| AS24-U1-000720 - The Apache web server must not impede the ability to write specified log record content to an audit log server. | DISA STIG Apache Server 2.4 Unix Server v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| AS24-U1-000730 - The Apache web server must be configured to integrate with an organizations security infrastructure. | DISA STIG Apache Server 2.4 Unix Server v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| AS24-W1-000720 - The Apache web server must not impede the ability to write specified log record content to an audit log server. | DISA STIG Apache Server 2.4 Windows Server v2r3 | Windows | AUDIT AND ACCOUNTABILITY |
| AS24-W1-000730 - The Apache web server must be configurable to integrate with an organizations security infrastructure. | DISA STIG Apache Server 2.4 Windows Server v2r3 | Windows | AUDIT AND ACCOUNTABILITY |
| CISC-ND-001310 - The Cisco router must be configured to off-load log records onto a different system than the system being audited. | DISA STIG Cisco IOS-XR Router NDM v2r5 | Cisco | AUDIT AND ACCOUNTABILITY |
| CISC-ND-001450 - The Cisco router must be configured to send log data to at least two syslog servers for the purpose of forwarding alerts to the administrators and the information system security officer (ISSO). | DISA STIG Cisco IOS-XR Router NDM v2r5 | Cisco | AUDIT AND ACCOUNTABILITY |
| CISC-ND-001450 - The Cisco router must be configured to send log data to at least two syslog servers for the purpose of forwarding alerts to the administrators and the information system security officer (ISSO). | DISA STIG Cisco IOS XE Router NDM v2r9 | Cisco | AUDIT AND ACCOUNTABILITY |
| CISC-ND-001450 - The Cisco router must be configured to send log data to at least two syslog servers for the purpose of forwarding alerts to the administrators and the ISSO. | DISA STIG Cisco IOS Router NDM v2r8 | Cisco | AUDIT AND ACCOUNTABILITY |
| CISC-ND-001450 - The Cisco switch must be configured to send log data to at least two central log servers for the purpose of forwarding alerts to the administrators and the information system security officer (ISSO). | DISA STIG Cisco IOS Switch NDM v2r9 | Cisco | AUDIT AND ACCOUNTABILITY |
| DB2X-00-012600 - DB2 must off-load audit data to a separate log management facility; this must be continuous and in near real time for systems with a network connection to the storage facility and weekly or more often for stand-alone systems. | DISA STIG IBM DB2 v10.5 LUW v2r1 OS Windows | Windows | AUDIT AND ACCOUNTABILITY |
| DB2X-00-012600 - DB2 must off-load audit data to a separate log management facility; this must be continuous and in near real time for systems with a network connection to the storage facility and weekly or more often for stand-alone systems. | DISA STIG IBM DB2 v10.5 LUW v2r1 OS Linux | Unix | AUDIT AND ACCOUNTABILITY |
| DKER-EE-003320 - All Docker Engine - Enterprise nodes must be configured with a log driver plugin that sends logs to a remote log aggregation system (SIEM). | DISA STIG Docker Enterprise 2.x Linux/Unix v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| JBOS-AS-000505 - The JBoss server must be configured to utilize syslog logging. | DISA RedHat JBoss EAP 6.3 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| JUNI-ND-001440 - The Juniper router must be configured to send log data to at least two syslog servers for the purpose of forwarding alerts to the administrators and the Information System Security Officers (ISSO) | DISA STIG Juniper Router NDM v2r3 | Juniper | AUDIT AND ACCOUNTABILITY |
| OL6-00-000137 - The operating system must support the requirement to centrally manage the content of audit records generated by organization defined information system components. | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000509 - The system must forward audit records to the syslog service. | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL07-00-030210 - The Oracle Linux operating system must take appropriate action when the remote logging buffer is full. | DISA Oracle Linux 7 STIG v2r14 | Unix | AUDIT AND ACCOUNTABILITY |
| OL07-00-030300 - The Oracle Linux operating system must off-load audit records onto a different system or media from the system being audited. | DISA Oracle Linux 7 STIG v2r14 | Unix | AUDIT AND ACCOUNTABILITY |
| OL07-00-030321 - The Oracle Linux operating system must be configured so that the audit system takes appropriate action when there is an error sending audit records to a remote system. | DISA Oracle Linux 7 STIG v2r14 | Unix | AUDIT AND ACCOUNTABILITY |
| PANW-AG-000144 - The Palo Alto Networks security platform must, at a minimum, off-load threat and traffic log records onto a centralized log server in real time - Syslog | DISA STIG Palo Alto ALG v2r4 | Palo_Alto | AUDIT AND ACCOUNTABILITY |
| PANW-AG-000144 - The Palo Alto Networks security platform must, at a minimum, off-load threat and traffic log records onto a centralized log server in real time - Threat Logs | DISA STIG Palo Alto ALG v2r4 | Palo_Alto | AUDIT AND ACCOUNTABILITY |
| PANW-AG-000144 - The Palo Alto Networks security platform must, at a minimum, off-load threat and traffic log records onto a centralized log server in real time - Traffic Logs | DISA STIG Palo Alto ALG v2r4 | Palo_Alto | AUDIT AND ACCOUNTABILITY |
| PANW-IP-000039 - The Palo Alto Networks security platform must off-load log records to a centralized log server. | DISA STIG Palo Alto IDPS v2r3 | Palo_Alto | AUDIT AND ACCOUNTABILITY |
| PANW-IP-000058 - The Palo Alto Networks security platform must off-load log records to a centralized log server in real-time. | DISA STIG Palo Alto IDPS v2r3 | Palo_Alto | AUDIT AND ACCOUNTABILITY |
| PANW-NM-000128 - The Palo Alto Networks security platform must off-load audit records onto a different system or media than the system being audited - 'Config Log Syslog' | DISA STIG Palo Alto NDM v2r2 | Palo_Alto | AUDIT AND ACCOUNTABILITY |
| PANW-NM-000128 - The Palo Alto Networks security platform must off-load audit records onto a different system or media than the system being audited - 'Log Forwarding Profile' | DISA STIG Palo Alto NDM v2r2 | Palo_Alto | AUDIT AND ACCOUNTABILITY |
| PANW-NM-000128 - The Palo Alto Networks security platform must off-load audit records onto a different system or media than the system being audited - 'Syslog Server Profiles' | DISA STIG Palo Alto NDM v2r2 | Palo_Alto | AUDIT AND ACCOUNTABILITY |
| PANW-NM-000128 - The Palo Alto Networks security platform must off-load audit records onto a different system or media than the system being audited - 'Syslog Servers' | DISA STIG Palo Alto NDM v2r2 | Palo_Alto | AUDIT AND ACCOUNTABILITY |
| PANW-NM-000128 - The Palo Alto Networks security platform must off-load audit records onto a different system or media than the system being audited - 'System Log Syslog' | DISA STIG Palo Alto NDM v2r2 | Palo_Alto | AUDIT AND ACCOUNTABILITY |
| PANW-NM-000128 - The Palo Alto Networks security platform must off-load audit records onto a different system or media than the system being audited - 'Threat Log Syslog' | DISA STIG Palo Alto NDM v2r2 | Palo_Alto | AUDIT AND ACCOUNTABILITY |
| PPS9-00-013000 - The EDB Postgres Advanced Server must off-load audit data to a separate log management facility; this must be continuous and in near real time for systems with a network connection to the storage facility and weekly or more often for stand-alone systems. | EDB PostgreSQL Advanced Server DB Audit v2r3 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000137 - The operating system must support the requirement to centrally manage the content of audit records generated by organization defined information system components. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-07-030320 - The Red Hat Enterprise Linux operating system must be configured so that the audit system takes appropriate action when the audit storage volume is full. | DISA Red Hat Enterprise Linux 7 STIG v3r14 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-07-030321 - The Red Hat Enterprise Linux operating system must be configured so that the audit system takes appropriate action when there is an error sending audit records to a remote system. | DISA Red Hat Enterprise Linux 7 STIG v3r14 | Unix | AUDIT AND ACCOUNTABILITY |
| SLES-12-020080 - The SUSE operating system audit event multiplexor must be configured to use Kerberos. | DISA SLES 12 STIG v2r13 | Unix | AUDIT AND ACCOUNTABILITY |
| SLES-12-020110 - Audispd must take appropriate action when the SUSE operating system audit storage is full. | DISA SLES 12 STIG v2r13 | Unix | AUDIT AND ACCOUNTABILITY |
| SLES-12-030340 - The SUSE operating system must off-load rsyslog messages for networked systems in real time and off-load standalone systems at least weekly. | DISA SLES 12 STIG v2r13 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-16-020080 - Off-loading audit records to another system must be authenticated. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-18-010007 - The Ubuntu operating system audit event multiplexor must be configured to off-load audit logs onto a different system in real time, if the system is interconnected. | DISA STIG Ubuntu 18.04 LTS v2r14 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-18-010025 - The Ubuntu operating system audit event multiplexor must be configured to off-load audit logs onto a different system or storage media from the system being audited. | DISA STIG Ubuntu 18.04 LTS v2r14 | Unix | AUDIT AND ACCOUNTABILITY |
| VCEM-67-000027 - Rsyslog must be configured to monitor and ship ESX Agent Manager log files - access | DISA STIG VMware vSphere 6.7 EAM Tomcat v1r4 | Unix | AUDIT AND ACCOUNTABILITY |
| VCEM-67-000027 - Rsyslog must be configured to monitor and ship ESX Agent Manager log files - localhost | DISA STIG VMware vSphere 6.7 EAM Tomcat v1r4 | Unix | AUDIT AND ACCOUNTABILITY |
| VCLD-70-000008 - The rsyslog must be configured to monitor VAMI logs. | DISA STIG VMware vSphere 7.0 VAMI v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| VCPF-67-000027 - Rsyslog must be configured to monitor and ship Performance Charts log files - localhost_access | DISA STIG VMware vSphere 6.7 Perfcharts Tomcat v1r3 | Unix | AUDIT AND ACCOUNTABILITY |
| VCPF-67-000027 - Rsyslog must be configured to monitor and ship Performance Charts log files - runtime | DISA STIG VMware vSphere 6.7 Perfcharts Tomcat v1r3 | Unix | AUDIT AND ACCOUNTABILITY |
| VCPF-70-000030 - Rsyslog must be configured to monitor and ship Performance Charts log files. | DISA STIG VMware vSphere 7.0 Perfcharts Tomcat v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| VCST-67-000027 - Rsyslog must be configured to monitor and ship Security Token Service log files - sts-runtime | DISA STIG VMware vSphere 6.7 STS Tomcat v1r3 | Unix | AUDIT AND ACCOUNTABILITY |
| VCST-67-000027 - Rsyslog must be configured to monitor and ship Security Token Service log files - vmidentity | DISA STIG VMware vSphere 6.7 STS Tomcat v1r3 | Unix | AUDIT AND ACCOUNTABILITY |
| WBLC-02-000081 - Oracle WebLogic must provide the ability to write specified audit record content to an audit log server. | Oracle WebLogic Server 12c Linux v2r1 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| WBLC-02-000081 - Oracle WebLogic must provide the ability to write specified audit record content to an audit log server. | Oracle WebLogic Server 12c Linux v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
