Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.2 Ensure That Sinks Are Configured for All Log EntriesCIS Google Cloud Platform v3.0.0 L1GCP

AUDIT AND ACCOUNTABILITY

2.3.2.1 (L1) Ensure 'Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings' is set to 'Enabled'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

AUDIT AND ACCOUNTABILITY

3.8 Logging should be enable for all Firewall RulesCIS Check Point Firewall L2 v1.1.0CheckPoint

AUDIT AND ACCOUNTABILITY, SECURITY ASSESSMENT AND AUTHORIZATION

4.1.1.2 Ensure auditd service is enabled and running - enabledCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.1.1.2 Ensure auditd service is enabled and running - runningCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.1.1.2 Ensure system is disabled when audit logs are full - action_mail_acctCIS SUSE Linux Enterprise Server 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.1.2 Ensure system is disabled when audit logs are full - action_mail_acctCIS SUSE Linux Enterprise Workstation 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.1.2 Ensure system is disabled when audit logs are full - admin_space_left_actionCIS SUSE Linux Enterprise Server 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.1.2 Ensure system is disabled when audit logs are full - admin_space_left_actionCIS SUSE Linux Enterprise Workstation 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.1.2 Ensure system is disabled when audit logs are full - space_left_actionCIS SUSE Linux Enterprise Server 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.1.2 Ensure system is disabled when audit logs are full - space_left_actionCIS SUSE Linux Enterprise Workstation 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.2.3 Ensure system is disabled when audit logs are fullCIS SUSE Linux Enterprise 12 v3.2.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.1.2.3 Ensure system is disabled when audit logs are fullCIS SUSE Linux Enterprise 15 Workstation L2 v1.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.2.3 Ensure system is disabled when audit logs are fullCIS SUSE Linux Enterprise 15 Server L2 v1.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.2.3 Ensure system is disabled when audit logs are fullCIS SUSE Linux Enterprise 12 v3.2.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

4.1.2.4 Ensure audit_backlog_limit is sufficientCIS SUSE Linux Enterprise 15 Workstation L2 v1.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.2.4 Ensure audit_backlog_limit is sufficientCIS Red Hat 6 Workstation L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.2.4 Ensure audit_backlog_limit is sufficientCIS Red Hat 6 Server L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.2.4 Ensure audit_backlog_limit is sufficientCIS SUSE Linux Enterprise 15 Server L2 v1.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.2.4 Ensure audit_backlog_limit is sufficientCIS SUSE Linux Enterprise 12 v3.2.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.1.2.4 Ensure audit_backlog_limit is sufficientCIS SUSE Linux Enterprise 12 v3.2.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

4.1.2.5 Ensure system is disabled when audit logs are full - 'action_mail_acct = root'CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

4.1.2.5 Ensure system is disabled when audit logs are full - 'admin_space_left_action = halt'CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

4.1.2.5 Ensure system is disabled when audit logs are full - 'space_left_action = email'CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

4.1.2.7 Ensure audit_backlog_limit is sufficientCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

4.1.2.7 Ensure audit_backlog_limit is sufficientCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.1.3.20 Ensure the audit configuration is immutableCIS CentOS Linux 8 Server L2 v2.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

4.1.3.20 Ensure the audit configuration is immutableCIS CentOS Linux 8 Workstation L2 v2.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

4.1.3.41 Ensure the audit configuration is immutableCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

4.1.3.41 Ensure the audit configuration is immutableCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

4.1.6 Ensure events that modify the system's network environment are collected - /etc/issueCIS SUSE Linux Enterprise Server 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.12 Ensure successful file system mounts are collectedCIS SUSE Linux Enterprise 12 v3.2.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.1.13 Ensure file deletion events by users are collectedCIS SUSE Linux Enterprise 12 v3.2.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.1.17 Ensure the audit configuration is immutableCIS SUSE Linux Enterprise 15 Workstation L2 v1.1.1Unix

ACCESS CONTROL, MEDIA PROTECTION

4.1.17 Ensure the audit configuration is immutableCIS SUSE Linux Enterprise 12 v3.2.0 L2 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

4.1.17 Ensure the audit configuration is immutableCIS SUSE Linux Enterprise 15 Server L2 v1.1.1Unix

ACCESS CONTROL, MEDIA PROTECTION

4.1.17 Ensure the audit configuration is immutableCIS SUSE Linux Enterprise 12 v3.2.0 L2 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

4.1.18 Ensure the audit configuration is immutableCIS SUSE Linux Enterprise Server 11 L2 v2.1.1Unix

ACCESS CONTROL, MEDIA PROTECTION

4.1.18 Ensure the audit configuration is immutableCIS SUSE Linux Enterprise Workstation 11 L2 v2.1.1Unix

ACCESS CONTROL, MEDIA PROTECTION

4.2.1.4 Ensure logging is configuredCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

5.2.1.1 Ensure auditd is installedCIS Ubuntu Linux 20.04 LTS Server L2 v2.0.1Unix

AUDIT AND ACCOUNTABILITY

5.2.1.1 Ensure auditd is installedCIS Ubuntu Linux 20.04 LTS Workstation L2 v2.0.1Unix

AUDIT AND ACCOUNTABILITY

5.5 Ensure all WildFire session information settings are enabledCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0Palo_Alto

AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY

5.6 Ensure alerts are enabled for malicious files detected by WildFire - log-type 'wildfire'CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0Palo_Alto

AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY

6.2.3.13 Ensure file deletion events by users are collectedCIS Ubuntu Linux 24.04 LTS v1.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.3.19 Ensure kernel module loading unloading and modification is collectedCIS Ubuntu Linux 24.04 LTS v1.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.12 Ensure all HTTP Header Logging options are enabled - Log Container PageCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0Palo_Alto

AUDIT AND ACCOUNTABILITY

6.12 Ensure all HTTP Header Logging options are enabled - RefererCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0Palo_Alto

AUDIT AND ACCOUNTABILITY

6.12 Ensure all HTTP Header Logging options are enabled - User-AgentCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0Palo_Alto

AUDIT AND ACCOUNTABILITY

6.12 Ensure all HTTP Header Logging options are enabled - X-Forwarded-ForCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0Palo_Alto

AUDIT AND ACCOUNTABILITY