Item Search

Name	Audit Name	Plugin	Category
1.2.20 Ensure that the --audit-log-path argument is set	CIS RedHat OpenShift Container Platform v1.6.0 L1	OpenShift	AUDIT AND ACCOUNTABILITY
2.3.2.1 (L1) Ensure 'Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings' is set to 'Enabled'	CIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L1 MS	Windows	AUDIT AND ACCOUNTABILITY
2.3.2.1 (L1) Ensure 'Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings' is set to 'Enabled'	CIS Microsoft Windows 11 Stand-alone v3.0.0 L1	Windows	AUDIT AND ACCOUNTABILITY
3.3.5 Ensure suspicious packets are logged - 'net.ipv4.conf.default.log_martians = 1'	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Server	Unix	AUDIT AND ACCOUNTABILITY
3.3.5 Ensure suspicious packets are logged - 'net.ipv4.conf.default.log_martians = 1'	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Workstation	Unix	AUDIT AND ACCOUNTABILITY
3.3.9 Ensure suspicious packets are logged	CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Workstation	Unix	AUDIT AND ACCOUNTABILITY
3.3.9 Ensure suspicious packets are logged	CIS Red Hat EL8 Server L1 v3.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.3.8 Ensure changes to system administration scope (sudoers) is collected - sudoers.d	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Workstation	Unix	AUDIT AND ACCOUNTABILITY
4.1.6 Ensure events that modify the system's network environment are collected - auditctl /etc/issue	CIS SUSE Linux Enterprise Server 11 L2 v2.1.1	Unix	AUDIT AND ACCOUNTABILITY
4.1.6 Ensure events that modify the system's network environment are collected - auditctl /etc/issue.net	CIS SUSE Linux Enterprise Server 11 L2 v2.1.1	Unix	AUDIT AND ACCOUNTABILITY
4.1.9 Ensure session initiation information is collected - btmp	CIS SUSE Linux Enterprise Server 11 L2 v2.1.1	Unix	AUDIT AND ACCOUNTABILITY
4.1.9 Ensure session initiation information is collected - utmp	CIS SUSE Linux Enterprise Server 11 L2 v2.1.1	Unix	AUDIT AND ACCOUNTABILITY
4.1.14 Ensure file deletion events by users are collected - auditctl b64 unlink	CIS SUSE Linux Enterprise Server 11 L2 v2.1.1	Unix	AUDIT AND ACCOUNTABILITY
5.2.3.11 Ensure session initiation information is collected	CIS Oracle Linux 8 Server L2 v3.0.0	Unix	AUDIT AND ACCOUNTABILITY
5.3 Ensure that logging captures as much information as possible	CIS MongoDB 3.6 L1 Unix Audit v1.1.0	Unix	AUDIT AND ACCOUNTABILITY
6.3.3.11 Ensure session initiation information is collected	CIS Red Hat Enterprise Linux 9 v2.0.0 L2 Workstation	Unix	AUDIT AND ACCOUNTABILITY
6.3.3.11 Ensure session initiation information is collected	CIS Oracle Linux 9 v2.0.0 L2 Server	Unix	AUDIT AND ACCOUNTABILITY
17.1.1 Ensure 'Audit Credential Validation' is set to 'Success and Failure'	CIS Microsoft Windows Server 2022 STIG v1.0.0 L1 DC	Windows	AUDIT AND ACCOUNTABILITY
17.1.1 Ensure 'Audit Credential Validation' is set to 'Success and Failure'	CIS Microsoft Windows Server 2022 STIG v1.0.0 L1 MS	Windows	AUDIT AND ACCOUNTABILITY
17.1.1 Ensure 'Audit Credential Validation' is set to 'Success and Failure'	CIS Microsoft Windows Server 2022 STIG v1.0.0 STIG DC	Windows	AUDIT AND ACCOUNTABILITY
17.2.2 (L1) Ensure 'Audit Security Group Management' is set to include 'Success'	CIS Microsoft Windows 11 Stand-alone v3.0.0 L1	Windows	AUDIT AND ACCOUNTABILITY
17.2.2 (L1) Ensure 'Audit Security Group Management' is set to include 'Success'	CIS Microsoft Windows 11 Stand-alone v3.0.0 L1 + BL	Windows	AUDIT AND ACCOUNTABILITY
17.2.6 (L1) Ensure 'Audit Security Group Management' is set to include 'Success'	CIS Microsoft Windows Server 2019 STIG v2.0.0 STIG MS	Windows	AUDIT AND ACCOUNTABILITY
17.2.6 Ensure 'Audit Security Group Management' is set to include 'Success'	CIS Microsoft Windows Server 2022 STIG v1.0.0 L1 DC	Windows	AUDIT AND ACCOUNTABILITY
17.2.6 Ensure 'Audit Security Group Management' is set to include 'Success'	CIS Microsoft Windows Server 2022 STIG v1.0.0 STIG DC	Windows	AUDIT AND ACCOUNTABILITY
