| APPL-13-001020 - The macOS system must audit the enforcement actions used to restrict access associated with changes to the system. | DISA STIG Apple macOS 13 v1r5 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| CISC-ND-001250 - The Cisco switch must be configured to generate log records when administrator privileges are deleted. | DISA Cisco NX OS Switch NDM STIG v3r3 | Cisco | AUDIT AND ACCOUNTABILITY |
| CISC-ND-001260 - The Cisco router must be configured to generate audit records when successful/unsuccessful logon attempts occur. | DISA STIG Cisco IOS XE Router NDM v3r2 | Cisco | AUDIT AND ACCOUNTABILITY |
| CISC-ND-001280 - The Cisco switch must generate audit records showing starting and ending time for administrator access to the system. | DISA Cisco NX OS Switch NDM STIG v3r3 | Cisco | AUDIT AND ACCOUNTABILITY |
| DB2X-00-000800 - DB2 must generate audit records when privileges/permissions are retrieved - database policies | DISA STIG IBM DB2 v10.5 LUW v2r1 Database | IBM_DB2DB | AUDIT AND ACCOUNTABILITY |
| DB2X-00-000800 - DB2 must generate audit records when privileges/permissions are retrieved - table SYSIBM.SYSLIBRARYAUTH | DISA STIG IBM DB2 v10.5 LUW v2r1 Database | IBM_DB2DB | AUDIT AND ACCOUNTABILITY |
| DB2X-00-000800 - DB2 must generate audit records when privileges/permissions are retrieved - table SYSIBM.SYSSECURITYLABELACCESS | DISA STIG IBM DB2 v10.5 LUW v2r1 Database | IBM_DB2DB | AUDIT AND ACCOUNTABILITY |
| DB2X-00-000900 - DB2 must generate audit records when unsuccessful attempts to retrieve privileges/permissions occur - SYSIBM.SYSSCHEMAAUTH | DISA STIG IBM DB2 v10.5 LUW v2r1 Database | IBM_DB2DB | AUDIT AND ACCOUNTABILITY |
| DB2X-00-000900 - DB2 must generate audit records when unsuccessful attempts to retrieve privileges/permissions occur - SYSIBM.SYSSURROGATEAUTHIDS | DISA STIG IBM DB2 v10.5 LUW v2r1 Database | IBM_DB2DB | AUDIT AND ACCOUNTABILITY |
| DB2X-00-000900 - DB2 must generate audit records when unsuccessful attempts to retrieve privileges/permissions occur - SYSIBM.SYSVARIABLEAUTH | DISA STIG IBM DB2 v10.5 LUW v2r1 Database | IBM_DB2DB | AUDIT AND ACCOUNTABILITY |
| DB2X-00-010000 - DB2 must generate audit records when privileges/permissions are added | DISA STIG IBM DB2 v10.5 LUW v2r1 Database | IBM_DB2DB | AUDIT AND ACCOUNTABILITY |
| DB2X-00-010300 - DB2 must generate audit records when unsuccessful attempts to modify privileges/permissions occur | DISA STIG IBM DB2 v10.5 LUW v2r1 Database | IBM_DB2DB | AUDIT AND ACCOUNTABILITY |
| DB2X-00-011700 - DB2 must generate audit records when unsuccessful attempts to execute privileged activities or other system-level access occur | DISA STIG IBM DB2 v10.5 LUW v2r1 Database | IBM_DB2DB | AUDIT AND ACCOUNTABILITY |
| DB2X-00-012100 - DB2 must generate audit records when unsuccessful accesses to objects occur | DISA STIG IBM DB2 v10.5 LUW v2r1 Database | IBM_DB2DB | AUDIT AND ACCOUNTABILITY |
| OL6-00-000184 - The audit system must be configured to audit all discretionary access control permission modifications using chmod, fchmod, and fchmodat - b32 auid=0 | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000184 - The audit system must be configured to audit all discretionary access control permission modifications using chmod, fchmod, and fchmodat - b32 auid>=500 | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000184 - The audit system must be configured to audit all discretionary access control permission modifications using chmod, fchmod, and fchmodat - b64 auid>=500 | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000185 - The audit system must be configured to audit all discretionary access control permission modifications using chown, fchown, fchownat, and lchown - b64 auid>=500 | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000197 - The audit system must be configured to audit failed attempts to access files and programs - b32 EACCES auid=0 | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000197 - The audit system must be configured to audit failed attempts to access files and programs - b64 EACCES auid=0 | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000200 - The audit system must be configured to audit user deletions of files and programs - b32 auid=0 | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000202 - The audit system must be configured to audit the loading and unloading of dynamic kernel modules - modprobe | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| PPS9-00-010800 - The EDB Postgres Advanced Server must generate audit records when security objects are modified. | EDB PostgreSQL Advanced Server DB Audit v2r3 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PPS9-00-010900 - The EDB Postgres Advanced Server must generate audit records when unsuccessful attempts to modify security objects occur. | EDB PostgreSQL Advanced Server DB Audit v2r3 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PPS9-00-011000 - Audit records must be generated when categorized information (e.g., classification