Item Search

Name	Audit Name	Plugin	Category
2.3.2.1 (L1) Ensure 'Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings' is set to 'Enabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL	Windows	AUDIT AND ACCOUNTABILITY
2.3.2.1 (L1) Ensure 'Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings' is set to 'Enabled'	CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L1 MS	Windows	AUDIT AND ACCOUNTABILITY
2.3.2.1 (L1) Ensure 'Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings' is set to 'Enabled'	CIS Microsoft Windows Server 2019 v4.0.0 L1 MS	Windows	AUDIT AND ACCOUNTABILITY
2.3.2.1 (L1) Ensure 'Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings' is set to 'Enabled'	CIS Microsoft Windows Server 2025 Stand-alone v1.0.0 L1 MS	Windows	AUDIT AND ACCOUNTABILITY
2.3.2.1 (L1) Ensure 'Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings' is set to 'Enabled'	CIS Windows Server 2012 R2 DC L1 v3.0.0	Windows	AUDIT AND ACCOUNTABILITY
3.3.1.16 Ensure net.ipv4.conf.all.log_martians is configured	CIS Rocky Linux 8 v3.0.0 L1 Workstation	Unix	AUDIT AND ACCOUNTABILITY
3.3.1.16 Ensure net.ipv4.conf.all.log_martians is configured	CIS Red Hat Enterprise Linux 10 v1.0.1 L1 Workstation	Unix	AUDIT AND ACCOUNTABILITY
3.3.1.17 Ensure net.ipv4.conf.default.log_martians is configured	CIS AlmaLinux OS 8 v4.0.0 L1 Server	Unix	AUDIT AND ACCOUNTABILITY
3.3.9 Ensure suspicious packets are logged	CIS Ubuntu Linux 20.04 LTS v3.0.0 L1 Workstation	Unix	AUDIT AND ACCOUNTABILITY
3.3.9 Ensure suspicious packets are logged	CIS Red Hat Enterprise Linux 8 STIG v2.0.0 L1 Workstation	Unix	AUDIT AND ACCOUNTABILITY
4.1.3.11 Ensure session initiation information is collected	CIS CentOS Linux 8 Server L2 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.3.11 Ensure session initiation information is collected	CIS Fedora 28 Family Linux Server L2 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.3.11 Ensure session initiation information is collected	CIS Fedora 28 Family Linux Workstation L2 v2.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.1.5 Ensure events that modify the system's network environment are collected	CIS SUSE Linux Enterprise 12 v3.2.1 L2 Workstation	Unix	AUDIT AND ACCOUNTABILITY
6.3.3.11 Ensure session initiation information is collected	CIS Red Hat Enterprise Linux 8 v4.0.0 L2 Workstation	Unix	AUDIT AND ACCOUNTABILITY
6.3.3.11 Ensure session initiation information is collected	CIS Red Hat Enterprise Linux 8 STIG v2.0.0 L2 Workstation	Unix	AUDIT AND ACCOUNTABILITY
6.3.3.20 Ensure the audit configuration is loaded regardless of errors	CIS Red Hat Enterprise Linux 8 v4.0.0 L2 Server	Unix	AUDIT AND ACCOUNTABILITY
6.3.3.20 Ensure the audit configuration is loaded regardless of errors	CIS Rocky Linux 8 v3.0.0 L2 Workstation	Unix	AUDIT AND ACCOUNTABILITY
6.3.3.35 Ensure the audit configuration is loaded regardless of errors	CIS Red Hat Enterprise Linux 10 v1.0.1 L2 Workstation	Unix	AUDIT AND ACCOUNTABILITY
6.3.3.35 Ensure the audit configuration is loaded regardless of errors	CIS Oracle Linux 10 v1.0.0 L2 Server	Unix	AUDIT AND ACCOUNTABILITY
17.1.1 (L1) Ensure 'Audit Credential Validation' is set to 'Success and Failure'	CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L1 MS	Windows	AUDIT AND ACCOUNTABILITY
17.1.1 (L1) Ensure 'Audit Credential Validation' is set to 'Success and Failure'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	AUDIT AND ACCOUNTABILITY
17.1.1 (L1) Ensure 'Audit Credential Validation' is set to 'Success and Failure'	CIS Microsoft Windows Server 2025 v1.0.0 L1 MS	Windows	AUDIT AND ACCOUNTABILITY
17.2.2 (L1) Ensure 'Audit Security Group Management' is set to include 'Success'	CIS Microsoft Windows Server 2025 Stand-alone v1.0.0 L1 MS	Windows	AUDIT AND ACCOUNTABILITY
17.5.1 (L1) Ensure 'Audit Account Lockout' is set to include 'Failure'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NG	Windows	AUDIT AND ACCOUNTABILITY
