Audits
Settings
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Theme
Light
Dark
Auto
Help
Plugins
Overview
Plugins Pipeline
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
LCE Families
Tenable OT Security Families
About Plugin Families
Release Notes
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Settings
Theme
Light
Dark
Auto
Detections
Plugins
Overview
Plugins Pipeline
Release Notes
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
LCE Families
Tenable OT Security Families
About Plugin Families
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
Analytics
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Audits
References
CCI
CCI-001462
CCI
CCI|CCI-001462
Title
The information system provides the capability for authorized users to capture/record and log content related to a user session.
Reference Item Details
Reference:
CCI - DISA Control Correlation Identifier
Category:
2024
Audit Items
View all Reference Audit Items
Name
Plugin
Audit Name
DKER-EE-001080 - The audit log configuration level must be set to request in the Universal Control Plane (UCP) component of Docker Enterprise.
Unix
DISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r2
FNFG-FW-000155 - The FortiGate firewall must allow authorized users to record a packet-capture-based IP, traffic type (TCP, UDP, or ICMP), or protocol.
FortiGate
DISA Fortigate Firewall STIG v1r3
IIST-SV-000102 - The enhanced logging for the IIS 10.0 web server must be enabled and capture all user and web server events.
Windows
DISA IIS 10.0 Server v2r10
IISW-SI-000205 - The enhanced logging for each IIS 8.5 website must be enabled and capture, record, and log all content related to a user session
Windows
DISA IIS 8.5 Site v2r9
IISW-SV-000102 - The enhanced logging for the IIS 8.5 web server must be enabled and capture all user and web server events.
Windows
DISA IIS 8.5 Server v2r7
MD3X-00-000040 - MongoDB must provide audit record generation for DoD-defined auditable events within all DBMS/database components.
Unix
DISA STIG MongoDB Enterprise Advanced 3.x v2r3 OS
VCEM-67-000005 - ESX Agent Manager must record user access in a format that enables monitoring of remote access.
Unix
DISA STIG VMware vSphere 6.7 EAM Tomcat v1r4
VCEM-70-000005 - ESX Agent Manager must record user access in a format that enables monitoring of remote access.
Unix
DISA STIG VMware vSphere 7.0 EAM Tomcat v1r2
VCFL-67-000009 - vSphere Client must record user access in a format that enables monitoring of remote access.
Unix
DISA STIG VMware vSphere 6.7 Virgo Client v1r2
VCLD-67-000004 - VAMI must be configured to monitor remote access.
Unix
DISA STIG VMware vSphere 6.7 VAMI-lighttpd v1r3
VCLD-70-000004 - VAMI must be configured to monitor remote access.
Unix
DISA STIG VMware vSphere 7.0 VAMI v1r2
VCLU-70-000005 - Lookup Service must record user access in a format that enables monitoring of remote access.
Unix
DISA STIG VMware vSphere 7.0 Lookup Service v1r2
VCPF-67-000005 - Performance Charts must record user access in a format that enables monitoring of remote access.
Unix
DISA STIG VMware vSphere 6.7 Perfcharts Tomcat v1r3
VCPF-70-000005 - Performance Charts must record user access in a format that enables monitoring of remote access.
Unix
DISA STIG VMware vSphere 7.0 Perfcharts Tomcat v1r1
VCST-67-000005 - The Security Token Service must record user access in a format that enables monitoring of remote access.
Unix
DISA STIG VMware vSphere 6.7 STS Tomcat v1r3
VCST-70-000005 - The Security Token Service must record user access in a format that enables monitoring of remote access.
Unix
DISA STIG VMware vSphere 7.0 STS Tomcat v1r2
VCUI-67-000005 - vSphere UI must record user access in a format that enables monitoring of remote access.
Unix
DISA STIG VMware vSphere 6.7 UI Tomcat v1r3
VCUI-70-000005 - vSphere UI must record user access in a format that enables monitoring of remote access.
Unix
DISA STIG VMware vSphere 7.0 vCA UI v1r2
WBSP-AS-000100 - The WebSphere Application Server audit event type filters must be configured.
Unix
DISA IBM WebSphere Traditional 9 STIG v1r1
WBSP-AS-000100 - The WebSphere Application Server audit event type filters must be configured.
Unix
DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware
WBSP-AS-000100 - The WebSphere Application Server audit event type filters must be configured.
Windows
DISA IBM WebSphere Traditional 9 Windows STIG v1r1
WNFWA-000011 - Windows Defender Firewall with Advanced Security must log successful connections when connected to a domain.
Windows
DISA Microsoft Windows Firewall v2r2
WNFWA-000019 - Windows Defender Firewall with Advanced Security must log successful connections when connected to a private network.
Windows
DISA Microsoft Windows Firewall v2r2
WNFWA-000029 - Windows Defender Firewall with Advanced Security must log successful connections when connected to a public network.
Windows
DISA Microsoft Windows Firewall v2r2
