| ALMA-09-056230 - AlmaLinux OS 9 audit tools must be group-owned by root. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-11-000031 - The macOS system must be configured so that log folders must not contain access control lists (ACLs). | DISA STIG Apple macOS 11 v1r8 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-11-001012 - The macOS system must be configured with audit log files owned by root. | DISA STIG Apple macOS 11 v1r5 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-11-001013 - The macOS system must be configured with audit log folders owned by root. | DISA STIG Apple macOS 11 v1r5 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-11-001014 - The macOS system must be configured with audit log files group-owned by wheel. | DISA STIG Apple macOS 11 v1r8 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-11-001015 - The macOS system must be configured with audit log folders group-owned by wheel. | DISA STIG Apple macOS 11 v1r8 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-11-001016 - The macOS system must be configured with audit log files set to mode 440 or less permissive. | DISA STIG Apple macOS 11 v1r8 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-12-000031 - The macOS system must be configured so that log folders must not contain access control lists (ACLs). | DISA STIG Apple macOS 12 v1r9 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-12-001015 - The macOS system must be configured with audit log folders group-owned by wheel. | DISA STIG Apple macOS 12 v1r9 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-12-001016 - The macOS system must be configured with audit log files set to mode 440 or less permissive. | DISA STIG Apple macOS 12 v1r9 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-13-001012 - The macOS system must be configured with audit log files owned by root. | DISA STIG Apple macOS 13 v1r5 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-13-001015 - The macOS system must be configured with audit log folders group-owned by wheel. | DISA STIG Apple macOS 13 v1r5 | Unix | AUDIT AND ACCOUNTABILITY |
| Big Sur - Configure Audit Log Folders to Mode 700 or Less Permissive | NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate | Unix | AUDIT AND ACCOUNTABILITY |
| Big Sur - Configure Audit Log Folders to Mode 700 or Less Permissive | NIST macOS Big Sur v1.4.0 - CNSSI 1253 | Unix | AUDIT AND ACCOUNTABILITY |
| Catalina - Configure Audit Log Folders to Mode 700 or Less Permissive | NIST macOS Catalina v1.5.0 - 800-53r5 High | Unix | AUDIT AND ACCOUNTABILITY |
| Catalina - Configure Audit Log Folders to Mode 700 or Less Permissive | NIST macOS Catalina v1.5.0 - 800-53r5 Low | Unix | AUDIT AND ACCOUNTABILITY |
| CD12-00-000400 - The audit information produced by PostgreSQL must be protected from unauthorized modification. | DISA STIG Crunchy Data PostgreSQL OS v3r1 | Unix | AUDIT AND ACCOUNTABILITY |
| CD12-00-011200 - PostgreSQL must protect its audit features from unauthorized removal. | DISA STIG Crunchy Data PostgreSQL OS v3r1 | Unix | AUDIT AND ACCOUNTABILITY |
| EPAS-00-003000 - The EDB Postgres Advanced Server must protect its audit configuration from unauthorized modification. | EnterpriseDB PostgreSQL Advanced Server OS Linux v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| EPAS-00-003100 - The EDB Postgres Advanced Server must protect its audit features from unauthorized removal. | EnterpriseDB PostgreSQL Advanced Server OS Linux v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| FGFW-ND-000130 - The FortiGate device must protect audit information from unauthorized deletion. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | AUDIT AND ACCOUNTABILITY |
| FGFW-ND-000140 - The FortiGate device must protect audit tools from unauthorized modification. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | AUDIT AND ACCOUNTABILITY |
| FNFG-FW-000050 - The FortiGate firewall must protect traffic log records from unauthorized access while in transit to the central audit server. - set mode | DISA Fortigate Firewall STIG v1r3 | FortiGate | AUDIT AND ACCOUNTABILITY |
| FNFG-FW-000060 - The FortiGate firewall must protect the traffic log from unauthorized deletion of local log files and log records. | DISA Fortigate Firewall STIG v1r3 | FortiGate | AUDIT AND ACCOUNTABILITY |
| JUEX-NM-000210 - The Juniper EX switch must be configured to protect audit tools from unauthorized access. | DISA Juniper EX Series Network Device Management v2r2 | Juniper | AUDIT AND ACCOUNTABILITY |
| MADB-10-002100 - The audit information produced by MariaDB must be protected from unauthorized modification. | DISA MariaDB Enterprise 10.x v2r3 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| Monterey - Configure Audit Log Files to Not Contain Access Control Lists | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
| Monterey - Configure Audit Log Files to Not Contain Access Control Lists | NIST macOS Monterey v1.0.0 - 800-53r4 Moderate | Unix | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
| Monterey - Configure Audit Log Files to Not Contain Access Control Lists | NIST macOS Monterey v1.0.0 - All Profiles | Unix | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
| Monterey - Configure Audit Log Files to Not Contain Access Control Lists | NIST macOS Monterey v1.0.0 - CNSSI 1253 | Unix | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
| MYS8-00-001400 - The audit information produced by the MySQL Database Server 8.0 must be protected from unauthorized deletion. | DISA Oracle MySQL 8.0 v2r2 OS Linux | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-67-000015 - The Photon operating system audit log must have correct permissions. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-67-000016 - The Photon operating system audit log must be owned by root. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-67-000050 - The Photon operating system audit files and directories must have correct permissions - auditd | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-67-000050 - The Photon operating system audit files and directories must have correct permissions - aureport | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-67-000050 - The Photon operating system audit files and directories must have correct permissions - ausearch | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-67-000050 - The Photon operating system audit files and directories must have correct permissions - autrace | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030110 - RHEL 8 audit log directory must be group-owned by root to prevent unauthorized read access. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030121 - RHEL 8 audit system must protect auditing rules from unauthorized change. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030630 - RHEL 8 audit tools must be owned by root. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030640 - RHEL 8 audit tools must be group-owned by root. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-232103 - RHEL 9 "/etc/audit/" must be owned by root. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| SHPT-00-000430 - SharePoint must protect audit information from unauthorized access to the usage and health logs. | DISA STIG SharePoint 2010 v1r9 | Windows | AUDIT AND ACCOUNTABILITY |
| SQL2-00-013800 - SQL Server must protect audit information from unauthorized deletion. | DISA STIG SQL Server 2012 Database OS Audit v1r20 | Windows | AUDIT AND ACCOUNTABILITY |
| UBTU-22-232010 - Ubuntu 22.04 LTS must have directories that contain system commands set to a mode of "755" or less permissive. | DISA Canonical Ubuntu 22.04 LTS STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-24-901270 - Ubuntu 24.04 LTS must have directories that contain system commands owned by root. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| WBSP-AS-000760 - The WebSphere Application Server must protect log information from unauthorized deletion. | DISA IBM WebSphere Traditional 9 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| WBSP-AS-000770 - The WebSphere Application Server wsadmin file must be protected from unauthorized access. | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| WG250 IIS6 - Users other than Auditors group must not have greater than read access to log files. | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| WN11-AU-000520 - Windows 11 permissions for the Security event log must prevent access by non-privileged accounts. | DISA Microsoft Windows 11 STIG v2r3 | Windows | AUDIT AND ACCOUNTABILITY |
