| 2.3.2.1 Ensure 'Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | AUDIT AND ACCOUNTABILITY |
| 4.2.2.3 Ensure journald is configured to compress large log files | CIS CentOS Linux 8 Server L1 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.2.3 Ensure journald is configured to compress large log files | CIS CentOS Linux 8 Workstation L1 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.2.3 Ensure journald is configured to compress large log files | CIS Fedora 28 Family Linux Server L1 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.2.3 Ensure journald is configured to compress large log files | CIS Amazon Linux 2023 Server L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.2.3 Ensure journald is configured to compress large log files | CIS CentOS Linux 7 v4.0.0 L1 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.2.3 Ensure journald is configured to compress large log files | CIS Red Hat EL8 Server L1 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.2.3 Ensure journald is configured to compress large log files | CIS AlmaLinux OS 8 Workstation L1 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.2.3 Ensure journald is configured to compress large log files | CIS Oracle Linux 7 v4.0.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.1.2.3 Ensure journald Compress is configured | CIS Debian Linux 12 v1.1.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.1.2.3 Ensure journald Compress is configured | CIS Debian Linux 12 v1.1.0 L1 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.1.2.3 Ensure journald Compress is configured | CIS Ubuntu Linux 24.04 LTS v1.0.0 L1 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.1.1.6 Ensure journald Compress is configured | CIS Ubuntu Linux 22.04 LTS v2.0.0 L1 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.1.1.6 Ensure journald Compress is configured | CIS Debian Linux 11 v2.0.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.1.1.6 Ensure journald Compress is configured | CIS Ubuntu Linux 22.04 LTS v2.0.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.2.3 Ensure journald Compress is configured | CIS AlmaLinux OS 9 v2.0.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.2.3 Ensure journald Compress is configured | CIS Oracle Linux 9 v2.0.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| ALMA-09-052050 - AlmaLinux OS 9 must allocate audit record storage capacity to store at least one week's worth of audit records. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-11-001029 - The macOS system must allocate audit record storage capacity to store at least one week's worth of audit records when audit records are not immediately sent to a central audit record storage facility. | DISA STIG Apple macOS 11 v1r5 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-11-001029 - The macOS system must allocate audit record storage capacity to store at least one week's worth of audit records when audit records are not immediately sent to a central audit record storage facility. | DISA STIG Apple macOS 11 v1r8 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-12-001029 - The macOS system must allocate audit record storage capacity to store at least one week's worth of audit records when audit records are not immediately sent to a central audit record storage facility. | DISA STIG Apple macOS 12 v1r9 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-14-004050 The macOS system must configure install.log retention to 365. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-15-001029 - The macOS system must configure audit retention to seven days. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | AUDIT AND ACCOUNTABILITY |
| CD12-00-002100 - PostgreSQL must allocate audit record storage capacity in accordance with organization-defined audit record storage requirements. | DISA STIG Crunchy Data PostgreSQL OS v3r1 | Unix | AUDIT AND ACCOUNTABILITY |
| EPAS-00-007900 - The EDB Postgres Advanced Server must allocate audit record storage capacity in accordance with organization-defined audit record storage requirements. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| ESXI-67-000045 - The ESXi host must enable a persistent log location for all locally stored logs. | DISA STIG VMware vSphere 6.7 ESXi v1r3 | VMware | AUDIT AND ACCOUNTABILITY |
| ESXI-80-000243 - The ESXi host must configure a persistent log location for all locally stored logs. | DISA VMware vSphere 8.0 ESXi STIG v2r3 | VMware | AUDIT AND ACCOUNTABILITY |
| FGFW-ND-000105 - The FortiGate device must allocate audit record storage capacity in accordance with organization-defined audit record storage requirements | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | AUDIT AND ACCOUNTABILITY |
| JUEX-NM-000410 - The Juniper EX switch must be configured to allocate audit record storage capacity in accordance with organization-defined audit record storage requirements. | DISA Juniper EX Series Network Device Management v2r2 | Juniper | AUDIT AND ACCOUNTABILITY |
| MADB-10-007300 - MariaDB must allocate audit record storage capacity in accordance with organization-defined audit record storage requirements. | DISA MariaDB Enterprise 10.x v2r3 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MYS8-00-009600 - The MySQL Database Server 8.0 must allocate audit record storage capacity in accordance with organization-defined audit record storage requirements. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| PHTN-40-000110 The Photon operating system must allocate audit record storage capacity to store audit records when audit records are not immediately sent to a central audit record storage facility. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-67-000057 - The Photon operating system must configure auditd to keep five rotated log files. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | AUDIT AND ACCOUNTABILITY |
| SLES-15-030660 - The SUSE operating system must allocate audit record storage capacity to store at least one week of audit records when audit records are not immediately sent to a central audit record storage facility. | DISA SUSE Linux Enterprise Server 15 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| SQL2-00-010600 - SQL Server must have allocated audit record storage capacity to meet the organization-defined requirements for saving audit record information. | DISA STIG SQL Server 2012 Database OS Audit v1r20 | Windows | AUDIT AND ACCOUNTABILITY |
| UBTU-20-010215 - The Ubuntu operating system must allocate audit record storage capacity to store at least one weeks' worth of audit records, when audit records are not immediately sent to a central audit record storage facility. | DISA Canonical Ubuntu 20.04 LTS STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-22-653035 - Ubuntu 22.04 LTS must allocate audit record storage capacity to store at least one weeks' worth of audit records, when audit records are not immediately sent to a central audit record storage facility. | DISA Canonical Ubuntu 22.04 LTS STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| VCPF-67-000026 - Performance Charts must properly configure log sizes and rotation - MaxFileSize | DISA STIG VMware vSphere 6.7 Perfcharts Tomcat v1r3 | Unix | AUDIT AND ACCOUNTABILITY |
| WBSP-AS-000580 - The WebSphere Application Server must allocate JVM log record storage capacity in accordance with requirements - err | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| WBSP-AS-000580 - The WebSphere Application Server must allocate JVM log record storage capacity in accordance with requirements - out | DISA IBM WebSphere Traditional 9 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| WBSP-AS-000580 - The WebSphere Application Server must allocate JVM log record storage capacity in accordance with requirements. | DISA IBM WebSphere Traditional 9 Windows STIG v1r1 | Windows | AUDIT AND ACCOUNTABILITY |
| WBSP-AS-000590 - WebSphere Application Server must allocate audit log record storage capacity in accordance with requirements - maxFileSize | DISA IBM WebSphere Traditional 9 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| WBSP-AS-000590 - WebSphere Application Server must allocate audit log record storage capacity in accordance with requirements - maxFileSize | DISA IBM WebSphere Traditional 9 Windows STIG v1r1 | Windows | AUDIT AND ACCOUNTABILITY |
| WBSP-AS-000590 - WebSphere Application Server must allocate audit log record storage capacity in accordance with requirements - maxLogs | DISA IBM WebSphere Traditional 9 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| WBSP-AS-000590 - WebSphere Application Server must allocate audit log record storage capacity in accordance with requirements - maxLogs | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| WN11-AU-000505 - The Security event log size must be configured to 1024000 KB or greater. | DISA Microsoft Windows 11 STIG v2r3 | Windows | AUDIT AND ACCOUNTABILITY |
| WN11-AU-000510 - The System event log size must be configured to 32768 KB or greater. | DISA Microsoft Windows 11 STIG v2r3 | Windows | AUDIT AND ACCOUNTABILITY |
| WN22-CC-000270 - Windows Server 2022 Application event log size must be configured to 32768 KB or greater. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | AUDIT AND ACCOUNTABILITY |
| WN22-CC-000280 - Windows Server 2022 Security event log size must be configured to 196608 KB or greater. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | AUDIT AND ACCOUNTABILITY |
| WN22-CC-000290 - Windows Server 2022 System event log size must be configured to 32768 KB or greater. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | AUDIT AND ACCOUNTABILITY |
