| 4.1.3.2 Ensure actions as another user are always logged | CIS CentOS Linux 8 Server L2 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.2 Ensure actions as another user are always logged | CIS Fedora 28 Family Linux Workstation L2 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.2 Ensure system administrator command executions (sudo) are collected | CIS Amazon Linux 2 STIG v2.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.7 Ensure login and logout events are collected - /var/log/faillog | CIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.7 Ensure login and logout events are collected - auditctl /var/log/faillog | CIS Ubuntu Linux 16.04 LTS Server L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.7 Ensure login and logout events are collected - auditctl /var/log/lastlog | CIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.7 Ensure login and logout events are collected - auditctl /var/run/faillock/ | CIS CentOS 6 Server L2 v3.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.7 Ensure login and logout events are collected - auditctl faillog | CIS Debian Family Server L2 v1.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.7 Ensure login and logout events are collected - auditctl faillog | CIS Fedora 19 Family Linux Server L2 v1.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.7 Ensure login and logout events are collected - auditctl lastlog | CIS Debian Family Server L2 v1.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.7 Ensure login and logout events are collected - lastlog | CIS Debian Family Server L2 v1.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.7 Ensure login and logout events are collected - rules.d /var/log/lastlog | CIS CentOS 6 Server L2 v3.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.7 Ensure login and logout events are collected - rules.d /var/run/faillock/ | CIS CentOS 6 Server L2 v3.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.7 Ensure login and logout events are collected - rules.d /var/run/faillock/ | CIS Red Hat 6 Server L2 v3.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure login and logout events are collected - /var/log/faillock | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure login and logout events are collected - /var/log/faillog | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure login and logout events are collected - auditctl lastlog | CIS Debian 9 Workstation L2 v1.0.1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure login and logout events are collected - auditctl tallylog | CIS Debian 9 Server L2 v1.0.1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure login and logout events are collected - lastlog | CIS Debian 9 Server L2 v1.0.1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - /var/log/wtmp | CIS Debian Family Workstation L2 v1.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - auditctl /var/log/btmp | CIS CentOS 6 Workstation L2 v3.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - auditctl /var/log/btmp | CIS Oracle Linux 6 Workstation L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - auditctl /var/log/btmp | CIS Red Hat 6 Server L2 v3.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - auditctl wtmp | CIS Fedora 19 Family Linux Server L2 v1.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - auditctl wtmp | CIS Fedora 19 Family Linux Workstation L2 v1.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - btmp | CIS Ubuntu Linux 16.04 LTS Server L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - rules.d /var/log/btmp | CIS Red Hat 6 Workstation L2 v3.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - rules.d /var/log/wtmp | CIS Red Hat 6 Server L2 v3.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - rules.d /var/run/utmp | CIS Oracle Linux 6 Server L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - rules.d /var/run/utmp | CIS Red Hat 6 Server L2 v3.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.9 Ensure session initiation information is collected - /var/log/btmp | CIS Debian 9 Server L2 v1.0.1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.9 Ensure session initiation information is collected - /var/log/wtmp | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.9 Ensure session initiation information is collected - /var/run/utmp | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.9 Ensure session initiation information is collected - auditctl /var/run/utmp | CIS Debian 9 Workstation L2 v1.0.1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 5.2.3.2 Ensure actions as another user are always logged | CIS CentOS Linux 7 v4.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.2 Ensure actions as another user are always logged | CIS CentOS Linux 7 v4.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.3 Ensure events that modify the sudo log file are collected | CIS Red Hat Enterprise Linux 7 v4.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 5.4 Ensure 'SQL Server Audit' is set to capture both 'failed' and 'successful logins' | CIS Microsoft SQL Server 2025 v1.0.0 L1 AWS RDS MS_SQLDB | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| 5.4 Ensure 'SQL Server Audit' is set to capture both 'failed' and 'successful logins' | CIS Microsoft SQL Server 2025 v1.0.0 L1 Database Engine MS_SQLDB | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| 5.4 Ensure 'SQL Server Audit' is set to capture both 'failed' and 'successful logins' | CIS SQL Server 2016 Database L1 DB v1.4.0 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| 5.4 Ensure 'SQL Server Audit' is set to capture both 'failed' and 'successful logins' | CIS Microsoft SQL Server 2022 v1.2.1 L1 AWS RDS | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| 6.2.3.3 Ensure events that modify the sudo log file are collected | CIS Ubuntu Linux 24.04 LTS v1.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.3.2 Ensure actions as another user are always logged | CIS AlmaLinux OS 9 v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.3.2 Ensure actions as another user are always logged | CIS Oracle Linux 9 v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.3.3 Ensure events that modify the sudo log file are collected | CIS Rocky Linux 8 v3.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.3.3 Ensure events that modify the sudo log file are collected | CIS Red Hat Enterprise Linux 8 v4.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.3.3 Ensure events that modify the sudo log file are collected | CIS Red Hat Enterprise Linux 9 v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.3.3 Ensure events that modify the sudo log file are collected | CIS Rocky Linux 9 v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.3.3 Ensure events that modify the sudo log file are collected | CIS AlmaLinux OS 9 v2.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.3.3 Ensure events that modify the sudo log file are collected | CIS AlmaLinux OS 10 v1.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
