| IIST-SV-000102 - The enhanced logging for the IIS 10.0 web server must be enabled and capture all user and web server events. | DISA IIS 10.0 Server v2r10 | Windows | AUDIT AND ACCOUNTABILITY |
| IISW-SV-000102 - The enhanced logging for the IIS 8.5 web server must be enabled and capture all user and web server events. | DISA IIS 8.5 Server v2r7 | Windows | AUDIT AND ACCOUNTABILITY |
| OL08-00-030190 - OL 8 must generate audit records for any use of the "su" command. | DISA Oracle Linux 8 STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030260 - OL 8 must generate audit records for any uses of the "chcon" command. | DISA Oracle Linux 8 STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030280 - OL 8 must generate audit records for any use of the "ssh-agent" command. | DISA Oracle Linux 8 STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030316 - OL 8 must generate audit records for any use of the "setsebool" command. | DISA Oracle Linux 8 STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030330 - OL 8 must generate audit records for any use of the "setfacl" command. | DISA Oracle Linux 8 STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030361 - OL 8 must generate audit records for any use of the "rename", "unlink", "rmdir", "renameat", and "unlinkat" system calls. | DISA Oracle Linux 8 STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030600 - OL 8 must generate audit records for any attempted modifications to the "lastlog" file. | DISA Oracle Linux 8 STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030602 - OL 8 must allocate an "audit_backlog_limit" of sufficient size to capture processes that start prior to the audit daemon. | DISA Oracle Linux 8 STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-07-030680 - The Red Hat Enterprise Linux operating system must audit all uses of the su command. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-07-030690 - The Red Hat Enterprise Linux operating system must audit all uses of the sudo command. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-07-030700 - The Red Hat Enterprise Linux operating system must audit all uses of the sudoers file and all files in the /etc/sudoers.d/ directory. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-07-030710 - The Red Hat Enterprise Linux operating system must audit all uses of the newgrp command. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-07-030720 - The Red Hat Enterprise Linux operating system must audit all uses of the chsh command. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654255 - RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /var/log/lastlog. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| TCAT-AS-000180 - AccessLogValve must be configured per each virtual host. | DISA STIG Apache Tomcat Application Server 9 v3r2 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-16-020360 - Successful/unsuccessful uses of the su command must generate an audit record. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020370 - Successful/unsuccessful uses of the chfn command must generate an audit record. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020450 - The audit system must be configured to audit any usage of the kmod command. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020460 - The audit system must be configured to audit any usage of the setxattr system call - user b32 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020460 - The audit system must be configured to audit any usage of the setxattr system call - user b64 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020470 - The audit system must be configured to audit any usage of the lsetxattr system call - user b64 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020480 - The audit system must be configured to audit any usage of the fsetxattr system call - user b32 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020490 - The audit system must be configured to audit any usage of the removexattr system call - root b64 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020490 - The audit system must be configured to audit any usage of the removexattr system call - user b64 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020500 - The audit system must be configured to audit any usage of the lremovexattr system call - root b32 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020500 - The audit system must be configured to audit any usage of the lremovexattr system call - root b64 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020510 - The audit system must be configured to audit any usage of the fremovexattr system call - user b32 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020530 - Successful/unsuccessful uses of the fchown command must generate an audit record - b32 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020540 - Successful/unsuccessful uses of the fchownat command must generate an audit record - b64 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020550 - Successful/unsuccessful uses of the lchown command must generate an audit record - b32 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020570 - Successful/unsuccessful uses of the fchmod command must generate an audit record - b32 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020570 - Successful/unsuccessful uses of the fchmod command must generate an audit record. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020580 - Successful/unsuccessful uses of the fchmodat command must generate an audit record - b32 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020600 - Successful/unsuccessful uses of the truncate command must generate an audit record - EACCES b64 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020610 - Successful/unsuccessful uses of the ftruncate command must generate an audit record - EACCES b64 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020610 - Successful/unsuccessful uses of the ftruncate command must generate an audit record - EPERM b64 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020620 - Successful/unsuccessful uses of the creat command must generate an audit record - EPERM b32 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020630 - Successful/unsuccessful uses of the openat command must generate an audit record - EPERM b64 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020640 - Successful/unsuccessful uses of the open_by_handle_at command must generate an audit record - EACCES b32 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020640 - Successful/unsuccessful uses of the open_by_handle_at command must generate an audit record - EPERM b64 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020680 - Successful/unsuccessful uses of the newgrp command must generate an audit record. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020690 - Successful/unsuccessful uses of the chcon command must generate an audit record. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020820 - Successful/unsuccessful uses of the pam_timestamp_check command must generate an audit record. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020840 - Successful/unsuccessful uses of the finit_module command must generate an audit record - b32 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020850 - Successful/unsuccessful uses of the delete_module command must generate an audit record - b64 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| VCLU-70-000005 - Lookup Service must record user access in a format that enables monitoring of remote access. | DISA STIG VMware vSphere 7.0 Lookup Service v1r2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| VCPF-67-000005 - Performance Charts must record user access in a format that enables monitoring of remote access. | DISA STIG VMware vSphere 6.7 Perfcharts Tomcat v1r3 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| VCPG-70-000002 - VMware Postgres log files must contain required fields. | DISA STIG VMware vSphere 7.0 PostgreSQL v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
