| 1.1.11 Ensure separate partition exists for /var/log/audit | CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| 1.1.11 Ensure separate partition exists for /var/log/audit | CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| 1.1.13 Ensure separate partition exists for /var/log/audit | CIS Amazon Linux 2 STIG v1.0.0 L2 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| 2.1.1 - Configuring syslog - local logging - '*.info;auth.none entry exists in /etc/syslog.conf' | CIS AIX 5.3/6.1 L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 2.1.1 - Configuring syslog - local logging - 'auth.info entry exists in /etc/syslog.conf' | CIS AIX 5.3/6.1 L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 2.1.2 - Configuring syslog - remote logging - '*.info;auth.none remote entry exists in /etc/syslog.conf' | CIS AIX 5.3/6.1 L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 2.1.2 - Configuring syslog - remote logging - 'auth.info remote entry exists in /etc/syslog.conf' | CIS AIX 5.3/6.1 L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 2.1.3 - Configuring syslog - remote messages | CIS AIX 5.3/6.1 L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.1.5 Secure default database location - 'DFTDBPATH value' | CIS IBM DB2 OS L2 v1.2.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.1.8 Secure all diagnostic logs - 'diagpath location' | CIS IBM DB2 OS L1 v1.2.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.1.18 Secure permissions for the secondary archive log location - LOGARCHMETH2 OS Permissions | CIS IBM DB2 v10 v1.1.0 Windows OS Level 1 | Windows | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| 4.2.1.3 Ensure rsyslog default file permissions configured - rsyslog.conf/rsyslog.d | CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.4 Ensure rsyslog is configured to send logs to a remote log host - rsyslog.conf | CIS Amazon Linux v2.1.0 L1 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.2.1 Ensure journald is configured to send logs to rsyslog | CIS Debian Family Server L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.2.1 Ensure journald is configured to send logs to rsyslog | CIS Debian Family Workstation L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.2.1 Ensure journald is configured to send logs to rsyslog | CIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.2.1 Ensure journald is configured to send logs to rsyslog | CIS Distribution Independent Linux Workstation L1 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.2.1 Ensure journald is configured to send logs to rsyslog | CIS Distribution Independent Linux Server L1 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.2.3 Ensure syslog-ng default file permissions configured | CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.2.4 Ensure syslog-ng is configured to send logs to a remote log host - log src | CIS Amazon Linux v2.1.0 L1 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.2.5 Ensure remote syslog-ng messages are only accepted on designated log hosts | CIS Amazon Linux v2.1.0 L1 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.5 Configure newsyslog for secure file permissions (/var/log/amd.log) | CIS FreeBSD v1.0.5 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.5 Configure newsyslog for secure file permissions (/var/log/daily.log) | CIS FreeBSD v1.0.5 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.5 Configure newsyslog for secure file permissions (/var/log/lpd-errs) | CIS FreeBSD v1.0.5 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.5 Configure newsyslog for secure file permissions (/var/log/maillog) | CIS FreeBSD v1.0.5 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.5 Configure newsyslog for secure file permissions (/var/log/messages) | CIS FreeBSD v1.0.5 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.5 Configure newsyslog for secure file permissions (/var/log/monthly.log) | CIS FreeBSD v1.0.5 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.5 Configure newsyslog for secure file permissions (/var/log/ppp.log) | CIS FreeBSD v1.0.5 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.5 Configure newsyslog for secure file permissions (/var/log/sendmail.st) | CIS FreeBSD v1.0.5 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.5 Configure newsyslog for secure file permissions (/var/log/slip.log) | CIS FreeBSD v1.0.5 | Unix | AUDIT AND ACCOUNTABILITY |
| 6.1.1 Audit system file permissions | CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 7.5 Prevent Syslog from accepting messages from network. Check if 'LOG_FROM_REMOTE' is set to NO in file /etc/default/syslogd | CIS Solaris 9 v1.3 | Unix | AUDIT AND ACCOUNTABILITY |
| 18.9.81.2.1 Ensure 'Configure Default consent' is set to 'Enabled: Always ask before sending data' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Ensure remote syslog-ng messages are only accepted on designated log hosts | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY |
| Ensure rsyslog default file permissions configured | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY |
| Ensure rsyslog is configured to send logs to a remote log host | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY |
| Ensure separate partition exists for /var/log | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| Ensure separate partition exists for /var/log/audit | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| ESXi : enable-remote-syslog | VMWare vSphere 5.X Hardening Guide | VMware | AUDIT AND ACCOUNTABILITY |
| Monterey - Configure Audit Log Files to be Owned by Root | NIST macOS Monterey v1.0.0 - 800-53r5 Low | Unix | AUDIT AND ACCOUNTABILITY |
| Monterey - Configure Audit Log Files to be Owned by Root | NIST macOS Monterey v1.0.0 - All Profiles | Unix | AUDIT AND ACCOUNTABILITY |
| Monterey - Configure Audit Log Files to Mode 440 or Less Permissive | NIST macOS Monterey v1.0.0 - 800-171 | Unix | AUDIT AND ACCOUNTABILITY |
| Monterey - Configure Audit Log Files to Mode 440 or Less Permissive | NIST macOS Monterey v1.0.0 - 800-53r4 Moderate | Unix | AUDIT AND ACCOUNTABILITY |
| Monterey - Configure Audit Log Files to Mode 440 or Less Permissive | NIST macOS Monterey v1.0.0 - 800-53r5 Low | Unix | AUDIT AND ACCOUNTABILITY |
| Monterey - Configure Audit Log Folder to Not Contain Access Control Lists | NIST macOS Monterey v1.0.0 - 800-171 | Unix | AUDIT AND ACCOUNTABILITY |
| Monterey - Configure Audit Log Folder to Not Contain Access Control Lists | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | AUDIT AND ACCOUNTABILITY |
| Monterey - Configure Audit Log Folders Group to Wheel | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | AUDIT AND ACCOUNTABILITY |
| Monterey - Configure Audit Log Folders Group to Wheel | NIST macOS Monterey v1.0.0 - All Profiles | Unix | AUDIT AND ACCOUNTABILITY |
| Monterey - Configure Audit Log Folders to be Owned by Root | NIST macOS Monterey v1.0.0 - 800-171 | Unix | AUDIT AND ACCOUNTABILITY |
| Monterey - Configure Audit Log Folders to be Owned by Root | NIST macOS Monterey v1.0.0 - 800-53r5 Low | Unix | AUDIT AND ACCOUNTABILITY |
