| AOSX-14-001044 - The macOS system must generate audit records for DoD-defined events such as successful/unsuccessful logon attempts, successful/unsuccessful direct access attempts, starting and ending time for user access, and concurrent logons to the same account from different sources. | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-11-001020 - The macOS system must audit the enforcement actions used to restrict access associated with changes to the system - fr | DISA STIG Apple macOS 11 v1r5 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| CISC-ND-000250 - The Cisco router must be configured to generate audit records when successful/unsuccessful attempts to logon with access privileges occur. | DISA STIG Cisco IOS-XR Router NDM v3r2 | Cisco | AUDIT AND ACCOUNTABILITY |
| CISC-ND-001250 - The Cisco router must be configured to generate log records when administrator privileges are deleted. | DISA STIG Cisco IOS XE Router NDM v3r2 | Cisco | AUDIT AND ACCOUNTABILITY |
| CISC-ND-001250 - The Cisco router must be configured to generate log records when administrator privileges are deleted. | DISA STIG Cisco IOS Router NDM v3r2 | Cisco | AUDIT AND ACCOUNTABILITY |
| CISC-ND-001260 - The Cisco router must be configured to generate audit records when successful/unsuccessful logon attempts occur. | DISA STIG Cisco IOS Router NDM v3r2 | Cisco | AUDIT AND ACCOUNTABILITY |
| CISC-ND-001260 - The Cisco switch must be configured to generate audit records when successful/unsuccessful logon attempts occur. | DISA STIG Cisco IOS XE Switch NDM v3r2 | Cisco | AUDIT AND ACCOUNTABILITY |
| CISC-ND-001270 - The Cisco switch must be configured to generate log records for privileged activities. | DISA STIG Cisco IOS XE Switch NDM v3r2 | Cisco | AUDIT AND ACCOUNTABILITY |
| JUNI-ND-000250 - The Juniper router must be configured to generate audit records when successful/unsuccessful attempts to logon with access privileges occur. | DISA STIG Juniper Router NDM v3r2 | Juniper | AUDIT AND ACCOUNTABILITY |
| JUNI-ND-001250 - The Juniper router must be configured to generate audit records when successful/unsuccessful logon attempts occur. | DISA STIG Juniper Router NDM v3r2 | Juniper | AUDIT AND ACCOUNTABILITY |
| JUNI-ND-001280 - The Juniper router must be configured to generate log records when concurrent logons from different workstations occur. | DISA STIG Juniper Router NDM v3r2 | Juniper | AUDIT AND ACCOUNTABILITY |
| JUSX-DM-000040 - The Juniper SRX Services Gateway must generate log records when successful attempts to configure the device and use commands occur. | DISA Juniper SRX Services Gateway NDM v3r2 | Juniper | AUDIT AND ACCOUNTABILITY |
| JUSX-DM-000046 - The Juniper SRX Services Gateway must generate log records when concurrent logons from different workstations occur. | DISA Juniper SRX Services Gateway NDM v3r2 | Juniper | AUDIT AND ACCOUNTABILITY |
| PANW-NM-000024 - The Palo Alto Networks security platform must generate audit records when successful/unsuccessful attempts to access privileges occur | DISA STIG Palo Alto NDM v3r2 | Palo_Alto | AUDIT AND ACCOUNTABILITY |
| PGS9-00-005100 - PostgreSQL must generate audit records when successful logons or connections occur. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PGS9-00-005800 - PostgreSQL must generate audit records for all privileged activities or other system-level access. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PGS9-00-006100 - PostgreSQL must generate audit records when privileges/permissions are deleted. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PGS9-00-006400 - PostgreSQL must generate audit records when privileges/permissions are modified. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PGS9-00-012700 - PostgreSQL must generate audit records for all direct access to the database(s). | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000200 - The audit system must be configured to audit user deletions of files and programs - unlink 32 bit | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000200 - The audit system must be configured to audit user deletions of files and programs - unlinkat 32 bit | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000202 - The audit system must be configured to audit the loading and unloading of dynamic kernel modules - /sbin/rmmod. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-07-030440 - The Red Hat Enterprise Linux operating system must audit all uses of the setxattr, fsetxattr, lsetxattr, removexattr, fremovexattr, and lremovexattr syscalls. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-07-030830 - The Red Hat Enterprise Linux operating system must audit all uses of the delete_module syscall. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | AUDIT AND ACCOUNTABILITY |
