Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.3.2.1 (L1) Ensure 'Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BLWindows

AUDIT AND ACCOUNTABILITY

3.2.4 Ensure suspicious packets are logged - /etc/sysctl ipv4 all log_martiansCIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

3.2.4 Ensure suspicious packets are logged - sysctl ipv4 all log_martiansCIS SUSE Linux Enterprise Server 11 L1 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

3.2.4 Ensure suspicious packets are logged - sysctl ipv4 default log_martiansCIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

3.3.4 Ensure suspicious packets are loggedCIS SUSE Linux Enterprise 15 Server L1 v1.1.1Unix

AUDIT AND ACCOUNTABILITY

3.3.9 Ensure suspicious packets are loggedCIS Red Hat Enterprise Linux 9 v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

3.3.9 Ensure suspicious packets are loggedCIS Ubuntu Linux 24.04 LTS v1.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

3.3.9 Ensure suspicious packets are loggedCIS Ubuntu Linux 18.04 LTS v2.2.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

3.3.9 Ensure suspicious packets are loggedCIS Ubuntu Linux 18.04 LTS v2.2.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

3.3.9 Ensure suspicious packets are loggedCIS Ubuntu Linux 22.04 LTS v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

4.1.3.5 Ensure events that modify the system's network environment are collected - auditctl hostsCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

4.1.3.5 Ensure events that modify the system's network environment are collected - auditctl issueCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.1.3.5 Ensure events that modify the system's network environment are collected - auditctl networkCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.1.3.5 Ensure events that modify the system's network environment are collected - auditctl network-scriptsCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.1.3.5 Ensure events that modify the system's network environment are collected - auditctl sethostname (64-bit)CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.1.3.8 Ensure changes to system administration scope (sudoers) is collected - auditctl sudoers.dCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

4.1.5 Ensure events that modify the system's network environment are collectedCIS SUSE Linux Enterprise 12 v3.1.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.1.6 Ensure events that modify the system's network environment are collected - auditctl b64 sethostnameCIS SUSE Linux Enterprise Workstation 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.8 Ensure login and logout events are collected - auditctl faillogCIS SUSE Linux Enterprise Server 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.8 Ensure login and logout events are collected - auditctl lastlogCIS SUSE Linux Enterprise Workstation 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.8 Ensure login and logout events are collected - auditctl lastlogCIS SUSE Linux Enterprise Server 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.9 Ensure session initiation information is collected - btmpCIS SUSE Linux Enterprise Workstation 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.14 Ensure file deletion events by users are collected - auditctl b32 unlinkCIS SUSE Linux Enterprise Server 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

5.2 Ensure that audit filters are configured properlyCIS MongoDB 3.6 L1 Windows Audit v1.1.0Windows

AUDIT AND ACCOUNTABILITY

5.2.3.11 Ensure session initiation information is collectedCIS Red Hat Enterprise Linux 7 v4.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.3 Ensure that logging captures as much information as possibleCIS MongoDB 3.6 L1 Windows Audit v1.1.0Windows

AUDIT AND ACCOUNTABILITY

6.2.3.11 Ensure session initiation information is collectedCIS Ubuntu Linux 24.04 LTS v1.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

17.1.1 Ensure 'Audit Credential Validation' is set to 'Success and Failure'CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DCWindows

AUDIT AND ACCOUNTABILITY

17.2.5 (L1) Ensure 'Audit Security Group Management' is set to include 'Success'CIS Microsoft Windows Server 2022 v3.0.0 L1 Domain ControllerWindows

AUDIT AND ACCOUNTABILITY

17.5.1 Ensure 'Audit Account Lockout' is set to include 'Failure'CIS Microsoft Windows Server 2022 STIG v1.0.0 STIG DCWindows

AUDIT AND ACCOUNTABILITY

17.5.1 Ensure 'Audit Account Lockout' is set to include 'Failure'CIS Microsoft Windows Server 2022 STIG v1.0.0 STIG MSWindows

AUDIT AND ACCOUNTABILITY

17.5.1 Ensure 'Audit Account Lockout' is set to include 'Success and Failure' - FailureCIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DCWindows

AUDIT AND ACCOUNTABILITY

17.5.3 (L1) Ensure 'Audit Logoff' is set to include 'Success'CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

17.5.3 Ensure 'Audit Logoff' is set to include 'Success'CIS Microsoft Windows Server 2022 STIG v1.0.0 STIG MSWindows

AUDIT AND ACCOUNTABILITY

17.5.4 (L1) Ensure 'Audit Logon' is set to 'Success and Failure'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NGWindows

AUDIT AND ACCOUNTABILITY

17.5.4 Ensure 'Audit Logon' is set to 'Success and Failure'CIS Microsoft Windows Server 2022 STIG v1.0.0 STIG DCWindows

AUDIT AND ACCOUNTABILITY

17.5.5 (L1) Ensure 'Audit Other Logon/Logoff Events' is set to 'Success and Failure'CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

17.5.6 (L1) Ensure 'Audit Special Logon' is set to include 'Success'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NGWindows

AUDIT AND ACCOUNTABILITY

17.5.6 (L1) Ensure 'Audit Special Logon' is set to include 'Success'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 NGWindows

AUDIT AND ACCOUNTABILITY

17.5.6 (L1) Ensure 'Audit Special Logon' is set to include 'Success'CIS Microsoft Windows Server 2022 v3.0.0 L1 Member ServerWindows

AUDIT AND ACCOUNTABILITY

17.5.6 Ensure 'Audit Special Logon' is set to include 'Success'CIS Microsoft Windows Server 2022 STIG v1.0.0 L1 DCWindows

AUDIT AND ACCOUNTABILITY

17.6.1 (L1) Ensure 'Audit Detailed File Share' is set to include 'Failure'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NGWindows

AUDIT AND ACCOUNTABILITY

17.7.1 (L1) Ensure 'Audit Audit Policy Change' is set to include 'Success'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 NGWindows

AUDIT AND ACCOUNTABILITY

17.7.1 (L1) Ensure 'Audit Audit Policy Change' is set to include 'Success'CIS Microsoft Windows Server 2022 v3.0.0 L1 Domain ControllerWindows

AUDIT AND ACCOUNTABILITY

17.7.2 (L1) Ensure 'Audit Authentication Policy Change' is set to include 'Success'CIS Microsoft Windows Server 2022 v3.0.0 L1 Member ServerWindows

AUDIT AND ACCOUNTABILITY

17.7.2 (L1) Ensure 'Audit Authentication Policy Change' is set to include 'Success'CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

17.7.4 Ensure 'Audit Authorization Policy Change' is set to include 'Success'CIS Microsoft Windows Server 2022 STIG v1.0.0 L1 DCWindows

AUDIT AND ACCOUNTABILITY

17.7.4 Ensure 'Audit Authorization Policy Change' is set to include 'Success'CIS Microsoft Windows Server 2022 STIG v1.0.0 STIG DCWindows

AUDIT AND ACCOUNTABILITY

17.7.4 Ensure 'Audit Authorization Policy Change' is set to include 'Success'CIS Microsoft Windows Server 2022 STIG v1.0.0 STIG MSWindows

AUDIT AND ACCOUNTABILITY

17.7.5 (L1) Ensure 'Audit Other Policy Change Events' is set to include 'Failure'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NGWindows

AUDIT AND ACCOUNTABILITY