Item Search

Name	Audit Name	Plugin	Category
1.1.5.1.2 Set 'Windows Firewall: Domain: Logging: Size limit (KB)' to '16384 KB or greater'	CIS Windows 8 L1 v1.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
1.1.5.1.3 Set 'Windows Firewall: Domain: Logging: Name' to '%SYSTEMROOT%\System32\logfiles\firewall\domainfw.log'	CIS Windows 8 L1 v1.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
1.1.5.1.4 Set 'Windows Firewall: Private: Logging: Size limit (KB)' to '16384 KB or greater'	CIS Windows 8 L1 v1.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
1.1.5.2.8 Set 'Windows Firewall: Private: Logging: Name' to '%SYSTEMROOT%\System32\logfiles\firewall\privatefw.log'	CIS Windows 8 L1 v1.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
1.1.5.3.7 Set 'Windows Firewall: Public: Logging: Name' to '%SYSTEMROOT%\System32\logfiles\firewall\publicfw.log'	CIS Windows 8 L1 v1.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
1.1.5.3.9 Set 'Windows Firewall: Public: Logging: Size limit (KB)' to '16384 KB or greater'	CIS Windows 8 L1 v1.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
2.2 Ensure the Log Config Module Is Enabled	CIS Apache HTTP Server 2.2 L1 v3.6.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.1.4 Ensure auditing for processes that start prior to auditd is enabled	CIS CentOS 6 Workstation L2 v3.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.2 Ensure auditd is installed	CIS Distribution Independent Linux Server L2 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.3 Ensure auditd service is enabled	CIS Distribution Independent Linux Workstation L2 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.2.1.1 Ensure rsyslog is installed	CIS Distribution Independent Linux Workstation L1 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.2.1.2 Ensure rsyslog Service is enabled	CIS Distribution Independent Linux Server L1 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.2.1.3 Ensure logging is configured	CIS CentOS 6 Server L1 v3.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.2.2.1 Ensure journald is configured to send logs to rsyslog	CIS Distribution Independent Linux Server L1 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.2.2.1 Ensure journald is configured to send logs to rsyslog	CIS Distribution Independent Linux Workstation L1 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.2.2.2 Ensure journald is configured to compress large log files	CIS Distribution Independent Linux Server L1 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.2.2.2 Ensure journald is configured to compress large log files	CIS Distribution Independent Linux Workstation L1 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.2.2.3 Ensure journald is configured to write logfiles to persistent disk	CIS Distribution Independent Linux Server L1 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.2.2.3 Ensure journald is configured to write logfiles to persistent disk	CIS Distribution Independent Linux Workstation L1 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
5.1 Ensure that system activity is audited	CIS MongoDB 6 v1.2.0 L1 MongoDB	Unix	AUDIT AND ACCOUNTABILITY
5.1 Ensure that system activity is audited	CIS MongoDB 6 v1.2.0 L1 MongoDB	Windows	AUDIT AND ACCOUNTABILITY
5.2 Ensure 'Default Trace Enabled' Server Configuration Option is set to '1'	CIS SQL Server 2008 R2 DB Engine L1 v1.7.0	MS_SQLDB	AUDIT AND ACCOUNTABILITY
6.1 Ensure the Error Log Filename and Severity Level Are Configured Correctly - 'ErrorLog is configured'	CIS Apache HTTP Server 2.2 L1 v3.6.0	Unix	AUDIT AND ACCOUNTABILITY
6.1 Ensure the Error Log Filename and Severity Level Are Configured Correctly - 'ErrorLog is configured'	CIS Apache HTTP Server 2.2 L2 v3.6.0	Unix	AUDIT AND ACCOUNTABILITY
6.1 Ensure the Error Log Filename and Severity Level Are Configured Correctly - 'httpd.conf <VirtualHost> ErrorLog is configured'	CIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware	Unix	AUDIT AND ACCOUNTABILITY
