CCI|CCI-001462

Title

The information system provides the capability for authorized users to capture/record and log content related to a user session.

Reference Item Details

Reference: CCI - DISA Control Correlation Identifier

Category: 2009

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
DKER-EE-001080 - The audit log configuration level must be set to request in the Universal Control Plane (UCP) component of Docker Enterprise.	Unix	DISA STIG Docker Enterprise 2.x Linux/Unix UCP v1r1
DKER-EE-001080 - The audit log configuration level must be set to request in the Universal Control Plane (UCP) component of Docker Enterprise.	Unix	DISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r1
FNFG-FW-000155 - The FortiGate firewall must allow authorized users to record a packet-capture-based IP, traffic type (TCP, UDP, or ICMP), or protocol.	FortiGate	DISA Fortigate Firewall STIG v1r3
FNFG-FW-000155 - The FortiGate firewall must allow authorized users to record a packet-capture-based IP, traffic type (TCP, UDP, or ICMP), or protocol.	FortiGate	DISA Fortigate Firewall STIG v1r1
IIST-SV-000102 - The enhanced logging for the IIS 10.0 web server must be enabled and capture all user and web server events	Windows	DISA IIS 10.0 Server v2r9
IIST-SV-000102 - The enhanced logging for the IIS 10.0 web server must be enabled and capture all user and web server events - Field Date	Windows	DISA IIS 10.0 Server v2r1
IIST-SV-000102 - The enhanced logging for the IIS 10.0 web server must be enabled and capture all user and web server events - Field Date	Windows	DISA IIS 10.0 Server v2r5
IIST-SV-000102 - The enhanced logging for the IIS 10.0 web server must be enabled and capture all user and web server events - Field Date	Windows	DISA IIS 10.0 Server v2r8
IIST-SV-000102 - The enhanced logging for the IIS 10.0 web server must be enabled and capture all user and web server events - Field IP	Windows	DISA IIS 10.0 Server v2r5
IIST-SV-000102 - The enhanced logging for the IIS 10.0 web server must be enabled and capture all user and web server events - Field IP	Windows	DISA IIS 10.0 Server v2r8
IIST-SV-000102 - The enhanced logging for the IIS 10.0 web server must be enabled and capture all user and web server events - Field IP	Windows	DISA IIS 10.0 Server v2r1
IIST-SV-000102 - The enhanced logging for the IIS 10.0 web server must be enabled and capture all user and web server events - Field Method	Windows	DISA IIS 10.0 Server v2r8
IIST-SV-000102 - The enhanced logging for the IIS 10.0 web server must be enabled and capture all user and web server events - Field Method	Windows	DISA IIS 10.0 Server v2r1
IIST-SV-000102 - The enhanced logging for the IIS 10.0 web server must be enabled and capture all user and web server events - Field Method	Windows	DISA IIS 10.0 Server v2r5
IIST-SV-000102 - The enhanced logging for the IIS 10.0 web server must be enabled and capture all user and web server events - Field Query	Windows	DISA IIS 10.0 Server v2r5
IIST-SV-000102 - The enhanced logging for the IIS 10.0 web server must be enabled and capture all user and web server events - Field Query	Windows	DISA IIS 10.0 Server v2r8
IIST-SV-000102 - The enhanced logging for the IIS 10.0 web server must be enabled and capture all user and web server events - Field Query	Windows	DISA IIS 10.0 Server v2r1
IIST-SV-000102 - The enhanced logging for the IIS 10.0 web server must be enabled and capture all user and web server events - Field Referer	Windows	DISA IIS 10.0 Server v2r5
IIST-SV-000102 - The enhanced logging for the IIS 10.0 web server must be enabled and capture all user and web server events - Field Referer	Windows	DISA IIS 10.0 Server v2r1
IIST-SV-000102 - The enhanced logging for the IIS 10.0 web server must be enabled and capture all user and web server events - Field Referer	Windows	DISA IIS 10.0 Server v2r8
IIST-SV-000102 - The enhanced logging for the IIS 10.0 web server must be enabled and capture all user and web server events - Field Status	Windows	DISA IIS 10.0 Server v2r5
IIST-SV-000102 - The enhanced logging for the IIS 10.0 web server must be enabled and capture all user and web server events - Field Status	Windows	DISA IIS 10.0 Server v2r8
IIST-SV-000102 - The enhanced logging for the IIS 10.0 web server must be enabled and capture all user and web server events - Field Status	Windows	DISA IIS 10.0 Server v2r1
IIST-SV-000102 - The enhanced logging for the IIS 10.0 web server must be enabled and capture all user and web server events - Field Time	Windows	DISA IIS 10.0 Server v2r5
IIST-SV-000102 - The enhanced logging for the IIS 10.0 web server must be enabled and capture all user and web server events - Field Time	Windows	DISA IIS 10.0 Server v2r8
