| 4.1.2.2 Ensure audit logs are not automatically deleted | CIS Fedora 19 Family Linux Server L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.2.3 Ensure system is disabled when audit logs are full - space_left_action = email | CIS Fedora 19 Family Linux Workstation L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.2.3 Ensure system is disabled when audit logs are full - space_left_action = halt | CIS Fedora 19 Family Linux Server L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.5 Ensure events that modify the system's network environment are collected - /etc/issue.net | CIS Fedora 19 Family Linux Workstation L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| 4.1.5 Ensure events that modify the system's network environment are collected - /etc/sysconfig/network | CIS Fedora 19 Family Linux Workstation L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| 4.1.5 Ensure events that modify the system's network environment are collected - auditctl /etc/hosts | CIS Fedora 19 Family Linux Workstation L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| 4.1.5 Ensure events that modify the system's network environment are collected - b32 sethostname | CIS Fedora 19 Family Linux Server L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| 4.1.19 Ensure the audit configuration is immutable | CIS Distribution Independent Linux Workstation L2 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.1 Ensure rsyslog is installed | CIS Fedora 28 Family Linux Workstation L1 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.1 Ensure rsyslog service is enabled | CIS Debian 9 Server L1 v1.0.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.2 Ensure logging is configured | CIS Debian 8 Server L1 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.2 Ensure logging is configured | CIS Debian 9 Workstation L1 v1.0.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.6 Ensure rsyslog is configured to send logs to a remote log host | CIS CentOS Linux 8 Server L1 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.2.1.3 Ensure systemd-journal-remote is enabled | CIS CentOS Linux 8 Workstation L1 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.2.2 Ensure journald service is enabled | CIS CentOS Linux 8 Workstation L1 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.14 Ensure sshd LogLevel is configured | CIS CentOS Linux 7 v4.0.0 L1 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.1.2 Ensure rsyslog service is enabled | CIS CentOS Linux 7 v4.0.0 L1 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.1.6 Ensure rsyslog is configured to send logs to a remote log host | CIS CentOS Linux 7 v4.0.0 L1 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.2.1.3 Ensure systemd-journal-remote is enabled | CIS CentOS Linux 7 v4.0.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.2.1.3 Ensure systemd-journal-remote is enabled | CIS CentOS Linux 7 v4.0.0 L1 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.2.5 Ensure logging is configured | CIS Debian Linux 10 v2.0.0 L1 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.1.1.1 Ensure journald service is enabled and active | CIS Debian Linux 12 v1.1.0 L1 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.1.1.1.3 Ensure journald log file rotation is configured | CIS Debian Linux 13 v1.0.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.1.1.1.3 Ensure journald log file rotation is configured | CIS Debian Linux 13 v1.0.0 L1 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.1.1.2.1 Ensure systemd-journal-remote is installed | CIS Debian Linux 13 v1.0.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.1.1.2.1 Ensure systemd-journal-remote is installed | CIS Debian Linux 13 v1.0.0 L1 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.1.1.2.2 Ensure systemd-journal-upload authentication is configured | CIS Debian Linux 13 v1.0.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.1.1.3 Ensure journald log file rotation is configured | CIS Debian Linux 12 v1.1.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.1.2.1.1 Ensure systemd-journal-remote is installed | CIS Debian Linux 12 v1.1.0 L1 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.1.2.1.2 Ensure systemd-journal-upload authentication is configured | CIS Ubuntu Linux 24.04 LTS v1.0.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.1.2.1.3 Ensure systemd-journal-upload is enabled and active | CIS Ubuntu Linux 24.04 LTS v1.0.0 L1 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.1.2.5 Ensure rsyslog logging is configured | CIS Debian Linux 13 v1.0.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.1.1 Ensure journald service is enabled and active | CIS Ubuntu Linux 20.04 LTS v3.0.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.1.1 Ensure journald service is enabled and active | CIS Ubuntu Linux 20.04 LTS v3.0.0 L1 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.1.1.1 Ensure journald service is enabled and active | CIS Red Hat Enterprise Linux 8 STIG v2.0.0 L1 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.1.1.3 Ensure journald log file rotation is configured | CIS Debian Linux 11 v2.0.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.1.2.3 Ensure systemd-journal-upload is enabled and active | CIS AlmaLinux OS 8 v4.0.0 L1 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.1.2.3 Ensure systemd-journal-upload is enabled and active | CIS Red Hat Enterprise Linux 8 STIG v2.0.0 L1 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.1.2.3 Ensure systemd-journal-upload is enabled and active | CIS Debian Linux 11 v2.0.0 L1 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.2.1 Ensure rsyslog is installed | CIS Red Hat Enterprise Linux 8 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 6.2.2.1 Ensure rsyslog is installed | CIS Red Hat Enterprise Linux 8 STIG v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 6.2.2.1 Ensure rsyslog is installed | CIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 6.2.2.6 Ensure rsyslog logging is configured | CIS Red Hat Enterprise Linux 8 STIG v2.0.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.1.2 Ensure auditing for processes that start prior to auditd is enabled | CIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.3.15 Ensure successful and unsuccessful attempts to use the chcon command are collected | CIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.3.18 Ensure successful and unsuccessful attempts to use the usermod command are collected | CIS Red Hat Enterprise Linux 8 STIG v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.3.18 Ensure successful and unsuccessful attempts to use the usermod command are collected | CIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.3.33 Ensure successful and unsuccessful attempts to use the setfiles command are collected | CIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.3.42 Ensure successful and unsuccessful attempts to use the chage command are collected | CIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.3.43 Ensure the audit system prevents unauthorized changes to logon UIDs | CIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY |
