| 1.429 RHEL-09-654195 | CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II | Unix | AUDIT AND ACCOUNTABILITY |
| ALMA-09-049080 - AlmaLinux OS 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /var/log/faillock. | DISA CloudLinux AlmaLinux OS 9 STIG v1r3 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-15-000190 - The macOS system must configure sudo to log events. | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY |
| CD12-00-005000 - PostgreSQL must generate audit records when unsuccessful attempts to delete categorized information (e.g., classification levels/security levels) occur. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| CD12-00-005300 - PostgreSQL must generate audit records when unsuccessful attempts to retrieve privileges/permissions occur. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| CD12-00-005400 - PostgreSQL must generate audit records when unsuccessful attempts to delete privileges/permissions occur. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| CD12-00-005500 - PostgreSQL must be able to generate audit records when privileges/permissions are retrieved. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| CD12-00-005600 - PostgreSQL must generate audit records when unsuccessful attempts to modify categorized information (e.g., classification levels/security levels) occur. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| CD12-00-005900 - PostgreSQL must generate audit records when unsuccessful attempts to access categorized information (e.g., classification levels/security levels) occur. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| CD12-00-006000 - PostgreSQL must be able to generate audit records when security objects are accessed. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| CD12-00-006300 - PostgreSQL must generate audit records when unsuccessful attempts to delete security objects occur. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| CD12-00-006600 - PostgreSQL must generate audit records when security objects are modified. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| CD12-00-012500 - Audit records must be generated when categorized information (e.g., classification levels/security levels) is deleted. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| EPAS-00-010600 - The EDB Postgres Advanced Server must generate audit records when privileges/permissions are modified. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| EPAS-00-011200 - The EDB Postgres Advanced Server must generate audit records when privileges/permissions are deleted. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| EPAS-00-011500 - The EDB Postgres Advanced Server must generate audit records when unsuccessful attempts to delete security objects occur. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| EPAS-00-012500 - The EDB Postgres Advanced Server must generate audit records when unsuccessful accesses to objects occur. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| EPAS-00-012600 - The EDB Postgres Advanced Server must generate audit records for all direct access to the database(s). | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| FGFW-ND-000090 - The FortiGate device must generate audit records when concurrent logons from different workstations occur | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | AUDIT AND ACCOUNTABILITY |
| OL07-00-030805 - OL 7 must audit any script or executable called by cron as root or by any privileged user. | DISA Oracle Linux 7 STIG v3r3 | Unix | AUDIT AND ACCOUNTABILITY |
| OL08-00-030603 - OL 8 must enable Linux audit logging for the USBGuard daemon. | DISA Oracle Linux 8 STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| OL09-00-000730 - OL 9 must be configured so that successful/unsuccessful uses of the init command generate an audit record. | DISA Oracle Linux 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-40-000175 The Photon operating system must be configured to audit the loading and unloading of dynamic kernel modules. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-654190 - Successful/unsuccessful uses of the poweroff command in RHEL 9 must generate an audit record. | DISA Red Hat Enterprise Linux 9 STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-654200 - Successful/unsuccessful uses of the shutdown command in RHEL 9 must generate an audit record. | DISA Red Hat Enterprise Linux 9 STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| SLES-15-030760 - The SUSE operating system must generate audit records for the /run/utmp file. | DISA SUSE Linux Enterprise Server 15 STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| SQL2-00-011400 - SQL Server must generate audit records for the DoD-selected list of auditable events - 'Event ID 102' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SYMP-AG-000130 - Symantec ProxySG providing user access control intermediary services must generate audit records showing starting and ending time for user access to the system. | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | AUDIT AND ACCOUNTABILITY |
| UBTU-20-010298 - The Ubuntu operating system must generate audit records when successful/unsuccessful attempts to use the fdisk command. | DISA Canonical Ubuntu 20.04 LTS STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-22-654055 - Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful attempts to use the kmod command. | DISA Canonical Ubuntu 22.04 LTS STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-22-654060 - Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful attempts to use modprobe command. | DISA Canonical Ubuntu 22.04 LTS STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-22-654065 - Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful uses of the mount command. | DISA Canonical Ubuntu 22.04 LTS STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-22-654070 - Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful uses of the newgrp command. | DISA Canonical Ubuntu 22.04 LTS STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-22-654090 - Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful uses of the ssh-agent command. | DISA Canonical Ubuntu 22.04 LTS STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-22-654105 - Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful uses of the sudo command. | DISA Canonical Ubuntu 22.04 LTS STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-22-654120 - Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful uses of the unix_update command. | DISA Canonical Ubuntu 22.04 LTS STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-22-654200 - Ubuntu 22.04 LTS must generate audit records for the /var/log/wtmp file. | DISA Canonical Ubuntu 22.04 LTS STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-22-654225 - Ubuntu 22.04 LTS must generate audit records when successful/unsuccessful attempts to modify the /etc/sudoers.d directory occur. | DISA Canonical Ubuntu 22.04 LTS STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-24-900110 - Ubuntu 24.04 LTS must generate audit records for successful/unsuccessful uses of the ssh-agent command. | DISA Canonical Ubuntu 24.04 LTS STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-24-900120 - Ubuntu 24.04 LTS must generate audit records for successful/unsuccessful uses of the ssh-keysign command. | DISA Canonical Ubuntu 24.04 LTS STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-24-900180 - Ubuntu 24.04 LTS must generate audit records for successful/unsuccessful uses of the sudoedit command. | DISA Canonical Ubuntu 24.04 LTS STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-24-900220 - Ubuntu 24.04 LTS must generate audit records for successful/unsuccessful uses of the apparmor_parser command. | DISA Canonical Ubuntu 24.04 LTS STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-24-900230 - Ubuntu 24.04 LTS must generate audit records for successful/unsuccessful uses of the setfacl command. | DISA Canonical Ubuntu 24.04 LTS STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-24-900270 - Ubuntu 24.04 LTS must generate audit records for successful/unsuccessful uses of the passwd command. | DISA Canonical Ubuntu 24.04 LTS STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| WN11-AU-000054 - The system must be configured to audit Logon/Logoff - Account Lockout failures. | DISA Microsoft Windows 11 STIG v2r4 | Windows | AUDIT AND ACCOUNTABILITY |
| WN11-AU-000080 - The system must be configured to audit Logon/Logoff - Special Logon successes. | DISA Microsoft Windows 11 STIG v2r4 | Windows | AUDIT AND ACCOUNTABILITY |
| WN11-AU-000084 - Windows 11 must be configured to audit Object Access - Other Object Access Events failures. | DISA Microsoft Windows 11 STIG v2r4 | Windows | AUDIT AND ACCOUNTABILITY |
| WN11-AU-000100 - The system must be configured to audit Policy Change - Audit Policy Change successes. | DISA Microsoft Windows 11 STIG v2r4 | Windows | AUDIT AND ACCOUNTABILITY |
| WN11-AU-000140 - The system must be configured to audit System - Security State Change successes. | DISA Microsoft Windows 11 STIG v2r4 | Windows | AUDIT AND ACCOUNTABILITY |
| WN22-AU-000170 - Windows Server 2022 must be configured to audit Logon/Logoff - Group Membership successes. | DISA Microsoft Windows Server 2022 STIG v2r5 | Windows | AUDIT AND ACCOUNTABILITY |