IIST-SV-000102 - The enhanced logging for the IIS 10.0 web server must be enabled and capture all user and web server events - Field Time	Windows	DISA IIS 10.0 Server v2r1
IIST-SV-000102 - The enhanced logging for the IIS 10.0 web server must be enabled and capture all user and web server events - Field User	Windows	DISA IIS 10.0 Server v2r8
IIST-SV-000102 - The enhanced logging for the IIS 10.0 web server must be enabled and capture all user and web server events - Field User	Windows	DISA IIS 10.0 Server v2r1
IIST-SV-000102 - The enhanced logging for the IIS 10.0 web server must be enabled and capture all user and web server events - Field User	Windows	DISA IIS 10.0 Server v2r5
IIST-SV-000102 - The enhanced logging for the IIS 10.0 web server must be enabled and capture all user and web server events - Format W3C	Windows	DISA IIS 10.0 Server v2r8
IIST-SV-000102 - The enhanced logging for the IIS 10.0 web server must be enabled and capture all user and web server events - Format W3C	Windows	DISA IIS 10.0 Server v2r5
IIST-SV-000102 - The enhanced logging for the IIS 10.0 web server must be enabled and capture all user and web server events - Format W3C	Windows	DISA IIS 10.0 Server v2r1
IIST-SV-000102 - The enhanced logging for the IIS 10.0 web server must be enabled and capture all user and web server events.	Windows	DISA IIS 10.0 Server v2r10
IISW-SI-000205 - The enhanced logging for each IIS 8.5 website must be enabled and capture, record, and log all content related to a user session	Windows	DISA IIS 8.5 Site v2r9
IISW-SI-000205 - The enhanced logging for each IIS 8.5 website must be enabled and capture, record, and log all content related to a user session - Field Client IP Address	Windows	DISA IIS 8.5 Site v2r5
IISW-SI-000205 - The enhanced logging for each IIS 8.5 website must be enabled and capture, record, and log all content related to a user session - Field Client IP Address	Windows	DISA IIS 8.5 Site v1r9
IISW-SI-000205 - The enhanced logging for each IIS 8.5 website must be enabled and capture, record, and log all content related to a user session - Field Client IP Address	Windows	DISA IIS 8.5 Site v2r1
IISW-SI-000205 - The enhanced logging for each IIS 8.5 website must be enabled and capture, record, and log all content related to a user session - Field Client IP Address	Windows	DISA IIS 8.5 Site v2r7
IISW-SI-000205 - The enhanced logging for each IIS 8.5 website must be enabled and capture, record, and log all content related to a user session - Field Date	Windows	DISA IIS 8.5 Site v2r5
IISW-SI-000205 - The enhanced logging for each IIS 8.5 website must be enabled and capture, record, and log all content related to a user session - Field Date	Windows	DISA IIS 8.5 Site v2r1
IISW-SI-000205 - The enhanced logging for each IIS 8.5 website must be enabled and capture, record, and log all content related to a user session - Field Date	Windows	DISA IIS 8.5 Site v2r7
IISW-SI-000205 - The enhanced logging for each IIS 8.5 website must be enabled and capture, record, and log all content related to a user session - Field Date	Windows	DISA IIS 8.5 Site v1r9
IISW-SI-000205 - The enhanced logging for each IIS 8.5 website must be enabled and capture, record, and log all content related to a user session - Field Method	Windows	DISA IIS 8.5 Site v2r7
IISW-SI-000205 - The enhanced logging for each IIS 8.5 website must be enabled and capture, record, and log all content related to a user session - Field Method	Windows	DISA IIS 8.5 Site v2r1
IISW-SI-000205 - The enhanced logging for each IIS 8.5 website must be enabled and capture, record, and log all content related to a user session - Field Method	Windows	DISA IIS 8.5 Site v1r9
IISW-SI-000205 - The enhanced logging for each IIS 8.5 website must be enabled and capture, record, and log all content related to a user session - Field Method	Windows	DISA IIS 8.5 Site v2r5
IISW-SI-000205 - The enhanced logging for each IIS 8.5 website must be enabled and capture, record, and log all content related to a user session - Field Protocol Status	Windows	DISA IIS 8.5 Site v1r9
IISW-SI-000205 - The enhanced logging for each IIS 8.5 website must be enabled and capture, record, and log all content related to a user session - Field Protocol Status	Windows	DISA IIS 8.5 Site v2r1
IISW-SI-000205 - The enhanced logging for each IIS 8.5 website must be enabled and capture, record, and log all content related to a user session - Field Protocol Status	Windows	DISA IIS 8.5 Site v2r7
IISW-SI-000205 - The enhanced logging for each IIS 8.5 website must be enabled and capture, record, and log all content related to a user session - Field Protocol Status	Windows	DISA IIS 8.5 Site v2r5

Detections

Analytics

CCI|CCI-001462

Title

Reference Item Details

Audit Items