Item Search

NameAudit NamePluginCategory
4.1.4.1 Ensure Audit logs are owned by root and mode 0600 or less permissiveCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY

AIX7-00-002070 - AIX log files must be owned by a system account.DISA STIG AIX 7.x v3r1Unix

SYSTEM AND INFORMATION INTEGRITY

AIX7-00-003006 - AIX log files must have mode 0640 or less permissive.DISA STIG AIX 7.x v3r1Unix

SYSTEM AND INFORMATION INTEGRITY

AIX7-00-003007 - AIX log files must not have extended ACLs, except as needed to support authorized software.DISA STIG AIX 7.x v3r1Unix

SYSTEM AND INFORMATION INTEGRITY

AOSX-14-000030 - The macOS system must be configured so that log files must not contain access control lists (ACLs).DISA STIG Apple Mac OSX 10.14 v2r6Unix

AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY

AOSX-14-004002 - The macOS system must be configured with system log files set to mode 640 or less permissive - NewsyslogDISA STIG Apple Mac OSX 10.14 v2r6Unix

SYSTEM AND INFORMATION INTEGRITY

AOSX-15-000030 - The macOS system must be configured so that log files must not contain access control lists (ACLs).DISA STIG Apple Mac OSX 10.15 v1r10Unix

AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY

DKER-EE-001170 - A policy set using the built-in role-based access control (RBAC) capabilities in the Universal Control Plane (UCP) component of Docker Enterprise must be configured.DISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r2Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

DKER-EE-001180 - A policy set using the built-in role-based access control (RBAC) capabilities in the Docker Trusted Registry (DTR) component of Docker Enterprise must be set - repositoryAccessDISA STIG Docker Enterprise 2.x Linux/Unix DTR v2r2Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

DKER-EE-001180 - A policy set using the built-in role-based access control (RBAC) capabilities in the Docker Trusted Registry (DTR) component of Docker Enterprise must be set - team member accessDISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r2Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

EP11-00-006600 - The EDB Postgres Advanced Server must reveal detailed error messages only to the ISSO, ISSM, SA, and DBA.EDB PostgreSQL Advanced Server v11 DB Audit v2r4PostgreSQLDB

SYSTEM AND INFORMATION INTEGRITY

F5BI-DM-000151 - The application must be configured to reveal error messages only to authorized individuals (ISSO, ISSM, and SA).DISA F5 BIG-IP Device Management STIG v2r3F5

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

JUSX-DM-000022 - The Juniper SRX Services Gateway must generate alerts to the management console and generate a log record that can be forwarded to the ISSO and designated system administrators when the local accounts (i.e., the account of last resort or root account) are deleted.DISA Juniper SRX Services Gateway NDM v3r2Juniper

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

O121-C2-020000 - The DBMS must restrict error messages so only authorized personnel may view them.DISA STIG Oracle 12c v3r1 DatabaseOracleDB

SYSTEM AND INFORMATION INTEGRITY

OL6-00-000133 - All rsyslog-generated log files must be owned by root.DISA STIG Oracle Linux 6 v2r7Unix

SYSTEM AND INFORMATION INTEGRITY

OL07-00-910055 - The Oracle Linux operating system must protect audit information from unauthorized read, modification, or deletion.DISA Oracle Linux 7 STIG v2r14Unix

AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY

PANW-AG-000127 - The Palo Alto Networks security platform must block traceroutes and ICMP probes originating from untrusted networks (e.g., ISP and other non-DoD networks).DISA STIG Palo Alto ALG v3r1Palo_Alto

SYSTEM AND INFORMATION INTEGRITY

PANW-NM-000075 - Administrators in the role of Security Administrator, Cryptographic Administrator, or Audit Administrator must not also have the role of Audit Administrator.DISA STIG Palo Alto NDM v3r1Palo_Alto

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

PGS9-00-002500 - PostgreSQL must reveal detailed error messages only to the ISSO, ISSM, SA and DBA.DISA STIG PostgreSQL 9.x on RHEL OS v2r5Unix

SYSTEM AND INFORMATION INTEGRITY

RHEL-06-000135 - All rsyslog-generated log files must have mode 0600 or less permissive.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

SYSTEM AND INFORMATION INTEGRITY

RHEL-07-910055 - The Red Hat Enterprise Linux operating system must protect audit information from unauthorized read, modification, or deletion.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY

RHEL-09-653080 - RHEL 9 audit logs must be group-owned by root or by a restricted logging group to prevent unauthorized read access.DISA Red Hat Enterprise Linux 9 STIG v2r2Unix

AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY

RHEL-09-653085 - RHEL 9 audit log directory must be owned by root to prevent unauthorized read access.DISA Red Hat Enterprise Linux 9 STIG v2r2Unix

AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY

RHEL-09-653090 - RHEL 9 audit logs file must have mode 0600 or less permissive to prevent unauthorized access to the audit log.DISA Red Hat Enterprise Linux 9 STIG v2r2Unix

AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY

TCAT-AS-000930 - Default error pages for manager application must be customized.DISA STIG Apache Tomcat Application Server 9 v3r1 MiddlewareUnix

SYSTEM AND INFORMATION INTEGRITY

TCAT-AS-000940 - ErrorReportValve showReport must be set to false.DISA STIG Apache Tomcat Application Server 9 v3r1 MiddlewareUnix

SYSTEM AND INFORMATION INTEGRITY

UBTU-16-020090 - Audit logs must have a mode of 0600 or less permissive to prevent unauthorized read access.DISA STIG Ubuntu 16.04 LTS v2r3Unix

AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY

UBTU-16-020120 - Audit logs must be group-owned by root to prevent unauthorized read access.DISA STIG Ubuntu 16.04 LTS v2r3Unix

AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY

UBTU-18-010123 - The Ubuntu operating system must configure the /var/log directory to be owned by root.DISA STIG Ubuntu 18.04 LTS v2r15Unix

SYSTEM AND INFORMATION INTEGRITY

UBTU-18-010124 - The Ubuntu operating system must configure the /var/log directory to have mode 0755 or less permissive.DISA STIG Ubuntu 18.04 LTS v2r15Unix

SYSTEM AND INFORMATION INTEGRITY

UBTU-18-010127 - The Ubuntu operating system must configure /var/log/syslog file with mode 0640 or less permissive.DISA STIG Ubuntu 18.04 LTS v2r15Unix

SYSTEM AND INFORMATION INTEGRITY

WBSP-AS-000070 - The WebSphere Application Server security auditing must be enabled.DISA IBM WebSphere Traditional 9 STIG v1r1Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY

WBSP-AS-000070 - The WebSphere Application Server security auditing must be enabled.DISA IBM WebSphere Traditional 9 Windows STIG v1r1Windows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY

WBSP-AS-000070 - The WebSphere Application Server security auditing must be enabled.DISA IBM WebSphere Traditional 9 STIG v1r1 MiddlewareUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY