Item Search

Name	Audit Name	Plugin	Category
/etc/audit/rules.d/*.rules	CIS Amazon Linux 2 v3.0.0 L2	Unix
/etc/audit/rules.d/*.rules b64	CIS Amazon Linux 2 v3.0.0 L2	Unix
/etc/default/grub	CIS Amazon Linux 2 v3.0.0 L2	Unix
/etc/hosts	CIS Amazon Linux 2 v3.0.0 L2	Unix
/usr/bin/kmod	CIS Amazon Linux 2 v3.0.0 L2	Unix
1.1.2.7.1 Ensure separate partition exists for /var/log/audit	CIS Amazon Linux 2 v3.0.0 L2	Unix	AUDIT AND ACCOUNTABILITY
2.3.2 Ensure ldap client is not installed	CIS Amazon Linux 2 v3.0.0 L2	Unix	CONFIGURATION MANAGEMENT
3.2.3 Ensure rds kernel module is not available	CIS Amazon Linux 2 v3.0.0 L2	Unix	CONFIGURATION MANAGEMENT
4.1.6 Ensure events that modify the system's network environment are collected - sethostname (64-bit)	CIS Aliyun Linux 2 L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.8 Ensure login and logout events are collected - /var/log/faillog	CIS Aliyun Linux 2 L2 v1.0.0	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.9 Ensure session initiation information is collected - /var/log/btmp	CIS Aliyun Linux 2 L2 v1.0.0	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.1.9 Ensure session initiation information is collected - auditctl /var/log/wtmp	CIS Aliyun Linux 2 L2 v1.0.0	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.3.4 Ensure users must provide password for escalation	CIS Amazon Linux 2 v3.0.0 L2	Unix	ACCESS CONTROL
5.2.1.2 Ensure auditing for processes that start prior to auditd is enabled	CIS Amazon Linux 2 v3.0.0 L2	Unix	AUDIT AND ACCOUNTABILITY
5.2.2.4 Ensure system warns when audit logs are low on space	CIS Amazon Linux 2 v3.0.0 L2	Unix	AUDIT AND ACCOUNTABILITY
5.2.3.3 Ensure events that modify the sudo log file are collected	CIS Amazon Linux 2 v3.0.0 L2	Unix	AUDIT AND ACCOUNTABILITY
5.2.3.6 Ensure use of privileged commands are collected	CIS Amazon Linux 2 v3.0.0 L2	Unix	AUDIT AND ACCOUNTABILITY
5.2.3.7 Ensure unsuccessful file access attempts are collected	CIS Amazon Linux 2 v3.0.0 L2	Unix	AUDIT AND ACCOUNTABILITY
5.2.3.9 Ensure discretionary access control permission modification events are collected	CIS Amazon Linux 2 v3.0.0 L2	Unix	AUDIT AND ACCOUNTABILITY
5.2.3.13 Ensure file deletion events by users are collected	CIS Amazon Linux 2 v3.0.0 L2	Unix	AUDIT AND ACCOUNTABILITY
5.2.3.21 Ensure the running and on disk configuration is the same	CIS Amazon Linux 2 v3.0.0 L2	Unix	AUDIT AND ACCOUNTABILITY
5.2.4.3 Ensure only authorized users own audit log files	CIS Amazon Linux 2 v3.0.0 L2	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.2.4.7 Ensure audit configuration files belong to group root	CIS Amazon Linux 2 v3.0.0 L2	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.2.4.9 Ensure audit tools are owned by root	CIS Amazon Linux 2 v3.0.0 L2	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.4.5 Ensure default user shell timeout is 900 seconds or less - /etc/bashrc	CIS Aliyun Linux 2 L2 v1.0.0	Unix	ACCESS CONTROL
6.1.1 Audit system file permissions	CIS Aliyun Linux 2 L2 v1.0.0	Unix	ACCESS CONTROL
audit-libs installed	CIS Amazon Linux 2 v3.0.0 L2	Unix
auditctl /etc/issue.net	CIS Amazon Linux 2 v3.0.0 L2	Unix
auditctl /etc/sudoers.d	CIS Amazon Linux 2 v3.0.0 L2	Unix
auditctl b32 fchmodat	CIS Amazon Linux 2 v3.0.0 L2	Unix
auditctl b32 lremovexattr	CIS Amazon Linux 2 v3.0.0 L2	Unix
auditctl b32 sethostname	CIS Amazon Linux 2 v3.0.0 L2	Unix
auditctl b64 chmod	CIS Amazon Linux 2 v3.0.0 L2	Unix
auditctl b64 EACCES	CIS Amazon Linux 2 v3.0.0 L2	Unix
auditctl b64 fsetxattr	CIS Amazon Linux 2 v3.0.0 L2	Unix
auditctl btmp	CIS Amazon Linux 2 v3.0.0 L2	Unix
auditctl create_module b64	CIS Amazon Linux 2 v3.0.0 L2	Unix
auditctl lastlog	CIS Amazon Linux 2 v3.0.0 L2	Unix
auditctl query_module b64	CIS Amazon Linux 2 v3.0.0 L2	Unix
auditctl sudo log	CIS Amazon Linux 2 v3.0.0 L2	Unix
b32	CIS Amazon Linux 2 v3.0.0 L2	Unix
b32 chmod	CIS Amazon Linux 2 v3.0.0 L2	Unix
b32 unlink	CIS Amazon Linux 2 v3.0.0 L2	Unix
b64 fchmodat	CIS Amazon Linux 2 v3.0.0 L2	Unix
b64 lchown	CIS Amazon Linux 2 v3.0.0 L2	Unix
b64 unlink	CIS Amazon Linux 2 v3.0.0 L2	Unix
btmp	CIS Amazon Linux 2 v3.0.0 L2	Unix
finit_module b64	CIS Amazon Linux 2 v3.0.0 L2	Unix
Per repository configuration	CIS Amazon Linux 2 v3.0.0 L2	Unix
Verify if the audit log files are owned by the root or adm group	CIS Amazon Linux 2 v3.0.0 L2	Unix

Detections

Analytics

Item Search