17.5.1 (L1) Ensure 'Audit Account Lockout' is set to include 'Failure'	CIS Microsoft Windows Server 2019 STIG v2.0.0 STIG MS	Windows	AUDIT AND ACCOUNTABILITY
17.5.1 (L1) Ensure 'Audit Account Lockout' is set to include 'Failure'	CIS Microsoft Windows Server 2019 v3.0.1 L1 MS	Windows	AUDIT AND ACCOUNTABILITY
17.5.1 (L1) Ensure 'Audit Account Lockout' is set to include 'Failure'	CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + NG	Windows	AUDIT AND ACCOUNTABILITY
17.5.1 Ensure 'Audit Account Lockout' is set to include 'Failure'	CIS Microsoft Windows Server 2022 STIG v1.0.0 L1 DC	Windows	AUDIT AND ACCOUNTABILITY
17.5.3 (L1) Ensure 'Audit Logoff' is set to include 'Success'	CIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L1 MS	Windows	AUDIT AND ACCOUNTABILITY
17.5.3 (L1) Ensure 'Audit Logoff' is set to include 'Success'	CIS Microsoft Windows Server 2019 v3.0.1 L1 DC	Windows	AUDIT AND ACCOUNTABILITY
17.5.4 (L1) Ensure 'Audit Logon' is set to 'Success and Failure'	CIS Microsoft Windows Server 2019 v3.0.1 L1 MS	Windows	AUDIT AND ACCOUNTABILITY
17.5.4 Ensure 'Audit Logon' is set to 'Success and Failure'	CIS Microsoft Windows Server 2022 STIG v1.0.0 L1 DC	Windows	AUDIT AND ACCOUNTABILITY
17.5.4 Ensure 'Audit Logon' is set to 'Success and Failure'	CIS Microsoft Windows Server 2022 STIG v1.0.0 L1 MS	Windows	AUDIT AND ACCOUNTABILITY
17.5.5 (L1) Ensure 'Audit Other Logon/Logoff Events' is set to 'Success and Failure'	CIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L1 MS	Windows	AUDIT AND ACCOUNTABILITY
17.5.5 (L1) Ensure 'Audit Other Logon/Logoff Events' is set to 'Success and Failure'	CIS Microsoft Windows Server 2019 v3.0.1 L1 MS	Windows	AUDIT AND ACCOUNTABILITY
17.5.5 Ensure 'Audit Other Logon/Logoff Events' is set to 'Success and Failure'	CIS Microsoft Windows Server 2022 STIG v1.0.0 L1 DC	Windows	AUDIT AND ACCOUNTABILITY
17.5.6 (L1) Ensure 'Audit Special Logon' is set to include 'Success'	CIS Microsoft Windows Server 2019 v3.0.1 L1 DC	Windows	AUDIT AND ACCOUNTABILITY
17.5.6 Ensure 'Audit Special Logon' is set to include 'Success'	CIS Microsoft Windows Server 2022 STIG v1.0.0 L1 MS	Windows	AUDIT AND ACCOUNTABILITY
17.6.1 (L1) Ensure 'Audit Detailed File Share' is set to include 'Failure'	CIS Microsoft Windows Server 2022 v3.0.0 L1 Member Server	Windows	AUDIT AND ACCOUNTABILITY
17.6.1 (L1) Ensure 'Audit Detailed File Share' is set to include 'Failure'	CIS Microsoft Windows 11 Stand-alone v3.0.0 L1 + BL	Windows	AUDIT AND ACCOUNTABILITY
17.6.2 (L1) Ensure 'Audit File Share' is set to 'Success and Failure'	CIS Microsoft Windows 11 Stand-alone v3.0.0 L1	Windows	AUDIT AND ACCOUNTABILITY
17.6.2 (L1) Ensure 'Audit File Share' is set to 'Success and Failure'	CIS Microsoft Windows 11 Stand-alone v3.0.0 L1 + BL	Windows	AUDIT AND ACCOUNTABILITY
17.7.1 (L1) Ensure 'Audit Audit Policy Change' is set to include 'Success'	CIS Microsoft Windows Server 2019 v3.0.1 L1 DC	Windows	AUDIT AND ACCOUNTABILITY
17.7.1 Ensure 'Audit Audit Policy Change' is set to include 'Success'	CIS Microsoft Windows Server 2022 STIG v1.0.0 L1 MS	Windows	AUDIT AND ACCOUNTABILITY
17.7.2 Ensure 'Audit Audit Policy Change' is set to include 'Success and Failure' (STIG only)	CIS Microsoft Windows Server 2022 STIG v1.0.0 STIG MS	Windows	AUDIT AND ACCOUNTABILITY
17.7.2 Ensure 'Audit Audit Policy Change' is set to include 'Success and Failure' (STIG only)	CIS Microsoft Windows Server 2019 STIG v2.0.0 STIG MS	Windows	AUDIT AND ACCOUNTABILITY
17.7.3 (L1) Ensure 'Audit Authorization Policy Change' is set to include 'Success'	CIS Microsoft Windows Server 2022 v3.0.0 L1 Member Server	Windows	AUDIT AND ACCOUNTABILITY
17.7.4 (L1) Ensure 'Audit MPSSVC Rule-Level Policy Change' is set to 'Success and Failure'	CIS Microsoft Windows 11 Stand-alone v3.0.0 L1 + BL	Windows	AUDIT AND ACCOUNTABILITY
17.7.4 Ensure 'Audit Authorization Policy Change' is set to include 'Success'	CIS Microsoft Windows Server 2022 STIG v1.0.0 L1 MS	Windows	AUDIT AND ACCOUNTABILITY

Detections

Analytics

Item Search