Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.2 Ensure the Log Config Module Is EnabledCIS Apache HTTP Server 2.4 L1 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

4.1.1.3 Ensure auditing for processes that start prior to auditd is enabledCIS SUSE Linux Enterprise 15 Workstation L2 v1.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.5 Ensure events that modify the system's network environment are collected - rules.d /etc/issue.netCIS CentOS 6 Workstation L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

4.1.5 Ensure events that modify the system's network environment are collected - rules.d sethostname setdomainname 32-bitCIS CentOS 6 Workstation L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

4.1.5 Ensure events that modify the system's network environment are collected - rules.d sethostname setdomainname 64-bitCIS CentOS 6 Server L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

4.2.1.1 Ensure rsyslog is installedCIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.1.1 Ensure rsyslog Service is enabled - /etc/sysconfig/syslogCIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.2.1.2 Ensure logging is configuredCIS SUSE Linux Enterprise Server 11 L1 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.2.1.2 Ensure rsyslog service is enabledCIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.1.2 Ensure rsyslog Service is enabled and runningCIS SUSE Linux Enterprise 15 Workstation L1 v1.1.1Unix

AUDIT AND ACCOUNTABILITY

4.2.2.3 Ensure journald is configured to write logfiles to persistent diskCIS SUSE Linux Enterprise 12 v3.1.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.1.1.1 Ensure rsyslog is installedCIS AlmaLinux OS 8 Workstation L1 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

5.1.1.1.1 Ensure systemd-journal-remote is installedCIS Ubuntu Linux 18.04 LTS v2.2.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.1.1.1.2 Ensure systemd-journal-remote is configuredCIS Ubuntu Linux 18.04 LTS v2.2.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.1.1.1.3 Ensure systemd-journal-remote is enabledCIS Ubuntu Linux 18.04 LTS v2.2.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

5.1.1.2 Ensure journald service is enabledCIS Ubuntu Linux 18.04 LTS v2.2.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.1.1.2 Ensure journald service is enabledCIS Ubuntu Linux 20.04 LTS Workstation L1 v2.0.1Unix

AUDIT AND ACCOUNTABILITY

5.1.1.4 Ensure journald is configured to write logfiles to persistent diskCIS Ubuntu Linux 18.04 LTS v2.2.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

5.1.1.4 Ensure journald is configured to write logfiles to persistent diskCIS Ubuntu Linux 20.04 LTS Server L1 v2.0.1Unix

AUDIT AND ACCOUNTABILITY

5.1.1.4 Ensure journald is configured to write logfiles to persistent diskCIS Ubuntu Linux 20.04 LTS Workstation L1 v2.0.1Unix

AUDIT AND ACCOUNTABILITY

5.1.2.1 Ensure rsyslog is installedCIS Ubuntu Linux 20.04 LTS Server L1 v2.0.1Unix

AUDIT AND ACCOUNTABILITY

5.1.2.1.2 Ensure systemd-journal-remote is configuredCIS Amazon Linux 2 v3.0.0 L1Unix

AUDIT AND ACCOUNTABILITY

5.1.2.1.2 Ensure systemd-journal-remote is configuredCIS AlmaLinux OS 8 Workstation L1 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

5.1.2.2 Ensure rsyslog service is enabledCIS Ubuntu Linux 20.04 LTS Server L1 v2.0.1Unix

AUDIT AND ACCOUNTABILITY

5.1.2.5 Ensure logging is configuredCIS Ubuntu Linux 20.04 LTS Workstation L1 v2.0.1Unix

AUDIT AND ACCOUNTABILITY

5.1.2.6 Ensure journald log rotation is configured per site policyCIS Amazon Linux 2023 Server L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

5.1.2.6 Ensure rsyslog is configured to send logs to a remote log hostCIS Ubuntu Linux 18.04 LTS v2.2.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.1.2.6 Ensure rsyslog is configured to send logs to a remote log hostCIS Ubuntu Linux 20.04 LTS Workstation L1 v2.0.1Unix

AUDIT AND ACCOUNTABILITY

5.1.15 Ensure sshd LogLevel is configuredCIS AlmaLinux OS 9 v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

5.1.15 Ensure sshd LogLevel is configuredCIS AlmaLinux OS 9 v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.2.2.4 Ensure system warns when audit logs are low on spaceCIS Amazon Linux 2 v3.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

6.1 Ensure the Error Log Filename and Severity Level Are Configured Correctly - 'httpd.conf <VirtualHost> ErrorLog is configured'CIS Apache HTTP Server 2.4 L1 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

6.1 Ensure the Error Log Filename and Severity Level Are Configured Correctly - VirtualHostCIS Apache HTTP Server 2.4 L1 v2.1.0 MiddlewareUnix

AUDIT AND ACCOUNTABILITY

6.1.2.1.2 Ensure systemd-journal-upload authentication is configuredCIS Ubuntu Linux 24.04 LTS v1.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.1.2.1.3 Ensure systemd-journal-upload is enabled and activeCIS Ubuntu Linux 24.04 LTS v1.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.1.3.2 Ensure rsyslog service is enabled and activeCIS Ubuntu Linux 24.04 LTS v1.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2 Ensure a Syslog Facility Is Configured for Error Logging - 'Main'CIS Apache HTTP Server 2.4 L2 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

6.2.1.1.3 Ensure journald log file rotation is configuredCIS Ubuntu Linux 22.04 LTS v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.1.3 Ensure journald log file rotation is configuredCIS AlmaLinux OS 9 v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.1.4 Ensure audit_backlog_limit is sufficientCIS Ubuntu Linux 24.04 LTS v1.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.2.1.2 Ensure systemd-journal-upload authentication is configuredCIS AlmaLinux OS 9 v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.2.3 Ensure system is disabled when audit logs are fullCIS Ubuntu Linux 24.04 LTS v1.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.3.2 Ensure rsyslog service is enabled and activeCIS AlmaLinux OS 9 v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.3.5 Ensure rsyslog logging is configuredCIS AlmaLinux OS 9 v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.1.4 Ensure audit_backlog_limit is sufficientCIS Ubuntu Linux 22.04 LTS v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.3.2.3 Ensure system is disabled when audit logs are fullCIS Ubuntu Linux 22.04 LTS v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

9.3.6 (L1) Ensure 'Windows Firewall: Public: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\publicfw.log'CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

17.2.2 Ensure 'Audit Security Group Management' is set to include 'Success'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION

17.5.5 Ensure 'Audit Special Logon' is set to include 'Success'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION

35.13 (L1) Ensure 'Enable Private Network Firewall: Log File Path' is set to '%SystemRoot%\System32\logfiles\firewall\privatefw.log'CIS Microsoft Intune for Windows 11 v3.0.1 L1Windows

AUDIT AND ACCOUNTABILITY