Item Search

Name	Audit Name	Plugin	Category
1.4.1 Ensure AIDE is installed	CIS Fedora 19 Family Linux Workstation L1 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
1.5.3 Ensure prelink is disabled	CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.4 Ensure events that modify user/group information are collected - /etc/group	CIS Fedora 19 Family Linux Server L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.4 Ensure events that modify user/group information are collected - /etc/group	CIS Ubuntu Linux 16.04 LTS Server L2 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.4 Ensure events that modify user/group information are collected - auditctl /etc/group	CIS Red Hat 6 Workstation L2 v3.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.4 Ensure events that modify user/group information are collected - auditctl /etc/gshadow	CIS Fedora 19 Family Linux Workstation L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.4 Ensure events that modify user/group information are collected - auditctl /etc/gshadow	CIS Red Hat 6 Server L2 v3.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.4 Ensure events that modify user/group information are collected - auditctl /etc/passwd	CIS Ubuntu Linux 16.04 LTS Server L2 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.4 Ensure events that modify user/group information are collected - auditctl /etc/passwd	CIS Oracle Linux 6 Server L2 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.4 Ensure events that modify user/group information are collected - auditctl /etc/passwd	CIS Oracle Linux 6 Workstation L2 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.4 Ensure events that modify user/group information are collected - auditctl /etc/security/opasswd	CIS Debian Family Workstation L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.4 Ensure events that modify user/group information are collected - auditctl /etc/shadow	CIS Fedora 19 Family Linux Server L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.4 Ensure events that modify user/group information are collected - rules.d /etc/passwd	CIS Oracle Linux 6 Server L2 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.4 Ensure events that modify user/group information are collected - rules.d /etc/passwd	CIS Oracle Linux 6 Workstation L2 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.4 Ensure events that modify user/group information are collected - rules.d /etc/passwd	CIS Red Hat 6 Server L2 v3.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.4 Ensure events that modify user/group information are collected - rules.d /etc/passwd	CIS Red Hat 6 Workstation L2 v3.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.4 Ensure events that modify user/group information are collected - rules.d /etc/security/opasswd	CIS Red Hat 6 Server L2 v3.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.5 Ensure events that modify user/group information are collected - /etc/gshadow	CIS Debian 9 Server L2 v1.0.1	Unix	AUDIT AND ACCOUNTABILITY
4.1.5 Ensure events that modify user/group information are collected - /etc/gshadow	CIS Debian 9 Workstation L2 v1.0.1	Unix	AUDIT AND ACCOUNTABILITY
4.1.5 Ensure events that modify user/group information are collected - /etc/security/opasswd	CIS Debian 9 Workstation L2 v1.0.1	Unix	AUDIT AND ACCOUNTABILITY
4.1.5 Ensure events that modify user/group information are collected - /etc/shadow	CIS Debian 9 Server L2 v1.0.1	Unix	AUDIT AND ACCOUNTABILITY
4.1.5 Ensure events that modify user/group information are collected - auditctl /etc/gshadow	CIS Debian 9 Server L2 v1.0.1	Unix	AUDIT AND ACCOUNTABILITY
4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - auditctl b32 EPERM	CIS Fedora 19 Family Linux Server L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - auditctl b64 EPERM	CIS Fedora 19 Family Linux Workstation L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EACCES 64-bit	CIS Red Hat 6 Server L2 v3.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EPERM	CIS Ubuntu Linux 16.04 LTS Server L2 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - b32 EPERM	CIS Fedora 19 Family Linux Server L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - rules.d EACCES 32-bit	CIS Oracle Linux 6 Server L2 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - rules.d EACCES 32-bit	CIS Oracle Linux 6 Workstation L2 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - rules.d EPERM 64-bit	CIS Red Hat 6 Workstation L2 v3.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EPERM x64	CIS Debian 9 Workstation L2 v1.0.1	Unix	AUDIT AND ACCOUNTABILITY
4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - EPERM x64	CIS Debian 9 Workstation L2 v1.0.1	Unix	AUDIT AND ACCOUNTABILITY
4.1.14 Ensure changes to system administration scope (sudoers) is collected - /etc/sudoers.d	CIS Fedora 19 Family Linux Server L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.14 Ensure changes to system administration scope (sudoers) is collected - auditctl /etc/sudoers	CIS Fedora 19 Family Linux Server L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.14 Ensure changes to system administration scope (sudoers) is collected - auditctl /etc/sudoers.d/	CIS Red Hat 6 Server L2 v3.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.14 Ensure changes to system administration scope (sudoers) is collected - auditctl sudoers.d	CIS Ubuntu Linux 16.04 LTS Server L2 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.14 Ensure changes to system administration scope (sudoers) is collected - rules.d /etc/sudoers	CIS Oracle Linux 6 Server L2 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.14 Ensure changes to system administration scope (sudoers) is collected - rules.d /etc/sudoers	CIS Red Hat 6 Server L2 v3.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.14 Ensure changes to system administration scope (sudoers) is collected - rules.d /etc/sudoers.d/	CIS Oracle Linux 6 Server L2 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.14 Ensure changes to system administration scope (sudoers) is collected - rules.d /etc/sudoers.d/	CIS Red Hat 6 Workstation L2 v3.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.14 Ensure changes to system administration scope (sudoers) is collected - sudoers	CIS Ubuntu Linux 16.04 LTS Server L2 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.15 Ensure changes to system administration scope (sudoers) is collected - /etc/sudoers.d/	CIS Debian 9 Server L2 v1.0.1	Unix	AUDIT AND ACCOUNTABILITY
4.1.15 Ensure changes to system administration scope (sudoers) is collected - auditctl /etc/sudoers.d/	CIS Debian 9 Server L2 v1.0.1	Unix	AUDIT AND ACCOUNTABILITY
4.1.15 Ensure system administrator actions (sudolog) are collected	CIS Fedora 19 Family Linux Server L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.15 Ensure system administrator actions (sudolog) are collected - auditctl	CIS Fedora 19 Family Linux Server L2 v1.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.15 Ensure system administrator command executions (sudo) are collected - auditctl 64-bit	CIS Red Hat 6 Server L2 v3.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.15 Ensure system administrator command executions (sudo) are collected - b64 auditctl	CIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.15 Ensure system administrator command executions (sudo) are collected - rules.d 32-bit	CIS Oracle Linux 6 Workstation L2 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.15 Ensure system administrator command executions (sudo) are collected - rules.d 64-bit	CIS Red Hat 6 Workstation L2 v3.0.0	Unix	AUDIT AND ACCOUNTABILITY
5.3.12 Collect Unsuccessful Unauthorized Access Attempts to Files - arch=b64 EPERM	CIS Red Hat Enterprise Linux 5 L2 v2.2.1	Unix	AUDIT AND ACCOUNTABILITY

Detections

Analytics

Item Search