| 3.092 - The system must generate an audit event when the audit log reaches a percentage of full threshold. | DISA Windows Vista STIG v6r41 | Windows | AUDIT AND ACCOUNTABILITY |
| 4.1.2.4 Ensure system notification is sent out when volume is 75% full - SA and Information System Security Officer ISSO, at a minimum, when allocated audit record storage volume reaches 75% of the repository maximum audit record storage capacity. | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-12-001031 - The macOS system must provide an immediate real-time alert to the System Administrator (SA) and Information System Security Officer (ISSO), at a minimum, of all audit failure events requiring real-time alerts. | DISA STIG Apple macOS 12 v1r9 | Unix | AUDIT AND ACCOUNTABILITY |
| Big Sur - Configure Audit Capacity Warning | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | AUDIT AND ACCOUNTABILITY |
| Big Sur - Configure Audit Capacity Warning | NIST macOS Big Sur v1.4.0 - 800-53r4 High | Unix | AUDIT AND ACCOUNTABILITY |
| Big Sur - Configure Audit Capacity Warning | NIST macOS Big Sur v1.4.0 - 800-53r5 High | Unix | AUDIT AND ACCOUNTABILITY |
| Big Sur - Configure Audit Failure Notification | NIST macOS Big Sur v1.4.0 - 800-53r4 High | Unix | AUDIT AND ACCOUNTABILITY |
| Big Sur - Configure System to Shut Down Upon Audit Failure | NIST macOS Big Sur v1.4.0 - 800-53r4 High | Unix | AUDIT AND ACCOUNTABILITY |
| Big Sur - Configure System to Shut Down Upon Audit Failure | NIST macOS Big Sur v1.4.0 - 800-53r4 Low | Unix | AUDIT AND ACCOUNTABILITY |
| Big Sur - Configure System to Shut Down Upon Audit Failure | NIST macOS Big Sur v1.4.0 - CNSSI 1253 | Unix | AUDIT AND ACCOUNTABILITY |
| Big Sur - Configure System to Shut Down Upon Audit Failure | NIST macOS Big Sur v1.4.0 - 800-171 | Unix | AUDIT AND ACCOUNTABILITY |
| Big Sur - Configure System to Shut Down Upon Audit Failure | NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate | Unix | AUDIT AND ACCOUNTABILITY |
| Big Sur - Configure System to Shut Down Upon Audit Failure | NIST macOS Big Sur v1.4.0 - 800-53r5 Low | Unix | AUDIT AND ACCOUNTABILITY |
| Big Sur - Configure System to Shut Down Upon Audit Failure | NIST macOS Big Sur v1.4.0 - 800-53r5 High | Unix | AUDIT AND ACCOUNTABILITY |
| Big Sur - Configure System to Shut Down Upon Audit Failure | NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate | Unix | AUDIT AND ACCOUNTABILITY |
| Big Sur - Configure System to Shut Down Upon Audit Failure | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | AUDIT AND ACCOUNTABILITY |
| CASA-FW-000210 - The Cisco ASA must be configured to generate a real-time alert to organization-defined personnel and/or the firewall administrator in the event communication with the central audit server is lost - From-address | DISA STIG Cisco ASA FW v2r1 | Cisco | AUDIT AND ACCOUNTABILITY |
| Catalina - Configure Audit Capacity Warning | NIST macOS Catalina v1.5.0 - 800-53r5 High | Unix | AUDIT AND ACCOUNTABILITY |
| Catalina - Configure Audit Capacity Warning | NIST macOS Catalina v1.5.0 - All Profiles | Unix | AUDIT AND ACCOUNTABILITY |
| Catalina - Configure Audit Capacity Warning | NIST macOS Catalina v1.5.0 - 800-53r4 High | Unix | AUDIT AND ACCOUNTABILITY |
| Catalina - Configure Audit Failure Notification | NIST macOS Catalina v1.5.0 - 800-53r5 Low | Unix | AUDIT AND ACCOUNTABILITY |
| Catalina - Configure Audit Failure Notification | NIST macOS Catalina v1.5.0 - 800-53r4 High | Unix | AUDIT AND ACCOUNTABILITY |
| Catalina - Configure Audit Failure Notification | NIST macOS Catalina v1.5.0 - 800-53r5 High | Unix | AUDIT AND ACCOUNTABILITY |
| Catalina - Configure System to Shut Down Upon Audit Failure | NIST macOS Catalina v1.5.0 - CNSSI 1253 | Unix | AUDIT AND ACCOUNTABILITY |
| Catalina - Configure System to Shut Down Upon Audit Failure | NIST macOS Catalina v1.5.0 - 800-53r4 Low | Unix | AUDIT AND ACCOUNTABILITY |
| Catalina - Configure System to Shut Down Upon Audit Failure | NIST macOS Catalina v1.5.0 - 800-171 | Unix | AUDIT AND ACCOUNTABILITY |