levels/security levels) is created. | EDB PostgreSQL Advanced Server DB Audit v2r3 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PPS9-00-011900 - The EDB Postgres Advanced Server must generate audit records when unsuccessful logons or connection attempts occur. | EDB PostgreSQL Advanced Server DB Audit v2r3 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PPS9-00-012000 - The EDB Postgres Advanced Server must generate audit records for all privileged activities or other system-level access. | EDB PostgreSQL Advanced Server DB Audit v2r3 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036200 - SQL Server must generate Trace or Audit records when privileges/permissions are modified via locally-defined security objects - Event ID 83 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036200 - SQL Server must generate Trace or Audit records when privileges/permissions are modified via locally-defined security objects - Event ID 87 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036300 - SQL Server must generate Trace or Audit records when unsuccessful attempts to modify privileges/permissions via locally-defined security objects occur - Event ID 43 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036300 - SQL Server must generate Trace or Audit records when unsuccessful attempts to modify privileges/permissions via locally-defined security objects occur - Event ID 89 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036300 - SQL Server must generate Trace or Audit records when unsuccessful attempts to modify privileges/permissions via locally-defined security objects occur - Event ID 91 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036300 - SQL Server must generate Trace or Audit records when unsuccessful attempts to modify privileges/permissions via locally-defined security objects occur - Event ID 162 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036300 - SQL Server must generate Trace or Audit records when unsuccessful attempts to modify privileges/permissions via locally-defined security objects occur. | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036400 - SQL Server must generate Trace or Audit records when locally-defined security objects are modified - Event ID 46 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036600 - Trace or Audit records must be generated when categorized information (e.g., classification levels/security levels) is created - Event ID 86 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036600 - Trace or Audit records must be generated when categorized information (e.g., classification levels/security levels) is created - Event ID 87 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036600 - Trace or Audit records must be generated when categorized information (e.g., classification levels/security levels) is created - Event ID 88 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| UBTU-18-010347 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the chacl command. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-18-010349 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the unix_update command. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-18-010351 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the chage command. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-24-500010 - Ubuntu 24.04 LTS must generate audit records for privileged activities, nonlocal maintenance, diagnostic sessions, and other system-level access. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| WN12-AU-000001 - The system must be configured to audit Account Logon - Credential Validation successes. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | AUDIT AND ACCOUNTABILITY |
| WN12-AU-000023 - The system must be configured to audit Detailed Tracking - Process Creation successes. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | AUDIT AND ACCOUNTABILITY |
| WN12-AU-000059 - The system must be configured to audit Object Access - Central Access Policy Staging successes. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | AUDIT AND ACCOUNTABILITY |
| WN12-AU-000060 - The system must be configured to audit Object Access - Central Access Policy Staging failures. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | AUDIT AND ACCOUNTABILITY |
| WN12-AU-000060 - The system must be configured to audit Object Access - Central Access Policy Staging failures. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | AUDIT AND ACCOUNTABILITY |
| WN12-AU-000082 - The system must be configured to audit Object Access - Removable Storage failures. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | AUDIT AND ACCOUNTABILITY |
| WN12-AU-000085 - The system must be configured to audit Policy Change - Audit Policy Change successes. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | AUDIT AND ACCOUNTABILITY |
| WN12-AU-000104 - The system must be configured to audit System - IPsec Driver failures. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | AUDIT AND ACCOUNTABILITY |
