| 1.1.9 Ensure auditing is configured for Docker files and directories - docker.sock | CIS Docker v1.7.0 L2 Docker - Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 1.1.14 Ensure auditing is configured for Docker files and directories - /usr/bin/containerd | CIS Docker v1.7.0 L2 Docker - Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 1.1.15 Ensure auditing is configured for Docker files and directories - /usr/bin/containerd-shim | CIS Docker v1.7.0 L2 Docker - Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 1.1.16 Ensure auditing is configured for Docker files and directories - /usr/bin/containerd-shim-runc-v1 | CIS Docker v1.7.0 L2 Docker - Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 3.1 Ensure detailed logging is enabled | CIS NGINX Benchmark v2.1.0 L1 Proxy | Unix | AUDIT AND ACCOUNTABILITY |
| 3.1.13 Ensure the program name for PostgreSQL syslog messages is correct | CIS PostgreSQL 15 DB v1.1.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.19 Ensure 'debug_pretty_print' is enabled | CIS PostgreSQL 15 DB v1.1.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.19 Ensure 'debug_pretty_print' is enabled - debug_pretty_print is enabled | CIS PostgreSQL 12 DB v1.1.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.20 Ensure 'log_connections' is enabled | CIS PostgreSQL 14 DB v 1.2.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.21 Ensure 'log_disconnections' is enabled | CIS PostgreSQL 14 DB v 1.2.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.21 Ensure 'log_disconnections' is enabled | CIS PostgreSQL 15 DB v1.1.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.25 Ensure 'log_statement' is set correctly - log_statement is set correctly | CIS PostgreSQL 12 DB v1.1.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.26 Ensure 'log_timezone' is set correctly | CIS PostgreSQL 14 DB v 1.2.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.2.2 Ensure that the audit policy covers key security concerns | CIS Red Hat OpenShift Container Platform v1.7.0 L2 | OpenShift | AUDIT AND ACCOUNTABILITY |
| 3.3 Ensure error logging is enabled and set to the info logging level | CIS NGINX Benchmark v2.1.0 L1 Proxy | Unix | AUDIT AND ACCOUNTABILITY |
| 3.8 Ensure that object-level logging for write events is enabled for S3 buckets | CIS Amazon Web Services Foundations v5.0.0 L2 | amazon_aws | AUDIT AND ACCOUNTABILITY |
| 4.1.3.1 Ensure events that modify date and time information are collected - adjtimex (64-bit) | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.2 Ensure system administrator command executions (sudo) are collected - 64 bit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.6 Ensure successful file system mounts are collected | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.6 Ensure successful file system mounts are collected - 64-bit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.6 Ensure successful file system mounts are collected - auditctl (64-bit) | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.6 Ensure successful file system mounts are collected - auditctl (64-bit) | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.7 Ensure kernel module loading and unloading is collected - auditctl rmmod | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.7 Ensure kernel module loading and unloading is collected - rmmod | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.9 Ensure file deletion events by users are collected - 64-bit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.11 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EACCES | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.14 Ensure events that modify user/group information are collected - '/etc/gshadow' | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.14 Ensure events that modify user/group information are collected - auditctl '/etc/group' | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.14 Ensure events that modify user/group information are collected - auditctl '/etc/gshadow' | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.3 Ensure events that modify the sudo log file are collected | CIS AlmaLinux OS 8 Workstation L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.4 Ensure events that modify date and time information are collected | CIS AlmaLinux OS 8 Server L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.9 Ensure discretionary access control permission modification events are collected | CIS AlmaLinux OS 8 Workstation L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.13 Ensure file deletion events by users are collected | CIS AlmaLinux OS 8 Server L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.13 Ensure file deletion events by users are collected | CIS AlmaLinux OS 8 Workstation L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.14 Ensure events that modify the system's Mandatory Access Controls are collected | CIS AlmaLinux OS 8 Workstation L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.21 Ensure the running and on disk configuration is the same | CIS AlmaLinux OS 8 Workstation L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 6.1.3 Ensure the 'SYSTEM GRANT' Audit Option Is Enabled | CIS Oracle Server 19c DB Traditional Auditing v1.2.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 6.3 Ensure 'log_error_verbosity' is Set to '2' | CIS MySQL 5.7 Enterprise Database L2 v2.0.0 | MySQLDB | AUDIT AND ACCOUNTABILITY |
| 6.3 Ensure 'log_warnings' Is Set to '2' | CIS MySQL 5.6 Enterprise Database L2 v2.0.0 | MySQLDB | AUDIT AND ACCOUNTABILITY |
| 6.9 Ensure All Statements and Connections are Logged - audit_log_connection_policy | CIS MySQL 5.6 Enterprise Database L2 v2.0.0 | MySQLDB | AUDIT AND ACCOUNTABILITY |
| 17.2.2 Ensure 'Audit Computer Account Management' is set to include 'Success' (DC only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | AUDIT AND ACCOUNTABILITY |
| 17.3.1 (L1) Ensure 'Audit PNP Activity' is set to include 'Success' | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC | Windows | AUDIT AND ACCOUNTABILITY |
| 17.4.3 Ensure 'Audit Directory Service Changes' is set to include 'Success' (DC only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | AUDIT AND ACCOUNTABILITY |
| 17.6.3 Ensure 'Audit Other Object Access Events' is set to 'Success and Failure' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | AUDIT AND ACCOUNTABILITY |
| 17.6.4 (L1) Ensure 'Audit Removable Storage' is set to 'Success and Failure' | CIS Microsoft Windows Server 2019 v3.0.1 L1 DC | Windows | AUDIT AND ACCOUNTABILITY |
| 17.6.4 (L1) Ensure 'Audit Removable Storage' is set to 'Success and Failure' | CIS Microsoft Windows Server 2019 v3.0.1 L1 MS | Windows | AUDIT AND ACCOUNTABILITY |
| 17.7.5 (L1) Ensure 'Audit Other Policy Change Events' is set to include 'Failure' | CIS Microsoft Windows Server 2019 v3.0.1 L1 MS | Windows | AUDIT AND ACCOUNTABILITY |
| 17.8.1 (L1) Ensure 'Audit Sensitive Privilege Use' is set to 'Success and Failure' | CIS Microsoft Windows Server 2019 v3.0.1 L1 DC | Windows | AUDIT AND ACCOUNTABILITY |
| 17.9.1 (L1) Ensure 'Audit IPsec Driver' is set to 'Success and Failure' | CIS Microsoft Windows Server 2019 v3.0.1 L1 MS | Windows | AUDIT AND ACCOUNTABILITY |
| 17.9.1 (L1) Ensure 'Audit Security State Change' is set to include 'Success' | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC | Windows | AUDIT AND ACCOUNTABILITY |