| SQL6-D0-014600 - SQL Server must generate audit records when successful and unsuccessful attempts to delete categorized information (e.g., classification levels/security levels) occur. | DISA STIG SQL Server 2016 Instance DB Audit v3r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL6-D0-015400 - SQL Server must generate audit records when successful and unsuccessful accesses to objects occur. | DISA STIG SQL Server 2016 Instance DB Audit v3r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| UBTU-18-010240 - The Ubuntu operating system must generate audit records for the /var/log/btmp file. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-18-010317 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the mount command. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-18-010320 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the ssh-keysign command. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-18-010331 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the chmod, fchmod, and fchmodat system calls. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-18-010340 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the sudo command. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-18-010350 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the gpasswd command. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-18-010388 - The Ubuntu operating system must generate records for successful/unsuccessful uses of delete_module syscall and when unloading dynamic kernel modules. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-18-010391 - The Ubuntu operating system must generate audit records when successful/unsuccessful attempts to use the kmod command. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | AUDIT AND ACCOUNTABILITY |
| WBLC-01-000030 - Oracle WebLogic must provide access logging that ensures users who are granted a privileged role (or roles) have their privileged activity logged. | Oracle WebLogic Server 12c Linux v2r2 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| WBLC-02-000069 - Oracle WebLogic must generate audit records for the DoD-selected list of auditable events. | Oracle WebLogic Server 12c Windows v2r2 | Windows | AUDIT AND ACCOUNTABILITY |
| WN10-AU-000054 - The system must be configured to audit Logon/Logoff - Account Lockout failures. | DISA Microsoft Windows 10 STIG v3r4 | Windows | AUDIT AND ACCOUNTABILITY |
| WN10-AU-000082 - Windows 10 must be configured to audit Object Access - File Share successes. | DISA Microsoft Windows 10 STIG v3r4 | Windows | AUDIT AND ACCOUNTABILITY |
| WN10-AU-000100 - The system must be configured to audit Policy Change - Audit Policy Change successes. | DISA Microsoft Windows 10 STIG v3r4 | Windows | AUDIT AND ACCOUNTABILITY |
| WN12-AU-000001 - The system must be configured to audit Account Logon - Credential Validation successes. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | AUDIT AND ACCOUNTABILITY |
| WN12-AU-000023 - The system must be configured to audit Detailed Tracking - Process Creation successes. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | AUDIT AND ACCOUNTABILITY |
| WN12-AU-000053 - The system must be configured to audit Logon/Logoff - Special Logon successes. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | AUDIT AND ACCOUNTABILITY |
| WN12-AU-000081 - The system must be configured to audit Object Access - Removable Storage successes. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | AUDIT AND ACCOUNTABILITY |
| WN12-AU-000085 - The system must be configured to audit Policy Change - Audit Policy Change successes. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | AUDIT AND ACCOUNTABILITY |
| WN12-AU-000089 - The system must be configured to audit Policy Change - Authorization Policy Change successes. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | AUDIT AND ACCOUNTABILITY |
| WN16-AU-000160 - Windows Server 2016 must be configured to audit Detailed Tracking - Plug and Play Events successes. | DISA Microsoft Windows Server 2016 STIG v2r10 | Windows | AUDIT AND ACCOUNTABILITY |
| WN19-AU-000130 - Windows Server 2019 must be configured to audit Detailed Tracking - Plug and Play Events successes. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | AUDIT AND ACCOUNTABILITY |
| WN19-AU-000170 - Windows Server 2019 must be configured to audit Logon/Logoff - Group Membership successes. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | AUDIT AND ACCOUNTABILITY |
| WN19-AU-000210 - Windows Server 2019 must be configured to audit Logon/Logoff - Special Logon successes. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | AUDIT AND ACCOUNTABILITY |
| WN19-AU-000230 - Windows Server 2019 must be configured to audit Object Access - Other Object Access Events failures. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | AUDIT AND ACCOUNTABILITY |
