Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.3 Ensure the logging level is set to 'info'CIS Docker v1.8.0 L1 OS LinuxUnix

AUDIT AND ACCOUNTABILITY

2.3.2.1 (L1) Ensure 'Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings' is set to 'Enabled'CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

2.3.2.1 (L1) Ensure 'Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings' is set to 'Enabled'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

AUDIT AND ACCOUNTABILITY

2.3.2.1 (L1) Ensure 'Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BLWindows

AUDIT AND ACCOUNTABILITY

2.3.2.1 (L1) Ensure 'Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NGWindows

AUDIT AND ACCOUNTABILITY

2.3.2.1 (L1) Ensure 'Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings' is set to 'Enabled'CIS Microsoft Windows Server 2019 v4.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

2.3.2.1 (L1) Ensure 'Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings' is set to 'Enabled'CIS Microsoft Windows Server 2025 Stand-alone v1.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

2.3.2.1 Ensure 'Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings' is set to 'Enabled'CIS Microsoft Windows Server 2022 v5.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

3.2.4 Ensure suspicious packets are logged - /etc/sysctl ipv4 default log_martiansCIS SUSE Linux Enterprise Server 11 L1 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

3.2.4 Ensure suspicious packets are logged - sysctl ipv4 all log_martiansCIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

3.2.4 Ensure suspicious packets are logged - sysctl ipv4 default log_martiansCIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

3.3.4 Ensure suspicious packets are loggedCIS Amazon Linux 2023 v1.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

3.3.4 Ensure suspicious packets are loggedCIS CentOS Linux 8 Server L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

3.3.4 Ensure suspicious packets are loggedCIS SUSE Linux Enterprise 12 v3.2.1 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

3.3.5 Ensure suspicious packets are loggedCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

3.3.9 Ensure suspicious packets are loggedCIS AlmaLinux OS 9 v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

3.3.9 Ensure suspicious packets are loggedCIS Oracle Linux 9 v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

3.3.9 Ensure suspicious packets are loggedCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

3.3.9 Ensure suspicious packets are loggedCIS Red Hat Enterprise Linux 9 v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

3.3.9 Ensure suspicious packets are loggedCIS Rocky Linux 9 v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

4.1.3.5 Ensure events that modify the system's network environment are collected - /etc/hostsCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.1.3.5 Ensure events that modify the system's network environment are collected - /etc/hostsCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

4.1.3.5 Ensure events that modify the system's network environment are collected - /etc/sysconfig/network-scriptsCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

4.1.3.5 Ensure events that modify the system's network environment are collected - auditctl hostsCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.1.3.5 Ensure events that modify the system's network environment are collected - auditctl networkCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.1.3.5 Ensure events that modify the system's network environment are collected - auditctl networkCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

4.1.3.5 Ensure events that modify the system's network environment are collected - auditctl network-scriptsCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.1.3.5 Ensure events that modify the system's network environment are collected - auditctl sethostname (64-bit)CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

4.1.3.5 Ensure events that modify the system's network environment are collected - sethostname (32-bit)CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.1.6 Ensure events that modify the system's network environment are collected - /etc/issueCIS SUSE Linux Enterprise Server 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.6 Ensure events that modify the system's network environment are collected - /etc/issueCIS SUSE Linux Enterprise Workstation 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.6 Ensure events that modify the system's network environment are collected - /etc/issue.netCIS SUSE Linux Enterprise Workstation 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.6 Ensure events that modify the system's network environment are collected - auditctl /etc/issue.netCIS SUSE Linux Enterprise Server 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.6 Ensure events that modify the system's network environment are collected - auditctl b32 sethostnameCIS SUSE Linux Enterprise Server 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.13 Ensure file deletion events by users are collectedCIS SUSE Linux Enterprise 12 v3.2.1 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.1.14 Ensure file deletion events by users are collected - b32 unlinkCIS SUSE Linux Enterprise Server 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

5.2 Ensure that audit filters are configured properlyCIS MongoDB 3.6 L1 Unix Audit v1.1.0Unix

AUDIT AND ACCOUNTABILITY

6.1.1.1.5 Ensure journald Storage is configuredCIS Debian Linux 13 v1.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.1.2.6 Ensure rsyslog is configured to send logs to a remote log hostCIS Debian Linux 13 v1.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.1.3.1 Ensure rsyslog is installedCIS Debian Linux 12 v1.1.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.1.2 Ensure auditd service is enabled and activeCIS Debian Linux 12 v1.1.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY

6.2.1.2 Ensure auditd service is enabled and activeCIS Ubuntu Linux 24.04 LTS v1.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY

6.2.1.4 Ensure audit_backlog_limit is configuredCIS Debian Linux 13 v1.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.1.4 Ensure audit_backlog_limit is configuredCIS Debian Linux 13 v1.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.1.4 Ensure audit_backlog_limit is sufficientCIS Debian Linux 12 v1.1.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.3.20 Ensure the audit configuration is loaded regardless of errorsCIS Red Hat Enterprise Linux 8 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.3.20 Ensure the audit configuration is loaded regardless of errorsCIS Rocky Linux 8 v3.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.3.35 Ensure the audit configuration is loaded regardless of errorsCIS Oracle Linux 10 v1.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

9.1.7 (L1) Ensure 'Windows Firewall: Domain: Logging: Log dropped packets' is set to 'Yes'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

AUDIT AND ACCOUNTABILITY

9.3.10 (L1) Ensure 'Windows Firewall: Public: Logging: Log successful connections' is set to 'Yes'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

AUDIT AND ACCOUNTABILITY