Item Search

Name	Audit Name	Plugin	Category
2.3 Ensure that User-ID is only enabled for internal trusted interfaces	CIS Palo Alto Firewall 10 v1.2.0 L1	Palo_Alto	AUDIT AND ACCOUNTABILITY
2.3 Ensure that User-ID is only enabled for internal trusted interfaces	CIS Palo Alto Firewall 11 v1.1.0 L1	Palo_Alto	AUDIT AND ACCOUNTABILITY
2.3 Ensure the logging level is set to 'info'	CIS Docker v1.7.0 L1 Docker - Linux	Unix	AUDIT AND ACCOUNTABILITY
2.3.2.1 (L1) Ensure 'Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings' is set to 'Enabled'	CIS Windows Server 2012 R2 DC L1 v3.0.0	Windows	AUDIT AND ACCOUNTABILITY
2.3.2.1 (L1) Ensure 'Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings' is set to 'Enabled'	CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1	Windows	AUDIT AND ACCOUNTABILITY
2.3.2.1 (L1) Ensure 'Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings' is set to 'Enabled'	CIS Microsoft Windows 11 Enterprise v3.0.0 L1 + BL	Windows	AUDIT AND ACCOUNTABILITY
2.3.2.1 (L1) Ensure 'Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings' is set to 'Enabled'	CIS Microsoft Windows 11 Stand-alone v3.0.0 L1 + BL	Windows	AUDIT AND ACCOUNTABILITY
2.3.2.1 (L1) Ensure 'Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings' is set to 'Enabled'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L1	Windows	AUDIT AND ACCOUNTABILITY
2.3.2.1 (L1) Ensure 'Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings' is set to 'Enabled'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL	Windows	AUDIT AND ACCOUNTABILITY
2.3.2.1 (L1) Ensure 'Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings' is set to 'Enabled'	CIS Microsoft Windows Server 2019 STIG v2.0.0 STIG DC	Windows	AUDIT AND ACCOUNTABILITY
2.3.2.1 (L1) Ensure 'Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
2.3.2.1 Ensure 'Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings' is set to 'Enabled'	CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS	Windows	AUDIT AND ACCOUNTABILITY
3.2.4 Ensure suspicious packets are logged - /etc/sysctl ipv4 all log_martians	CIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1	Unix	AUDIT AND ACCOUNTABILITY
3.2.4 Ensure suspicious packets are logged - sysctl ipv4 all log_martians	CIS SUSE Linux Enterprise Server 11 L1 v2.1.1	Unix	AUDIT AND ACCOUNTABILITY
3.2.4 Ensure suspicious packets are logged - sysctl ipv4 default log_martians	CIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1	Unix	AUDIT AND ACCOUNTABILITY
3.3.4 Ensure suspicious packets are logged	CIS Debian 10 Server L1 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
3.3.4 Ensure suspicious packets are logged	CIS Debian 10 Workstation L1 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
3.3.4 Ensure suspicious packets are logged	CIS SUSE Linux Enterprise 15 Server L1 v1.1.1	Unix	AUDIT AND ACCOUNTABILITY
3.3.9 Ensure suspicious packets are logged	CIS Oracle Linux 8 Server L1 v3.0.0	Unix	AUDIT AND ACCOUNTABILITY
3.3.9 Ensure suspicious packets are logged	CIS Oracle Linux 9 v2.0.0 L1 Server	Unix	AUDIT AND ACCOUNTABILITY
3.3.9 Ensure suspicious packets are logged	CIS Rocky Linux 8 Server L1 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
3.3.9 Ensure suspicious packets are logged	CIS Rocky Linux 8 Workstation L1 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
3.3.9 Ensure suspicious packets are logged	CIS Rocky Linux 9 v2.0.0 L1 Server	Unix	AUDIT AND ACCOUNTABILITY
3.3.9 Ensure suspicious packets are logged	CIS Rocky Linux 9 v2.0.0 L1 Workstation	Unix	AUDIT AND ACCOUNTABILITY
3.3.9 Ensure suspicious packets are logged	CIS CentOS Linux 7 v4.0.0 L1 Workstation	Unix	AUDIT AND ACCOUNTABILITY
