Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.5 Ensure That the Log Metric Filter and Alerts Exist for Audit Configuration ChangesCIS Google Cloud Platform v3.0.0 L1GCP

AUDIT AND ACCOUNTABILITY

2.9 (L1) Host must not suppress warnings about unmitigated hyperthreading vulnerabilitiesCIS VMware ESXi 8.0 v1.1.0 L1VMware

AUDIT AND ACCOUNTABILITY

2.9 Ensure That the Log Metric Filter and Alerts Exist for VPC Network ChangesCIS Google Cloud Platform v3.0.0 L2GCP

AUDIT AND ACCOUNTABILITY

2.14 Ensure 'Access Transparency' is 'Enabled'CIS Google Cloud Platform v3.0.0 L2GCP

AUDIT AND ACCOUNTABILITY

3.1 Ensure Security Auditing Is EnabledCIS Apple macOS 12.0 Monterey Cloud-tailored v1.0.0 L1Unix

AUDIT AND ACCOUNTABILITY

3.1 Ensure Security Auditing Is EnabledCIS Apple macOS 13.0 Ventura v2.1.0 L1Unix

AUDIT AND ACCOUNTABILITY

3.1 Ensure Security Auditing Is EnabledCIS Apple macOS 14.0 Sonoma v1.1.0 L1Unix

AUDIT AND ACCOUNTABILITY

3.1.4 Ensure the log file destination directory is set correctlyCIS PostgreSQL 12 DB v1.1.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

4.1 (L1) Host must configure a persistent log location for all locally stored system logsCIS VMware ESXi 8.0 v1.1.0 L1VMware

AUDIT AND ACCOUNTABILITY

4.1.3.3 Ensure session initiation information is collected - auditctl utmpCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

4.1.3.3 Ensure session initiation information is collected - utmpCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.1.3.8 Ensure changes to system administration scope (sudoers) is collected - auditctl sudoersCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.1.3.12 Ensure login and logout events are collectedCIS Fedora 28 Family Linux Server L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.3.13 Ensure login and logout events are collected - /var/log/lastlogCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

4.1.8 Ensure session initiation information is collectedCIS SUSE Linux Enterprise 15 Server L2 v1.1.1Unix

AUDIT AND ACCOUNTABILITY

4.1.16 Ensure system administrator actions (sudolog) are collected - /var/log/sudo.logCIS Debian 8 Workstation L2 v2.0.2Unix

AUDIT AND ACCOUNTABILITY

5.1.5 Ensure SSH LogLevel is appropriateCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

5.2.1.1 Ensure audit is installedCIS Amazon Linux 2 v3.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

5.2.1.1 Ensure auditd is installedCIS Amazon Linux 2023 Server L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

5.2.3.12 Ensure login and logout events are collectedCIS Amazon Linux 2 v3.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

5.2.3.12 Ensure login and logout events are collectedCIS Debian 10 Workstation L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

5.2.3.12 Ensure login and logout events are collectedCIS Red Hat Enterprise Linux 7 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

5.2.3.12 Ensure login and logout events are collectedCIS Oracle Linux 8 Server L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

5.2.3.12 Ensure login and logout events are collectedCIS Ubuntu Linux 20.04 LTS Workstation L2 v2.0.1Unix

AUDIT AND ACCOUNTABILITY

5.2.3.12 Ensure login and logout events are collectedCIS Ubuntu Linux 18.04 LTS v2.2.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

5.3 (L1) Ensure 'Account Logon Logoff Audit Group Membership' is set to include 'Success'CIS Microsoft Intune for Windows 11 v3.0.1 L1Windows

AUDIT AND ACCOUNTABILITY

6.1.5 Ensure the 'DATABASE LINK' Audit Option Is EnabledCIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

AUDIT AND ACCOUNTABILITY

6.1.9 Ensure the 'DIRECTORY' Audit Option Is EnabledCIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

AUDIT AND ACCOUNTABILITY

6.2.2 Ensure the 'ALTER USER' Action Audit Is EnabledCIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

AUDIT AND ACCOUNTABILITY

6.2.3.12 Ensure login and logout events are collectedCIS Debian Linux 12 v1.1.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.3.12 Ensure login and logout events are collectedCIS Ubuntu Linux 24.04 LTS v1.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.6 Ensure the 'DROP ROLE' Action Audit Is EnabledCIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

AUDIT AND ACCOUNTABILITY

6.2.8 Ensure the 'REVOKE' Action Audit Is EnabledCIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

AUDIT AND ACCOUNTABILITY

6.2.12 Ensure the 'CREATE DATABASE LINK' Action Audit Is EnabledCIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

AUDIT AND ACCOUNTABILITY

6.2.15 Ensure the 'CREATE SYNONYM' Action Audit Is EnabledCIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

AUDIT AND ACCOUNTABILITY

6.2.17 Ensure the 'DROP SYNONYM' Action Audit Is EnabledCIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

AUDIT AND ACCOUNTABILITY

6.2.27 Ensure the 'LOGON' AND 'LOGOFF' Actions Audit Is EnabledCIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

AUDIT AND ACCOUNTABILITY

6.3.3.12 Ensure login and logout events are collectedCIS Rocky Linux 9 v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

17.5.2 (L1) Ensure 'Audit Group Membership' is set to include 'Success'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BLWindows

AUDIT AND ACCOUNTABILITY

17.5.2 (L1) Ensure 'Audit Group Membership' is set to include 'Success'CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

17.5.2 (L1) Ensure 'Audit Group Membership' is set to include 'Success'CIS Microsoft Windows 10 Enterprise v3.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

17.5.2 (L1) Ensure 'Audit Group Membership' is set to include 'Success'CIS Microsoft Windows 11 Enterprise v3.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

MYS8-00-000800 - The MySQL Database Server 8.0 must include additional, more detailed, organizationally defined information in the audit records for audit events identified by type, location, or subject.DISA Oracle MySQL 8.0 v2r2 DBMySQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-012400 - SQL Server must include organization-defined additional, more detailed information in the audit records for audit events identified by type, location, or subject - 'Event ID 14'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-012400 - SQL Server must include organization-defined additional, more detailed information in the audit records for audit events identified by type, location, or subject - 'Event ID 20'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-012400 - SQL Server must include organization-defined additional, more detailed information in the audit records for audit events identified by type, location, or subject - 'Event ID 104'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-012400 - SQL Server must include organization-defined additional, more detailed information in the audit records for audit events identified by type, location, or subject - 'Event ID 108'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-012400 - SQL Server must include organization-defined additional, more detailed information in the audit records for audit events identified by type, location, or subject - 'Event ID 131'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL2-00-012400 - SQL Server must include organization-defined additional, more detailed information in the audit records for audit events identified by type, location, or subject - 'Event ID 176'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

AUDIT AND ACCOUNTABILITY

WN11-CC-000066 - Command line data must be included in process creation events.DISA Windows 11 STIG v2r2Windows

AUDIT AND ACCOUNTABILITY