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.2.4 Ensure journald Storage is configuredCIS AlmaLinux OS 9 v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.3.6 Ensure rsyslog is configured to send logs to a remote log hostCIS AlmaLinux OS 9 v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.3.6 Ensure rsyslog is configured to send logs to a remote log hostCIS Oracle Linux 9 v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3 Ensure the Server Access Log Is Configured Correctly - 'httpd.conf CustomLog is configured'CIS Apache HTTP Server 2.4 L1 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

6.4.1.4 Ensure audit_backlog_limit is sufficientCIS Debian Linux 11 v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

9.1.4 (L1) Ensure 'Windows Firewall: Domain: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\domainfw.log'CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + NGWindows

AUDIT AND ACCOUNTABILITY

9.2.4 (L1) Ensure 'Windows Firewall: Private: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\privatefw.log'CIS Microsoft Windows 10 Enterprise v3.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

9.2.4 (L1) Ensure 'Windows Firewall: Private: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\privatefw.log'CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BLWindows

AUDIT AND ACCOUNTABILITY

9.2.4 (L1) Ensure 'Windows Firewall: Private: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\privatefw.log'CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + NGWindows

AUDIT AND ACCOUNTABILITY

9.2.4 (L1) Ensure 'Windows Firewall: Private: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\privatefw.log'CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

9.2.4 (L1) Ensure 'Windows Firewall: Private: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\privatefw.log'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

9.2.4 (L1) Ensure 'Windows Firewall: Private: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\privatefw.log'CIS Microsoft Windows 11 Enterprise v3.0.0 L1 + BLWindows

AUDIT AND ACCOUNTABILITY

9.2.4 (L1) Ensure 'Windows Firewall: Private: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\privatefw.log'CIS Microsoft Windows 11 Stand-alone v3.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

9.3.6 (L1) Ensure 'Windows Firewall: Public: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\publicfw.log'CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BL + NGWindows

AUDIT AND ACCOUNTABILITY

17.5.1 Ensure 'Audit Account Lockout' is set to include 'Failure'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION

17.6.2 Ensure 'Audit File Share' is set to 'Success and Failure'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

17.7.2 Ensure 'Audit Authentication Policy Change' is set to include 'Success'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT