| 1.1.8 Set 'aaa accounting exec' | CIS Cisco IOS 17 L2 v2.0.0 | Cisco | AUDIT AND ACCOUNTABILITY |
| 1.1.9 Set 'aaa accounting network' | CIS Cisco IOS 17 L2 v2.0.0 | Cisco | AUDIT AND ACCOUNTABILITY |
| 1.1.10 Set 'aaa accounting system' | CIS Cisco IOS 17 L2 v2.0.0 | Cisco | AUDIT AND ACCOUNTABILITY |
| 2.2.29 Ensure 'Generate security audits' is set to 'LOCAL SERVICE, NETWORK SERVICE' | CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 3.1.10 Ensure the correct syslog facility is selected | CIS PostgreSQL 12 DB v1.1.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.10 Ensure the correct syslog facility is selected | CIS PostgreSQL 16 DB v1.0.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.2 Ensure the PostgreSQL Audit Extension (pgAudit) is enabled - pgaudit installed | CIS PostgreSQL 13 DB v1.1.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.2 Ensure the PostgreSQL Audit Extension (pgAudit) is enabled - pgaudit installed | CIS PostgreSQL 12 DB v1.1.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.2 Ensure the PostgreSQL Audit Extension (pgAudit) is enabled - show pgaudit.log | CIS PostgreSQL 13 DB v1.1.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.2.1 Ensure that a minimal audit policy is created | CIS RedHat OpenShift Container Platform 4 v1.5.0 L1 | OpenShift | AUDIT AND ACCOUNTABILITY |
| 3.6.1.9 Configuring SSH - set LogLevel to INFO or VERBOSE | CIS IBM AIX 7.1 L1 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.2 Ensure auditd service is enabled | CIS Debian 8 Server L2 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.15 Ensure successful and unsuccessful attempts to use the chcon command are recorded - /etc/audit/rules.d/*.rules | CIS Fedora 28 Family Linux Server L2 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.15 Ensure successful and unsuccessful attempts to use the chcon command are recorded - auditctl | CIS Fedora 28 Family Linux Workstation L2 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.15 Ensure successful and unsuccessful attempts to use the chcon command are recorded - auditctl | CIS CentOS Linux 8 Server L2 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.16 Ensure successful and unsuccessful attempts to use the setfacl command are recorded - /etc/audit/rules.d/*.rules | CIS Fedora 28 Family Linux Workstation L2 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.16 Ensure successful and unsuccessful attempts to use the setfacl command are recorded - /etc/audit/rules.d/*.rules | CIS Fedora 28 Family Linux Server L2 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.16 Ensure successful and unsuccessful attempts to use the setfacl command are recorded - auditctl | CIS Fedora 28 Family Linux Server L2 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.16 Ensure successful and unsuccessful attempts to use the setfacl command are recorded - auditctl | CIS CentOS Linux 8 Server L2 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.17 Ensure successful and unsuccessful attempts to use the chacl command are recorded - /etc/audit/rules.d/*.rules | CIS Fedora 28 Family Linux Server L2 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.17 Ensure successful and unsuccessful attempts to use the chacl command are recorded - auditctl | CIS CentOS Linux 8 Server L2 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.18 Ensure successful and unsuccessful attempts to use the usermod command are recorded - /etc/audit/rules.d/*.rules | CIS Fedora 28 Family Linux Server L2 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.18 Ensure successful and unsuccessful attempts to use the usermod command are recorded - /etc/audit/rules.d/*.rules | CIS CentOS Linux 8 Server L2 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.18 Ensure successful and unsuccessful attempts to use the usermod command are recorded - auditctl | CIS Fedora 28 Family Linux Workstation L2 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.18 Ensure successful and unsuccessful attempts to use the usermod command are recorded - auditctl | CIS CentOS Linux 8 Server L2 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.3 Ensure 'Turn on connectivity logging' is set to 'True' | CIS Microsoft Exchange Server 2019 L1 Edge v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 5.2.1.2 Ensure auditing for processes that start prior to auditd is enabled | CIS Oracle Linux 8 Server L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.1.2 Ensure auditing for processes that start prior to auditd is enabled | CIS AlmaLinux OS 8 Workstation L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.1.3 Ensure audit_backlog_limit is sufficient | CIS Red Hat EL8 Server L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.1.3 Ensure audit_backlog_limit is sufficient | CIS Oracle Linux 8 Server L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.1.3 Ensure audit_backlog_limit is sufficient | CIS AlmaLinux OS 8 Workstation L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.1.3 Ensure audit_backlog_limit is sufficient | CIS Rocky Linux 8 Server L2 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.2 Ensure sudo log file is active | CIS IBM AIX 7.1 L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.15 Ensure successful and unsuccessful attempts to use the chcon command are recorded | CIS AlmaLinux OS 8 Workstation L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.16 Ensure successful and unsuccessful attempts to use the setfacl command are recorded | CIS AlmaLinux OS 8 Workstation L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.17 Ensure successful and unsuccessful attempts to use the chacl command are recorded | CIS Red Hat EL8 Server L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.17 Ensure successful and unsuccessful attempts to use the chacl command are recorded | CIS Red Hat EL8 Workstation L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.17 Ensure successful and unsuccessful attempts to use the chacl command are recorded | CIS AlmaLinux OS 8 Workstation L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.18 Ensure successful and unsuccessful attempts to use the usermod command are recorded | CIS Red Hat EL8 Server L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.18 Ensure successful and unsuccessful attempts to use the usermod command are recorded | CIS Red Hat EL8 Workstation L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.7.2 Enable Linux auditd logging | CIS Google Kubernetes Engine (GKE) v1.5.0 L2 | GCP | AUDIT AND ACCOUNTABILITY |
| 6.1.1 Configuring syslog - local logging - auth.info in /etc/syslog.conf | CIS IBM AIX 7.1 L1 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 6.1.2 Ensure mailbox auditing for E3 users is Enabled | CIS Microsoft 365 Foundations E3 L1 v3.0.0 | microsoft_azure | AUDIT AND ACCOUNTABILITY |
| 6.1.3 Ensure mailbox auditing for E5 users is Enabled | CIS Microsoft 365 Foundations E5 L1 v3.0.0 | microsoft_azure | AUDIT AND ACCOUNTABILITY |
| 18.10.44.1 Ensure 'Allow auditing events in Microsoft Defender Application Guard' is set to 'Enabled' | CIS Microsoft Windows 11 Stand-alone v2.0.0 L1 | Windows | AUDIT AND ACCOUNTABILITY |
| 18.10.44.1 Ensure 'Allow auditing events in Microsoft Defender Application Guard' is set to 'Enabled' | CIS Microsoft Windows 11 Stand-alone v2.0.0 L1 + BL | Windows | AUDIT AND ACCOUNTABILITY |
| 20.2 Ensure 'Active Directory AdminSDHolder object is configured with proper audit settings' (STIG DC only) | CIS Microsoft Windows Server 2019 STIG DC STIG v1.0.1 | Windows | AUDIT AND ACCOUNTABILITY |
| 20.5 Ensure 'Active Directory Domain object is configured with proper audit settings' (STIG DC only) | CIS Microsoft Windows Server 2019 STIG DC STIG v1.0.1 | Windows | AUDIT AND ACCOUNTABILITY |
| 20.8 Ensure 'Active Directory Infrastructure object is configured with proper audit settings' (STIG DC only) | CIS Microsoft Windows Server 2019 STIG DC STIG v1.0.1 | Windows | AUDIT AND ACCOUNTABILITY |
| 20.9 Ensure 'Active Directory RID Manager$ object is configured with proper audit settings' (STIG DC only) | CIS Microsoft Windows Server 2019 STIG DC STIG v1.0.1 | Windows | AUDIT AND ACCOUNTABILITY |
