| 1.257 OL08-00-030410 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 1.258 OL08-00-030420 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 1.393 RHEL-09-654015 | CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 1.399 RHEL-09-654045 | CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 1.407 RHEL-09-654085 | CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 1.409 RHEL-09-654095 | CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 1.410 RHEL-09-654100 | CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 1.412 RHEL-09-654110 | CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 1.418 RHEL-09-654140 | CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 1.419 RHEL-09-654145 | CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 1.425 RHEL-09-654175 | CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 1.441 RHEL-09-654255 | CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-048200 - AlmaLinux OS 9 must generate audit records for any use of the "chacl" command. | DISA CloudLinux AlmaLinux OS 9 STIG v1r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-048860 - AlmaLinux OS 9 must generate audit records for any use of the "crontab" command. | DISA CloudLinux AlmaLinux OS 9 STIG v1r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-049520 - AlmaLinux OS 9 must generate audit records for any use of the "passwd" command. | DISA CloudLinux AlmaLinux OS 9 STIG v1r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-049960 - AlmaLinux OS 9 must generate audit records for any use of the "sudo" command. | DISA CloudLinux AlmaLinux OS 9 STIG v1r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-050070 - AlmaLinux OS 9 must generate audit records for any use of the "semanage" command. | DISA CloudLinux AlmaLinux OS 9 STIG v1r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-050510 - AlmaLinux OS 9 must generate audit records for any use of the "ssh-agent" command. | DISA CloudLinux AlmaLinux OS 9 STIG v1r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-050840 - AlmaLinux OS 9 must generate audit records for any use of the "pam_timestamp_check" command. | DISA CloudLinux AlmaLinux OS 9 STIG v1r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-051060 - AlmaLinux OS 9 must generate audit records for any use of the "unix_update" command. | DISA CloudLinux AlmaLinux OS 9 STIG v1r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| APPL-11-001001 - The macOS system must generate audit records for all account creations, modifications, disabling, and termination events; privileged activities or other system-level access; all kernel module load, unload, and restart actions; all program initiations; and organizationally defined events for all non-local maintenance and diagnostic sessions. | DISA STIG Apple macOS 11 v1r5 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| APPL-11-001001 - The macOS system must generate audit records for all account creations, modifications, disabling, and termination events; privileged activities or other system-level access; all kernel module load, unload, and restart actions; all program initiations; and organizationally defined events for all non-local maintenance and diagnostic sessions. | DISA STIG Apple macOS 11 v1r8 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| APPL-15-001021 - The macOS system must be configured to audit all changes of object attributes. | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| APPL-15-001022 - The macOS system must be configured to audit all failed read actions on the system. | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030302 - OL 8 must generate audit records for any use of the "mount" syscall. | DISA Oracle Linux 8 STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030360 - OL 8 must generate audit records for any use of the "init_module" and "finit_module" system calls. | DISA Oracle Linux 8 STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030370 - OL 8 must generate audit records for any use of the "gpasswd" command. | DISA Oracle Linux 8 STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030390 - OL 8 must generate audit records for any use of the delete_module syscall. | DISA Oracle Linux 8 STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030410 - OL 8 must generate audit records for any use of the "chsh" command. | DISA Oracle Linux 8 STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030420 - OL 8 must generate audit records for any use of the "truncate", "ftruncate", "creat", "open", "openat", and "open_by_handle_at" system calls. | DISA Oracle Linux 8 STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030550 - OL 8 must generate audit records for any use of the "sudo" command. | DISA Oracle Linux 8 STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030590 - OL 8 must generate audit records for any attempted modifications to the "faillock" log file. | DISA Oracle Linux 8 STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL09-00-000570 - OL 9 must audit all uses of the crontab command. | DISA Oracle Linux 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL09-00-000575 - OL 9 must audit all uses of the gpasswd command. | DISA Oracle Linux 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL09-00-000595 - OL 9 must audit all uses of the postdrop command. | DISA Oracle Linux 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL09-00-000640 - OL 9 must audit all uses of the chmod, fchmod, and fchmodat system calls. | DISA Oracle Linux 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL09-00-000650 - OL 9 must audit all uses of the semanage command. | DISA Oracle Linux 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL09-00-000675 - OL 9 must audit all uses of the usermod command. | DISA Oracle Linux 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-07-030680 - The Red Hat Enterprise Linux operating system must audit all uses of the su command. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-07-030690 - The Red Hat Enterprise Linux operating system must audit all uses of the sudo command. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-07-030700 - The Red Hat Enterprise Linux operating system must audit all uses of the sudoers file and all files in the /etc/sudoers.d/ directory. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-07-030710 - The Red Hat Enterprise Linux operating system must audit all uses of the newgrp command. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-07-030720 - The Red Hat Enterprise Linux operating system must audit all uses of the chsh command. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654020 - RHEL 9 must audit all uses of the chown, fchown, fchownat, and lchown system calls. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654040 - RHEL 9 must audit all uses of the setfacl command. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654050 - RHEL 9 must audit all uses of the semanage command. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654070 - RHEL 9 must audit all uses of the truncate, ftruncate, creat, open, openat, and open_by_handle_at system calls. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654075 - RHEL 9 must audit all uses of the delete_module system call. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654080 - RHEL 9 must audit all uses of the init_module and finit_module system calls. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654085 - RHEL 9 must audit all uses of the chage command. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
