Detections
Analytics

CSCv6|6.3

Title

Ensure that all systems that store logs have adequate storage space for the logs generated on a regular basis.

Description

Ensure that all systems that store logs have adequate storage space for the logs generated on a regular basis, so that log files will not fill up between log rotation intervals. The logs must be archived and digitally signed on a periodic basis.

Reference Item Details

Category: Maintenance, Monitoring, and Analysis of Audit Logs

Family: System

Audit Items

View all Reference Audit Items

NamePluginAudit Name
4.1.1.1 Ensure audit log storage size is configuredUnixCIS Amazon Linux v2.0.0 L2
1.1 Maintain current contact detailsamazon_awsCIS Amazon Web Services Foundations L1 1.3.0
1.1 Maintain current contact detailsamazon_awsCIS Amazon Web Services Foundations L1 1.4.0
1.1.1.1 Syslog logging should be configured - configurationPalo_AltoCIS Palo Alto Firewall 9 Benchmark v1.0.0 L1
1.1.1.1 Syslog logging should be configured - hip matchPalo_AltoCIS Palo Alto Firewall 9 Benchmark v1.0.0 L1
1.1.1.1 Syslog logging should be configured - hostPalo_AltoCIS Palo Alto Firewall 9 Benchmark v1.0.0 L1
1.1.1.1 Syslog logging should be configured - ip-tagPalo_AltoCIS Palo Alto Firewall 9 Benchmark v1.0.0 L1
1.1.1.1 Syslog logging should be configured - systemPalo_AltoCIS Palo Alto Firewall 9 Benchmark v1.0.0 L1
1.1.1.1 Syslog logging should be configured - user-idPalo_AltoCIS Palo Alto Firewall 9 Benchmark v1.0.0 L1
1.1.1.2 SNMPv3 traps should be configured - configurationPalo_AltoCIS Palo Alto Firewall 9 Benchmark L2 v1.0.0
1.1.1.2 SNMPv3 traps should be configured - hip matchPalo_AltoCIS Palo Alto Firewall 9 Benchmark L2 v1.0.0
1.1.1.2 SNMPv3 traps should be configured - hostPalo_AltoCIS Palo Alto Firewall 9 Benchmark L2 v1.0.0
1.1.1.2 SNMPv3 traps should be configured - ip-tagPalo_AltoCIS Palo Alto Firewall 9 Benchmark L2 v1.0.0
1.1.1.2 SNMPv3 traps should be configured - user-idPalo_AltoCIS Palo Alto Firewall 9 Benchmark L2 v1.0.0
1.1.1.2.1.15 Set 'MSS: (WarningLevel) Percentage threshold for the security event log at which the system will generate a warning' to '90'WindowsCIS Windows 2003 DC v3.1.0
1.1.1.2.1.15 Set 'MSS: (WarningLevel) Percentage threshold for the security event log at which the system will generate a warning' to '90'WindowsCIS Windows 2003 MS v3.1.0
1.1.1.3.2 Set 'Maximum application log size' to '16384'WindowsCIS Windows 2003 MS v3.1.0
1.1.1.3.2 Set 'Maximum application log size' to '16384'WindowsCIS Windows 2003 DC v3.1.0
1.1.1.3.4 Set 'Maximum system log size' to '16384'WindowsCIS Windows 2003 DC v3.1.0
1.1.1.3.4 Set 'Maximum system log size' to '16384'WindowsCIS Windows 2003 MS v3.1.0
1.1.1.3.5 Set 'Maximum security log size' to '81920'WindowsCIS Windows 2003 DC v3.1.0
1.1.1.3.5 Set 'Maximum security log size' to '81920'WindowsCIS Windows 2003 MS v3.1.0
1.1.10 Ensure separate partition exists for /varUnixCIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0
1.1.10 Ensure separate partition exists for /varUnixCIS Ubuntu Linux 16.04 LTS Server L2 v2.0.0
1.1.10 Ensure separate partition exists for /var/logUnixCIS Debian 8 Server L2 v2.0.1
1.1.10 Ensure separate partition exists for /var/logUnixCIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0
1.1.10 Ensure separate partition exists for /var/logUnixCIS Ubuntu Linux 14.04 LTS Workstation L2 v2.0.0
1.1.10 Ensure separate partition exists for /var/logUnixCIS Debian 8 Server L2 v2.0.2
1.1.10 Ensure separate partition exists for /var/logUnixCIS Ubuntu Linux 14.04 LTS Server L2 v2.0.0
1.1.10 Ensure separate partition exists for /var/logUnixCIS Ubuntu Linux 16.04 LTS Server L2 v1.1.0
1.1.10 Ensure separate partition exists for /var/logUnixCIS Debian 8 Workstation L2 v2.0.1
1.1.10 Ensure separate partition exists for /var/logUnixCIS Debian 8 Workstation L2 v2.0.2
1.1.10 Ensure separate partition exists for /var/logUnixCIS Ubuntu Linux 16.04 LTS Workstation L2 v1.1.0
1.1.10 Ensure separate partition exists for /var/logUnixCIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0
1.1.11 Ensure separate partition exists for /var/logUnixCIS Distribution Independent Linux Server L2 v2.0.0
1.1.11 Ensure separate partition exists for /var/logUnixCIS Amazon Linux v2.1.0 L2
1.1.11 Ensure separate partition exists for /var/logUnixCIS SUSE Linux Enterprise Workstation 11 L2 v2.0.0
1.1.11 Ensure separate partition exists for /var/logUnixCIS SUSE Linux Enterprise Workstation 11 L2 v2.1.0
1.1.11 Ensure separate partition exists for /var/logUnixCIS Ubuntu Linux 18.04 LTS Workstation L2 v2.0.1
1.1.11 Ensure separate partition exists for /var/logUnixCIS Ubuntu Linux 18.04 LXD Host L2 Server v1.0.0
1.1.11 Ensure separate partition exists for /var/logUnixCIS Distribution Independent Linux Workstation L2 v2.0.0
1.1.11 Ensure separate partition exists for /var/logUnixCIS SUSE Linux Enterprise Server 12 L2 v2.1.0
1.1.11 Ensure separate partition exists for /var/logUnixHuawei EulerOS 2 Server L2 v1.0
1.1.11 Ensure separate partition exists for /var/logUnixCIS Amazon Linux v2.0.0 L2
1.1.11 Ensure separate partition exists for /var/logUnixCIS SUSE Linux Enterprise Server 11 L2 v2.1.0
1.1.11 Ensure separate partition exists for /var/logUnixCIS Ubuntu Linux 18.04 LTS Server L2 v2.0.1
1.1.11 Ensure separate partition exists for /var/logUnixCIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0
1.1.11 Ensure separate partition exists for /var/logUnixCIS SUSE Linux Enterprise Server 11 L2 v2.0.0
1.1.11 Ensure separate partition exists for /var/logUnixCIS SUSE Linux Enterprise Workstation 12 L2 v2.1.0
1.1.11 Ensure separate partition exists for /var/logUnixHuawei EulerOS 2 Workstation L2 v1.0