| 2.1 Ensure that IP addresses are mapped to usernames - User ID Agents | CIS Palo Alto Firewall 9 v1.1.0 L2 | Palo_Alto | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 3.5 Review Superuser/Admin Roles - clusterAdmin | CIS MongoDB 4 L2 DB v1.0.0 | MongoDB | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 3.5 Review Superuser/Admin Roles - userAdminAnyDatabase | CIS MongoDB 4 L2 DB v1.0.0 | MongoDB | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 5.1.3 Minimize wildcard use in Roles and ClusterRoles | CIS Red Hat OpenShift Container Platform v1.8.0 L1 OpenShift | OpenShift | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| ARST-ND-000850 - The Arista network Arista device must be configured to send log data to a central log server for the purpose of forwarding alerts to the administrators and the ISSO. | DISA STIG Arista MLS EOS 4.2x NDM v2r1 | Arista | AUDIT AND ACCOUNTABILITY |
| AS24-U1-000210 - The log data and records from the Apache web server must be backed up onto a different system or media. | DISA STIG Apache Server 2.4 Unix Server v3r2 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| AS24-U1-000210 - The log data and records from the Apache web server must be backed up onto a different system or media. | DISA STIG Apache Server 2.4 Unix Server v3r2 | Unix | AUDIT AND ACCOUNTABILITY |
| AS24-W1-000210 - The log data and records from the Apache web server must be backed up onto a different system or media. | DISA STIG Apache Server 2.4 Windows Server v3r3 | Windows | AUDIT AND ACCOUNTABILITY |
| BIND-9X-001017 - The BIND 9.x server implementation must not be configured with a channel to send audit records to null. | DISA BIND 9.x STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| BIND-9X-001041 - The BIND 9.x server implementation must be configured with a channel to send audit records to a local file. | DISA BIND 9.x STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| EX13-CA-000085 - Exchange must have Audit data on separate partitions. | DISA Microsoft Exchange 2013 Client Access Server STIG v2r2 | Windows | AUDIT AND ACCOUNTABILITY |
| EX13-MB-000080 - Exchange Audit data must be on separate partitions. | DISA Microsoft Exchange 2013 Mailbox Server STIG v2r3 | Windows | AUDIT AND ACCOUNTABILITY |
| EX16-ED-000140 - Exchange audit data must be on separate partitions. | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r5 | Windows | AUDIT AND ACCOUNTABILITY |
| EX16-ED-000140 - Exchange audit data must be on separate partitions. | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r6 | Windows | AUDIT AND ACCOUNTABILITY |
| EX16-MB-000160 - Exchange Audit data must be on separate partitions. | DISA Microsoft Exchange 2016 Mailbox Server STIG v2r6 | Windows | AUDIT AND ACCOUNTABILITY |
| GEN002690 - System audit logs must be group-owned by root, bin, sys, or system. | DISA STIG for Oracle Linux 5 v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| IIST-SV-000116 - The log data and records from the IIS 10.0 web server must be backed up onto a different system or media. | DISA IIS 10.0 Server v2r10 | Windows | AUDIT AND ACCOUNTABILITY |
| IISW-SV-000116 - The log data and records from the IIS 8.5 web server must be backed up onto a different system or media. | DISA IIS 8.5 Server v2r7 | Windows | AUDIT AND ACCOUNTABILITY |
| Monterey - Configure System to Audit All Failed Change of Object Attributes | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Monterey - Configure System to Audit All Failed Change of Object Attributes | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Monterey - Configure System to Audit All Failed Change of Object Attributes | NIST macOS Monterey v1.0.0 - All Profiles | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Monterey - Configure System to Audit All Failed Change of Object Attributes | NIST macOS Monterey v1.0.0 - 800-53r5 Low | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Monterey - Configure System to Audit All Failed Change of Object Attributes | NIST macOS Monterey v1.0.0 - CNSSI 1253 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| OH12-1X-000077 - The log data and records from OHS must be backed up onto a different system or media. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000136 - The operating system must back up audit records on an organization defined frequency onto a different system or media than the system being audited. | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000136 - The operating system must back up audit records on an organization defined frequency onto a different system or media than the system being audited. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000281 - The system package management tool must verify contents of all files associated with the audit package. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| SLES-12-010540 - The SUSE operating system file integrity tool must be configured to protect the integrity of the audit tools. | DISA SLES 12 STIG v3r3 | Unix | AUDIT AND ACCOUNTABILITY |