17.5.1 (L1) Ensure 'Audit Account Lockout' is set to include 'Failure'	CIS Microsoft Windows Server 2025 Stand-alone v1.0.0 L1 MS	Windows	AUDIT AND ACCOUNTABILITY
17.5.3 (L1) Ensure 'Audit Logoff' is set to include 'Success'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NG	Windows	AUDIT AND ACCOUNTABILITY
17.5.3 (L1) Ensure 'Audit Logoff' is set to include 'Success'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NG	Windows	AUDIT AND ACCOUNTABILITY
17.5.3 (L1) Ensure 'Audit Logoff' is set to include 'Success'	CIS Microsoft Windows Server 2019 v4.0.0 L1 DC	Windows	AUDIT AND ACCOUNTABILITY
17.5.4 (L1) Ensure 'Audit Logon' is set to 'Success and Failure'	CIS Microsoft Windows Server 2025 Stand-alone v1.0.0 L1 MS	Windows	AUDIT AND ACCOUNTABILITY
17.5.4 (L1) Ensure 'Audit Logon' is set to 'Success and Failure'	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	AUDIT AND ACCOUNTABILITY
17.5.4 (L1) Ensure 'Audit Logon' is set to 'Success and Failure'	CIS Microsoft Windows Server 2025 v1.0.0 L1 MS	Windows	AUDIT AND ACCOUNTABILITY
17.5.5 (L1) Ensure 'Audit Other Logon/Logoff Events' is set to 'Success and Failure'	CIS Microsoft Windows Server 2019 v4.0.0 L1 DC	Windows	AUDIT AND ACCOUNTABILITY
17.5.5 (L1) Ensure 'Audit Other Logon/Logoff Events' is set to 'Success and Failure'	CIS Microsoft Windows Server 2025 Stand-alone v1.0.0 L1 MS	Windows	AUDIT AND ACCOUNTABILITY
17.5.5 (L1) Ensure 'Audit Special Logon' is set to include 'Success'	CIS Windows Server 2012 R2 DC L1 v3.0.0	Windows	AUDIT AND ACCOUNTABILITY
17.5.6 (L1) Ensure 'Audit Special Logon' is set to include 'Success'	CIS Microsoft Windows Server 2019 v4.0.0 L1 DC	Windows	AUDIT AND ACCOUNTABILITY
17.5.6 (L1) Ensure 'Audit Special Logon' is set to include 'Success'	CIS Microsoft Windows Server 2025 Stand-alone v1.0.0 L1 MS	Windows	AUDIT AND ACCOUNTABILITY
17.6.1 (L1) Ensure 'Audit Detailed File Share' is set to include 'Failure'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NG	Windows	AUDIT AND ACCOUNTABILITY
17.6.1 (L1) Ensure 'Audit Detailed File Share' is set to include 'Failure'	CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L1 MS	Windows	AUDIT AND ACCOUNTABILITY
17.6.1 (L1) Ensure 'Audit Detailed File Share' is set to include 'Failure'	CIS Microsoft Windows Server 2019 v4.0.0 L1 DC	Windows	AUDIT AND ACCOUNTABILITY
17.6.1 (L1) Ensure 'Audit Detailed File Share' is set to include 'Failure'	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	AUDIT AND ACCOUNTABILITY
17.6.2 (L1) Ensure 'Audit File Share' is set to 'Success and Failure'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NG	Windows	AUDIT AND ACCOUNTABILITY
17.6.2 (L1) Ensure 'Audit File Share' is set to 'Success and Failure'	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	AUDIT AND ACCOUNTABILITY
17.7.1 (L1) Ensure 'Audit Audit Policy Change' is set to include 'Success'	CIS Microsoft Windows Server 2019 v4.0.0 L1 MS	Windows	AUDIT AND ACCOUNTABILITY
17.7.2 (L1) Ensure 'Audit Authentication Policy Change' is set to include 'Success'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NG	Windows	AUDIT AND ACCOUNTABILITY
17.7.2 (L1) Ensure 'Audit Authentication Policy Change' is set to include 'Success'	CIS Microsoft Windows Server 2019 v4.0.0 L1 MS	Windows	AUDIT AND ACCOUNTABILITY
17.7.2 (L1) Ensure 'Audit Authentication Policy Change' is set to include 'Success'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	AUDIT AND ACCOUNTABILITY
17.7.3 (L1) Ensure 'Audit Authorization Policy Change' is set to include 'Success'	CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L1 MS	Windows	AUDIT AND ACCOUNTABILITY
17.7.3 (L1) Ensure 'Audit Authorization Policy Change' is set to include 'Success'	CIS Windows Server 2012 R2 DC L1 v3.0.0	Windows	AUDIT AND ACCOUNTABILITY
17.7.5 (L1) Ensure 'Audit Other Policy Change Events' is set to include 'Failure'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL	Windows	AUDIT AND ACCOUNTABILITY

Detections

Analytics

Item Search