| Catalina - Configure System to Shut Down Upon Audit Failure | NIST macOS Catalina v1.5.0 - 800-53r4 High | Unix | AUDIT AND ACCOUNTABILITY |
| Catalina - Configure System to Shut Down Upon Audit Failure | NIST macOS Catalina v1.5.0 - 800-53r5 High | Unix | AUDIT AND ACCOUNTABILITY |
| Catalina - Configure System to Shut Down Upon Audit Failure | NIST macOS Catalina v1.5.0 - All Profiles | Unix | AUDIT AND ACCOUNTABILITY |
| Catalina - Configure System to Shut Down Upon Audit Failure | NIST macOS Catalina v1.5.0 - 800-53r4 Moderate | Unix | AUDIT AND ACCOUNTABILITY |
| Catalina - Configure System to Shut Down Upon Audit Failure | NIST macOS Catalina v1.5.0 - 800-53r5 Low | Unix | AUDIT AND ACCOUNTABILITY |
| Catalina - Configure System to Shut Down Upon Audit Failure | NIST macOS Catalina v1.5.0 - 800-53r5 Moderate | Unix | AUDIT AND ACCOUNTABILITY |
| EPAS-00-008100 - The EDB Postgres Advanced Server must provide an immediate real-time alert to appropriate support staff of all audit log failures. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| FNFG-FW-000105 - If communication with the central audit server is lost, the FortiGate firewall must generate a real-time alert to, at a minimum, the SCA and ISSO. | DISA Fortigate Firewall STIG v1r3 | FortiGate | AUDIT AND ACCOUNTABILITY |
| Monterey - Configure Audit Capacity Warning | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | AUDIT AND ACCOUNTABILITY |
| Monterey - Configure Audit Capacity Warning | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | AUDIT AND ACCOUNTABILITY |
| Monterey - Configure Audit Capacity Warning | NIST macOS Monterey v1.0.0 - All Profiles | Unix | AUDIT AND ACCOUNTABILITY |
| Monterey - Configure System to Shut Down Upon Audit Failure | NIST macOS Monterey v1.0.0 - 800-53r5 Low | Unix | AUDIT AND ACCOUNTABILITY |
| Monterey - Configure System to Shut Down Upon Audit Failure | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | AUDIT AND ACCOUNTABILITY |
| Monterey - Configure System to Shut Down Upon Audit Failure | NIST macOS Monterey v1.0.0 - All Profiles | Unix | AUDIT AND ACCOUNTABILITY |
| Monterey - Configure System to Shut Down Upon Audit Failure | NIST macOS Monterey v1.0.0 - 800-171 | Unix | AUDIT AND ACCOUNTABILITY |
| Monterey - Configure System to Shut Down Upon Audit Failure | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | AUDIT AND ACCOUNTABILITY |
| Monterey - Configure System to Shut Down Upon Audit Failure | NIST macOS Monterey v1.0.0 - 800-53r4 Low | Unix | AUDIT AND ACCOUNTABILITY |
| Monterey - Configure System to Shut Down Upon Audit Failure | NIST macOS Monterey v1.0.0 - 800-53r4 Moderate | Unix | AUDIT AND ACCOUNTABILITY |
| Monterey - Configure System to Shut Down Upon Audit Failure | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | AUDIT AND ACCOUNTABILITY |
| Monterey - Configure System to Shut Down Upon Audit Failure | NIST macOS Monterey v1.0.0 - CNSSI 1253 | Unix | AUDIT AND ACCOUNTABILITY |
| SPLK-CL-000160 - Splunk Enterprise must be configured to send an immediate alert to the system administrator (SA) and information system security officer (ISSO) (at a minimum) when allocated log record storage volume reaches 75 percent of the repository maximum log record storage capacity - at a minimum when allocated log record storage volume reaches 75 percent of the repository maximum log record storage capacity. | DISA STIG Splunk Enterprise 8.x for Linux v2r1 STIG REST API | Splunk | AUDIT AND ACCOUNTABILITY |
| VCPG-70-000019 - 'Rsyslog' must be configured to monitor VMware Postgres logs. | DISA STIG VMware vSphere 7.0 PostgreSQL v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| WN12-SO-000049 - The system must generate an audit event when the audit log reaches a percentage of full threshold. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | AUDIT AND ACCOUNTABILITY |
| WN12-SO-000049 - The system must generate an audit event when the audit log reaches a percentage of full threshold. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | AUDIT AND ACCOUNTABILITY |