| SOL-11.1-010440 - The operating system must protect audit information from unauthorized access. | DISA STIG Solaris 11 X86 v3r1 | Unix | AUDIT AND ACCOUNTABILITY |
| SOL-11.1-020080 - System packages must be configured with the vendor-provided files, permissions, and ownerships. | DISA STIG Solaris 11 X86 v3r1 | Unix | AUDIT AND ACCOUNTABILITY |
| SOL-11.1-060180 - The operating system must use cryptographic mechanisms to protect the integrity of audit information. | DISA STIG Solaris 11 X86 v3r1 | Unix | AUDIT AND ACCOUNTABILITY |
| SOL-11.1-090220 - The operating system must back up audit records at least every seven days onto a different system or system component than the system or component being audited. | DISA STIG Solaris 11 X86 v3r1 | Unix | AUDIT AND ACCOUNTABILITY |
| SPLK-CL-000105 - Splunk Enterprise must be configured to back up the log records repository at least every seven days onto a different system or system component other than the system or component being audited. | DISA STIG Splunk Enterprise 7.x for Windows v3r1 REST API | Splunk | AUDIT AND ACCOUNTABILITY |
| UBTU-16-010550 - The Ubuntu operating system must use cryptographic mechanisms to protect the integrity of audit tools - audispd | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-16-010550 - The Ubuntu operating system must use cryptographic mechanisms to protect the integrity of audit tools - auditctl | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-16-010550 - The Ubuntu operating system must use cryptographic mechanisms to protect the integrity of audit tools - auditd | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-16-010550 - The Ubuntu operating system must use cryptographic mechanisms to protect the integrity of audit tools - augenrules | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-16-010550 - The Ubuntu operating system must use cryptographic mechanisms to protect the integrity of audit tools - ausearch | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-18-010306 - The Ubuntu operating system must permit only authorized accounts ownership of the audit log files. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-18-010506 - The Ubuntu operating system must use cryptographic mechanisms to protect the integrity of audit tools. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | AUDIT AND ACCOUNTABILITY |
| VCEM-67-000027 - Rsyslog must be configured to monitor and ship ESX Agent Manager log files - access | DISA STIG VMware vSphere 6.7 EAM Tomcat v1r4 | Unix | AUDIT AND ACCOUNTABILITY |
| VCEM-67-000027 - Rsyslog must be configured to monitor and ship ESX Agent Manager log files - localhost | DISA STIG VMware vSphere 6.7 EAM Tomcat v1r4 | Unix | AUDIT AND ACCOUNTABILITY |
| VCEM-67-000027 - Rsyslog must be configured to monitor and ship ESX Agent Manager log files - main | DISA STIG VMware vSphere 6.7 EAM Tomcat v1r4 | Unix | AUDIT AND ACCOUNTABILITY |
| VCEM-70-000029 - Rsyslog must be configured to monitor and ship ESX Agent Manager log files. | DISA STIG VMware vSphere 7.0 EAM Tomcat v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| VCLD-70-000008 - The rsyslog must be configured to monitor VAMI logs. | DISA STIG VMware vSphere 7.0 VAMI v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| VCLD-80-000022 The vCenter VAMI service must off-load log records onto a different system or media from the system being logged. | DISA VMware vSphere 8.0 vCenter Appliance Management Interface (VAMI) STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| VCPF-67-000027 - Rsyslog must be configured to monitor and ship Performance Charts log files - localhost_access | DISA STIG VMware vSphere 6.7 Perfcharts Tomcat v1r3 | Unix | AUDIT AND ACCOUNTABILITY |
| VCPF-67-000027 - Rsyslog must be configured to monitor and ship Performance Charts log files - runtime | DISA STIG VMware vSphere 6.7 Perfcharts Tomcat v1r3 | Unix | AUDIT AND ACCOUNTABILITY |
| VCST-67-000027 - Rsyslog must be configured to monitor and ship Security Token Service log files - sts-runtime | DISA STIG VMware vSphere 6.7 STS Tomcat v1r3 | Unix | AUDIT AND ACCOUNTABILITY |
| VCST-67-000027 - Rsyslog must be configured to monitor and ship Security Token Service log files - vmidentity | DISA STIG VMware vSphere 6.7 STS Tomcat v1r3 | Unix | AUDIT AND ACCOUNTABILITY |