6.1.11 Ensure the 'GRANT ANY OBJECT PRIVILEGE' Audit Option Is Enabled	CIS Oracle Server 12c DB Traditional Auditing v3.0.0	OracleDB	AUDIT AND ACCOUNTABILITY
7.5 Ensure pattern in context.xml is correct	CIS Apache Tomcat 8 L1 v1.1.0	Unix	AUDIT AND ACCOUNTABILITY
7.5 Ensure pattern in context.xml is correct	CIS Apache Tomcat 8 L1 v1.1.0 Middleware	Unix	AUDIT AND ACCOUNTABILITY
9.1.5 Ensure 'Windows Firewall: Domain: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\domainfw.log' - %SYSTEMROOT%\System32\logfiles\firewall\domainfw.log	CIS Windows 7 Workstation Level 1 v3.2.0	Windows	AUDIT AND ACCOUNTABILITY
9.1.6 Ensure 'Windows Firewall: Domain: Logging: Size limit (KB)' is set to '16,384 KB or greater'	CIS Windows 7 Workstation Level 1 v3.2.0	Windows	AUDIT AND ACCOUNTABILITY
9.1.6 Ensure 'Windows Firewall: Domain: Logging: Size limit (KB)' is set to '16,384 KB or greater'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	AUDIT AND ACCOUNTABILITY
9.2 Configure a Logging File Channel - category xfer-in	CIS BIND DNS v1.0.0 L1 Authoritative Name Server	Unix	AUDIT AND ACCOUNTABILITY
9.2.5 Ensure 'Windows Firewall: Private: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\privatefw.log' - %SYSTEMROOT%\System32\logfiles\firewall\privatefw.log	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	AUDIT AND ACCOUNTABILITY
9.2.5 Ensure 'Windows Firewall: Private: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\privatefw.log' - %SYSTEMROOT%\System32\logfiles\firewall\privatefw.log	CIS Windows 7 Workstation Level 1 v3.2.0	Windows	AUDIT AND ACCOUNTABILITY
9.2.6 Ensure 'Windows Firewall: Private: Logging: Size limit (KB)' is set to '16,384 KB or greater'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	AUDIT AND ACCOUNTABILITY
9.2.6 Ensure 'Windows Firewall: Private: Logging: Size limit (KB)' is set to '16,384 KB or greater'	CIS Windows 7 Workstation Level 1 v3.2.0	Windows	AUDIT AND ACCOUNTABILITY
9.3.7 Ensure 'Windows Firewall: Public: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\publicfw.log' - %SYSTEMROOT%\System32\logfiles\firewall\publicfw.log	CIS Windows 7 Workstation Level 1 v3.2.0	Windows	AUDIT AND ACCOUNTABILITY
9.3.7 Ensure 'Windows Firewall: Public: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\publicfw.log' - %SYSTEMROOT%\System32\logfiles\firewall\publicfw.log	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	AUDIT AND ACCOUNTABILITY
9.3.8 Ensure 'Windows Firewall: Public: Logging: Size limit (KB)' is set to '16,384 KB or greater'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	AUDIT AND ACCOUNTABILITY
9.3.8 Ensure 'Windows Firewall: Public: Logging: Size limit (KB)' is set to '16,384 KB or greater'	CIS Windows 7 Workstation Level 1 v3.2.0	Windows	AUDIT AND ACCOUNTABILITY
17.6.3 (L1) Ensure 'Audit Other Object Access Events' is set to 'Success and Failure'	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker	Windows	AUDIT AND ACCOUNTABILITY
Windows Defender Firewall: Allow logging - Domain Profile - LogFileSize	MSCT Windows 10 1909 v1.0.0	Windows	AUDIT AND ACCOUNTABILITY
Windows Defender Firewall: Allow logging - Domain Profile - LogFileSize	MSCT Windows 10 1903 v1.19.9	Windows	AUDIT AND ACCOUNTABILITY
Windows Defender Firewall: Allow logging - Domain Profile - LogFileSize	MSCT Windows 10 v2004 v1.0.0	Windows	AUDIT AND ACCOUNTABILITY
Windows Defender Firewall: Allow logging - LogFileSize	MSCT Windows 10 v20H2 v1.0.0	Windows	AUDIT AND ACCOUNTABILITY
Windows Defender Firewall: Allow logging - LogFileSize - Domain Profile	MSCT Windows 10 1809 v1.0.0	Windows	AUDIT AND ACCOUNTABILITY
Windows Firewall: Allow logging - LogFilePath - Domain Profile	MSCT Windows 10 v1507 v1.0.0	Windows	AUDIT AND ACCOUNTABILITY
Windows Firewall: Allow logging - LogFilePath - Private Profile	MSCT Windows 10 v1507 v1.0.0	Windows	AUDIT AND ACCOUNTABILITY
Windows Firewall: Allow logging - LogFilePath - Public Profile	MSCT Windows 10 v1507 v1.0.0	Windows	AUDIT AND ACCOUNTABILITY
Windows Firewall: Allow logging - LogFileSize - Domain Profile	MSCT Windows 10 v1507 v1.0.0	Windows	AUDIT AND ACCOUNTABILITY

Detections

Analytics

Item Search