3.3.9 Ensure suspicious packets are logged	CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Server	Unix	AUDIT AND ACCOUNTABILITY
3.3.9 Ensure suspicious packets are logged	CIS CentOS Linux 7 v4.0.0 L1 Server	Unix	AUDIT AND ACCOUNTABILITY
3.3.9 Ensure suspicious packets are logged	CIS Debian Linux 11 v2.0.0 L1 Workstation	Unix	AUDIT AND ACCOUNTABILITY
3.3.9 Ensure suspicious packets are logged	CIS Ubuntu Linux 18.04 LTS v2.2.0 L1 Server	Unix	AUDIT AND ACCOUNTABILITY
3.3.9 Ensure suspicious packets are logged	CIS Ubuntu Linux 18.04 LTS v2.2.0 L1 Workstation	Unix	AUDIT AND ACCOUNTABILITY
3.3.9 Ensure suspicious packets are logged	CIS Ubuntu Linux 22.04 LTS v2.0.0 L1 Server	Unix	AUDIT AND ACCOUNTABILITY
3.3.9 Ensure suspicious packets are logged	CIS Ubuntu Linux 24.04 LTS v1.0.0 L1 Server	Unix	AUDIT AND ACCOUNTABILITY
3.3.9 Ensure suspicious packets are logged	CIS Amazon Linux 2 v3.0.0 L1	Unix	AUDIT AND ACCOUNTABILITY
4.1.3.5 Ensure events that modify the system's network environment are collected - auditctl hosts	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Workstation	Unix	AUDIT AND ACCOUNTABILITY
4.1.3.5 Ensure events that modify the system's network environment are collected - auditctl issue	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Server	Unix	AUDIT AND ACCOUNTABILITY
4.1.3.5 Ensure events that modify the system's network environment are collected - auditctl network	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Server	Unix	AUDIT AND ACCOUNTABILITY
4.1.3.5 Ensure events that modify the system's network environment are collected - auditctl network-scripts	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Server	Unix	AUDIT AND ACCOUNTABILITY
4.1.3.5 Ensure events that modify the system's network environment are collected - auditctl sethostname (64-bit)	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Server	Unix	AUDIT AND ACCOUNTABILITY
4.1.3.7 Ensure kernel module loading and unloading is collected - init_module 32 bit	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG	Unix	AUDIT AND ACCOUNTABILITY
4.1.3.7 Ensure kernel module loading and unloading is collected - init_module 64 bit	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG	Unix	AUDIT AND ACCOUNTABILITY
4.1.3.8 Ensure changes to system administration scope (sudoers) is collected - auditctl sudoers.d	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Workstation	Unix	AUDIT AND ACCOUNTABILITY
4.1.6 Ensure events that modify the system's network environment are collected - auditctl b64 sethostname	CIS SUSE Linux Enterprise Workstation 11 L2 v2.1.1	Unix	AUDIT AND ACCOUNTABILITY
4.1.14 Ensure file deletion events by users are collected - auditctl b32 unlink	CIS SUSE Linux Enterprise Server 11 L2 v2.1.1	Unix	AUDIT AND ACCOUNTABILITY
4.2.2.3 Ensure journald is configured to compress large log files	CIS Fedora 28 Family Linux Server L1 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
5.1.1.3 Ensure journald is configured to compress large log files	CIS Ubuntu Linux 20.04 LTS Workstation L1 v2.0.1	Unix	AUDIT AND ACCOUNTABILITY
5.1.2.3 Ensure journald is configured to compress large log files	CIS Oracle Linux 7 v4.0.0 L1 Server	Unix	AUDIT AND ACCOUNTABILITY
5.1.2.3 Ensure journald is configured to compress large log files	CIS AlmaLinux OS 8 Server L1 v3.0.0	Unix	AUDIT AND ACCOUNTABILITY
5.2 Ensure that audit filters are configured properly	CIS MongoDB 3.6 L1 Windows Audit v1.1.0	Windows	AUDIT AND ACCOUNTABILITY
5.3 Ensure that logging captures as much information as possible	CIS MongoDB 3.6 L1 Windows Audit v1.1.0	Windows	AUDIT AND ACCOUNTABILITY
6.1.2.3 Ensure journald Compress is configured	CIS Ubuntu Linux 24.04 LTS v1.0.0 L1 Workstation	Unix	AUDIT AND ACCOUNTABILITY

Detections

Analytics

Item Search