Item Search

NameAudit NamePluginCategory
1.3.1 Ensure AIDE is installedCIS Amazon Linux 2 STIG v1.0.0 L1Unix

AUDIT AND ACCOUNTABILITY

1.3.1 Ensure AIDE is installedCIS Amazon Linux v2.1.0 L1Unix

AUDIT AND ACCOUNTABILITY

1.3.2 Ensure filesystem integrity is regularly checkedCIS Debian 9 Server L1 v1.0.1Unix

AUDIT AND ACCOUNTABILITY

1.3.2 Ensure filesystem integrity is regularly checkedCIS Debian 9 Workstation L1 v1.0.1Unix

AUDIT AND ACCOUNTABILITY

1.5.3 Ensure prelink is disabledCIS Amazon Linux 2 STIG v1.0.0 L1Unix

AUDIT AND ACCOUNTABILITY

1.5.4 Ensure prelink is disabledCIS Debian 9 Server L1 v1.0.1Unix

AUDIT AND ACCOUNTABILITY

2.2.1 (L1) Ensure 'Access Credential Manager as a trusted caller' is set to 'No One'CIS Windows Server 2012 DC L1 v3.0.0Windows

AUDIT AND ACCOUNTABILITY

2.3.11.11 (L1) Ensure 'Network security: Restrict NTLM: Audit Incoming NTLM Traffic' is set to 'Enable auditing for all accounts'CIS Microsoft Windows Server 2022 v3.0.0 L1 Member ServerWindows

AUDIT AND ACCOUNTABILITY

2.3.11.13 (L1) Ensure 'Network security: Restrict NTLM: Outgoing NTLM traffic to remote servers' is set to 'Audit all' or higherCIS Microsoft Windows Server 2022 v3.0.0 L1 Domain ControllerWindows

AUDIT AND ACCOUNTABILITY

2.3.11.13 (L1) Ensure 'Network security: Restrict NTLM: Outgoing NTLM traffic to remote servers' is set to 'Audit all' or higherCIS Microsoft Windows Server 2022 v3.0.0 L1 Member ServerWindows

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify user/group information are collected - auditctl /etc/groupCIS Oracle Linux 6 Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify user/group information are collected - auditctl /etc/groupCIS Red Hat 6 Server L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify user/group information are collected - auditctl /etc/security/opasswdCIS Oracle Linux 6 Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify user/group information are collected - auditctl /etc/shadowCIS Red Hat 6 Server L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify user/group information are collected - auditctl /etc/shadowCIS Red Hat 6 Workstation L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify user/group information are collected - rules.d /etc/groupCIS Red Hat 6 Server L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify user/group information are collected - rules.d /etc/groupCIS CentOS 6 Server L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify user/group information are collected - rules.d /etc/security/opasswdCIS Red Hat 6 Workstation L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - auditctl b32 EACCESCIS Fedora 19 Family Linux Workstation L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EACCES 32-bitCIS CentOS 6 Workstation L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EACCES 64-bitCIS CentOS 6 Workstation L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EPERM 32-bitCIS Red Hat 6 Server L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EPERM 64-bitCIS Red Hat 6 Server L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EPERM 64-bitCIS CentOS 6 Server L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - b64 EACCESCIS Fedora 19 Family Linux Server L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - b64 EPERMCIS Fedora 19 Family Linux Server L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - rules.d EACCES 32-bitCIS Red Hat 6 Server L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - rules.d EACCES 32-bitCIS CentOS 6 Workstation L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - rules.d EACCES 64-bitCIS Red Hat 6 Workstation L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - rules.d EACCES 64-bitCIS CentOS 6 Workstation L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - EACCES x64CIS Debian 9 Server L2 v1.0.1Unix

AUDIT AND ACCOUNTABILITY

4.1.14 Ensure changes to system administration scope (sudoers) is collected - auditctl /etc/sudoersCIS Red Hat 6 Server L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.14 Ensure changes to system administration scope (sudoers) is collected - auditctl /etc/sudoersCIS Red Hat 6 Workstation L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.14 Ensure changes to system administration scope (sudoers) is collected - auditctl /etc/sudoers.dCIS Fedora 19 Family Linux Server L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.14 Ensure changes to system administration scope (sudoers) is collected - auditctl /etc/sudoers.d/CIS Red Hat 6 Workstation L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.14 Ensure changes to system administration scope (sudoers) is collected - auditctl /etc/sudoers.d/CIS CentOS 6 Workstation L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.15 Ensure system administrator command executions (sudo) are collected - auditctl 32-bitCIS Oracle Linux 6 Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.15 Ensure system administrator command executions (sudo) are collected - auditctl 64-bitCIS Oracle Linux 6 Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.15 Ensure system administrator command executions (sudo) are collected - auditctl 64-bitCIS Red Hat 6 Workstation L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.15 Ensure system administrator command executions (sudo) are collected - rules.d 32-bitCIS Red Hat 6 Workstation L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.15 Ensure system administrator command executions (sudo) are collected - rules.d 32-bitCIS CentOS 6 Workstation L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.15 Ensure system administrator command executions (sudo) are collected - rules.d 64-bitCIS Red Hat 6 Server L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.15 Ensure system administrator command executions (sudo) are collected - rules.d 64-bitCIS CentOS 6 Server L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.17 Ensure kernel module loading and unloading is collected - auditctl init_moduleCIS SUSE Linux Enterprise Workstation 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.17 Ensure kernel module loading and unloading is collected - auditctl insmodCIS SUSE Linux Enterprise Workstation 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.17 Ensure kernel module loading and unloading is collected - modprobeCIS SUSE Linux Enterprise Server 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.17 Ensure kernel module loading and unloading is collected - rmmodCIS SUSE Linux Enterprise Server 11 L2 v2.1.1Unix

AUDIT AND ACCOUNTABILITY

6.1.4 Ensure 'AuditBypassEnabled' is not enabled on mailboxesCIS Microsoft 365 Foundations E3 L1 v3.1.0microsoft_azure

AUDIT AND ACCOUNTABILITY

6.5 Ensure Audit Filters Capture Connection Attempts - audit_log_userCIS MySQL 5.7 Enterprise Database L1 v2.0.0MySQLDB

AUDIT AND ACCOUNTABILITY

6.5 Ensure Audit Filters Capture Connection Attempts - Legacy Audit ModeCIS MySQL 5.7 Enterprise Database L1 v2.0.0MySQLDB

AUDIT AND ACCOUNTABILITY