| 1.1.2.7.1 Ensure separate partition exists for /var/log/audit | CIS AlmaLinux OS 8 Workstation L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 1.1.2.7.1 Ensure separate partition exists for /var/log/audit | CIS Oracle Linux 8 Server L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 1.1.2.7.1 Ensure separate partition exists for /var/log/audit | CIS Oracle Linux 8 Workstation L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 1.1.2.7.1 Ensure separate partition exists for /var/log/audit | CIS Rocky Linux 8 Server L2 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 1.1.6.1 Ensure separate partition exists for /var/log/audit | CIS Fedora 28 Family Linux Workstation L2 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 2.3 Ensure authentication is enabled in the sharded cluster - PEMKeyFile | CIS MongoDB 4 L1 OS Windows v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 4.1.1.3 Ensure audit logs are not automatically deleted | CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.2.2 Ensure audit logs are not automatically deleted | CIS CentOS Linux 8 Workstation L2 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.2.2 Ensure audit logs are not automatically deleted | CIS Amazon Linux 2 STIG v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.18 Ensure the audit configuration is immutable | CIS Amazon Linux v2.1.0 L2 | Unix | CONFIGURATION MANAGEMENT |
| 5.2.2.2 Ensure audit logs are not automatically deleted | CIS Ubuntu Linux 18.04 LTS v2.2.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.2.2 Ensure audit logs are not automatically deleted | CIS Oracle Linux 7 v4.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.2.2 Ensure audit logs are not automatically deleted | CIS Amazon Linux 2 v3.0.0 L2 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.2.2 Ensure audit logs are not automatically deleted | CIS Rocky Linux 8 Server L2 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.3.4 Ensure AUDIT_ADMIN' Is Revoked from Unauthorized 'GRANTEE' | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | ACCESS CONTROL, MEDIA PROTECTION |
| 6.1.2 (L1) Ensure mailbox audit actions are configured | CIS Microsoft 365 Foundations v5.0.0 L1 E5 | microsoft_azure | AUDIT AND ACCOUNTABILITY |
| 6.2 AIX Auditing - cron audit rotation | CIS IBM AIX 7.1 L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.2.2 Ensure audit logs are not automatically deleted | CIS Debian Linux 12 v1.1.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.2.2 Ensure audit logs are not automatically deleted | CIS Red Hat Enterprise Linux 9 v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.2.2 Ensure audit logs are not automatically deleted | CIS AlmaLinux OS 9 v2.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.2.2 Ensure audit logs are not automatically deleted | CIS AlmaLinux OS 9 v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.4.2.2 Ensure audit logs are not automatically deleted | CIS Debian Linux 11 v2.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.9 (L1) Ensure 'Audit Changes to Audit Policy' is set to include 'Success' | CIS Microsoft Intune for Windows 10 v4.0.0 L1 | Windows | AUDIT AND ACCOUNTABILITY |
| 17.7.1 (L1) Ensure 'Audit Audit Policy Change' is set to include 'Success' | CIS Microsoft Windows Server 2025 v1.0.0 L1 DC | Windows | AUDIT AND ACCOUNTABILITY |
| 17.7.1 (L1) Ensure 'Audit Audit Policy Change' is set to include 'Success' | CIS Windows Server 2012 R2 DC L1 v3.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 17.7.1 (L1) Ensure 'Audit Audit Policy Change' is set to include 'Success' | CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1 | Windows | AUDIT AND ACCOUNTABILITY |
| 17.7.1 (L1) Ensure 'Audit Audit Policy Change' is set to include 'Success' | CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1 | Windows | AUDIT AND ACCOUNTABILITY |
| 17.7.1 (L1) Ensure 'Audit Audit Policy Change' is set to include 'Success' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | AUDIT AND ACCOUNTABILITY |
| 17.7.1 (L1) Ensure 'Audit Audit Policy Change' is set to include 'Success' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| 17.7.1 (L1) Ensure 'Audit Audit Policy Change' is set to include 'Success' | CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1 | Windows | AUDIT AND ACCOUNTABILITY |
| 17.7.1 (L1) Ensure 'Audit Audit Policy Change' is set to include 'Success' | CIS Windows Server 2012 R2 MS L1 v3.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 17.7.1 (L1) Ensure 'Audit Audit Policy Change' is set to include 'Success' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 | Windows | AUDIT AND ACCOUNTABILITY |
| 17.7.1 (L1) Ensure 'Audit Audit Policy Change' is set to include 'Success' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG | Windows | AUDIT AND ACCOUNTABILITY |
| 17.7.1 Ensure 'Audit Audit Policy Change' is set to include 'Success' | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC | Windows | AUDIT AND ACCOUNTABILITY |
| AMLS-NM-000420 - The Arista Multilayer Switch must protect the audit records of nonlocal accesses to privileged accounts and the execution of privileged functions - trap logging | DISA STIG Arista MLS DCS-7000 Series NDM v1r4 | Arista | CONFIGURATION MANAGEMENT |
| Audit Computer Account Management | MSCT Windows Server 2012 R2 DC v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Other Account Management Events | MSCT Windows Server 2016 DC v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Sensitive Privilege Use | MSCT Windows 10 v1507 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Sensitive Privilege Use | MSCT Windows Server 2016 DC v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| DB2X-00-008200 - DB2 must produce audit records of its enforcement of access restrictions associated with changes to the configuration of DB2 or database(s) | DISA STIG IBM DB2 v10.5 LUW v2r1 OS Windows | Windows | CONFIGURATION MANAGEMENT |
| DB2X-00-008200 - DB2 must produce audit records of its enforcement of access restrictions associated with changes to the configuration of DB2 or database(s) - DB Auditing | DISA STIG IBM DB2 v10.5 LUW v2r1 Database | IBM_DB2DB | CONFIGURATION MANAGEMENT |
| DB2X-00-010100 - DB2 must generate audit records when unsuccessful attempts to add privileges/permissions occur | DISA STIG IBM DB2 v10.5 LUW v2r1 Database | IBM_DB2DB | AUDIT AND ACCOUNTABILITY |
| DB2X-00-010900 - DB2 must generate audit records when unsuccessful attempts to delete privileges/permissions occur | DISA STIG IBM DB2 v10.5 LUW v2r1 Database | IBM_DB2DB | AUDIT AND ACCOUNTABILITY |
| DB2X-00-012200 - DB2 must generate audit records for all direct access to the database(s) | DISA STIG IBM DB2 v10.5 LUW v2r1 Database | IBM_DB2DB | AUDIT AND ACCOUNTABILITY |
| EP11-00-002300 - The EDB Postgres Advanced Server must by default shut down upon audit failure, to include the unavailability of space for more audit log records; or must be configurable to shut down upon audit failure. | EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r4 | Windows | AUDIT AND ACCOUNTABILITY |
| EPAS-00-002300 - The EDB Postgres Advanced Server must, by default, shut down upon audit failure, to include the unavailability of space for more audit log records; or must be configurable to shut down upon audit failure. | EnterpriseDB PostgreSQL Advanced Server OS Linux v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002860 - Audit logs must be rotated daily. | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| MADB-10-001700 - MariaDB must by default shut down upon audit failure, to include the unavailability of space for more audit log records; or must be configurable to shut down upon audit failure. | DISA MariaDB Enterprise 10.x v2r3 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| PHTN-40-000030 The Photon operating system must allow only authorized users to configure the auditd service. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-16-020160 - The audit log files must be owned by root. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
