| AOSX-14-001044 - The macOS system must generate audit records for DoD-defined events such as successful/unsuccessful logon attempts, successful/unsuccessful direct access attempts, starting and ending time for user access, and concurrent logons to the same account from different sources. | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-11-001020 - The macOS system must audit the enforcement actions used to restrict access associated with changes to the system - fr | DISA STIG Apple macOS 11 v1r5 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| CISC-ND-001260 - The Cisco router must be configured to generate audit records when successful/unsuccessful logon attempts occur. | DISA Cisco IOS Router NDM STIG v3r4 | Cisco | AUDIT AND ACCOUNTABILITY |
| CISC-ND-001270 - The Cisco switch must be configured to generate log records for privileged activities. | DISA Cisco IOS XE Switch NDM STIG v3r4 | Cisco | AUDIT AND ACCOUNTABILITY |
| JBOS-AS-000700 - JBoss must be configured to generate log records when successful/unsuccessful logon attempts occur. | DISA JBoss EAP 6.3 STIG v2r6 | Unix | AUDIT AND ACCOUNTABILITY |
| PGS9-00-005100 - PostgreSQL must generate audit records when successful logons or connections occur. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PGS9-00-005800 - PostgreSQL must generate audit records for all privileged activities or other system-level access. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PGS9-00-006100 - PostgreSQL must generate audit records when privileges/permissions are deleted. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PGS9-00-006400 - PostgreSQL must generate audit records when privileges/permissions are modified. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PGS9-00-012700 - PostgreSQL must generate audit records for all direct access to the database(s). | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PHTN-67-000056 - The Photon operating system must audit the execution of privileged functions. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| RHEL-06-000185 - The audit system must be configured to audit all discretionary access control permission modifications using chown - auid>=500 32 bit | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000187 - The audit system must be configured to audit all discretionary access control permission modifications using fchmodat - auid>=500 64 bit | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000188 - The audit system must be configured to audit all discretionary access control permission modifications using fchown - auid>=500 64 bit | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000189 - The audit system must be configured to audit all discretionary access control permission modifications using fchownat - auid>=500 32 bit | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000190 - The audit system must be configured to audit all discretionary access control permission modifications using fremovexattr - auid=0 32 bit | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000190 - The audit system must be configured to audit all discretionary access control permission modifications using fremovexattr - auid>=500 32 bit | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000191 - The audit system must be configured to audit all discretionary access control permission modifications using fsetxattr - auid=0 64 bit | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000193 - The audit system must be configured to audit all discretionary access control permission modifications using lremovexattr - auid=0 32 bit | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000193 - The audit system must be configured to audit all discretionary access control permission modifications using lremovexattr - auid=0 64 bit | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000193 - The audit system must be configured to audit all discretionary access control permission modifications using lremovexattr - auid>=500 64 bit | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000200 - The audit system must be configured to audit user deletions of files and programs - rmdir 64 bit | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000200 - The audit system must be configured to audit user deletions of files and programs - unlink 32 bit | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000200 - The audit system must be configured to audit user deletions of files and programs - unlinkat 32 bit | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000202 - The audit system must be configured to audit the loading and unloading of dynamic kernel modules - /sbin/rmmod. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-07-030440 - The Red Hat Enterprise Linux operating system must audit all uses of the setxattr, fsetxattr, lsetxattr, removexattr, fremovexattr, and lremovexattr syscalls. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-07-030830 - The Red Hat Enterprise Linux operating system must audit all uses of the delete_module syscall. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037900 - SQL Server must generate Trace or Audit records when logoffs or disconnections occur - Event ID 15 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037900 - SQL Server must generate Trace or Audit records when logoffs or disconnections occur - Event ID 16 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-038000 - SQL Server must generate Trace or Audit records when concurrent logons/connections by the same user from different workstations occur - Event ID 16 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-038000 - SQL Server must generate Trace or Audit records when concurrent logons/connections by the same user from different workstations occur. | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| UBTU-18-010240 - The Ubuntu operating system must generate audit records for the /var/log/btmp file. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-18-010317 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the mount command. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-18-010320 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the ssh-keysign command. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-18-010331 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the chmod, fchmod, and fchmodat system calls. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-18-010340 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the sudo command. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-18-010350 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the gpasswd command. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-18-010388 - The Ubuntu operating system must generate records for successful/unsuccessful uses of delete_module syscall and when unloading dynamic kernel modules. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-18-010391 - The Ubuntu operating system must generate audit records when successful/unsuccessful attempts to use the kmod command. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | AUDIT AND ACCOUNTABILITY |
| WN16-AU-000160 - Windows Server 2016 must be configured to audit Detailed Tracking - Plug and Play Events successes. | DISA Microsoft Windows Server 2016 STIG v2r10 | Windows | AUDIT AND ACCOUNTABILITY |
| WN19-AU-000130 - Windows Server 2019 must be configured to audit Detailed Tracking - Plug and Play Events successes. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | AUDIT AND ACCOUNTABILITY |
| WN19-AU-000170 - Windows Server 2019 must be configured to audit Logon/Logoff - Group Membership successes. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | AUDIT AND ACCOUNTABILITY |
| WN19-AU-000210 - Windows Server 2019 must be configured to audit Logon/Logoff - Special Logon successes. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | AUDIT AND ACCOUNTABILITY |
| WN19-AU-000230 - Windows Server 2019 must be configured to audit Object Access - Other Object Access Events failures. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | AUDIT AND ACCOUNTABILITY |
| WN22-AU-000140 - Windows Server 2022 must be configured to audit Detailed Tracking - Process Creation successes. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN22-AU-000200 - Windows Server 2022 must be configured to audit logon failures. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN22-AU-000300 - Windows Server 2022 must be configured to audit Privilege Use - Sensitive Privilege Use successes. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN22-DC-000170 - Windows Server 2022 Active Directory Group Policy objects must be configured with proper audit settings. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN22-DC-000180 - Windows Server 2022 Active Directory Domain object must be configured with proper audit settings. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN22-DC-000250 - Windows Server 2022 must be configured to audit DS Access - Directory Service Access failures. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
