| ALMA-09-047540 - AlmaLinux OS 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /var/log/lastlog. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-048420 - AlmaLinux OS 9 must generate audit records for any use of the "chcon" command. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-048640 - AlmaLinux OS 9 must audit all uses of the chown, fchown, fchownat, and lchown system calls. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-048970 - AlmaLinux OS 9 must audit all uses of the rename, unlink, rmdir, renameat, and unlinkat system calls. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-049190 - AlmaLinux OS 9 must generate audit records for any use of the "gpasswd" command. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-049630 - AlmaLinux OS 9 must generate audit records for any use of the "postdrop" command. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-049740 - AlmaLinux OS 9 must generate audit records for any use of the "postqueue" command. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-049850 - AlmaLinux OS 9 must generate audit records for any use of the "su" command. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-050070 - AlmaLinux OS 9 must generate audit records for any use of the "semanage" command. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-050180 - AlmaLinux OS 9 must generate audit records for any use of the "setfacl" command. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-050400 - AlmaLinux OS 9 must generate audit records for any use of the "setsebool" command. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-050620 - AlmaLinux OS 9 must generate audit records for any use of the "ssh-keysign" command. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-050840 - AlmaLinux OS 9 must generate audit records for any use of the "pam_timestamp_check" command. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-051280 - AlmaLinux OS 9 must generate audit records for any use of the "usermod" command. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-051390 - AlmaLinux OS 9 must audit all uses of the setxattr, fsetxattr, lsetxattr, removexattr, fremovexattr, and lremovexattr system calls. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| BIND-9X-001021 - In the event of an error when validating the binding of other DNS servers identity to the BIND 9.x information, when anomalies in the operation of the signed zone transfers are discovered, for the success and failure of start and stop of the name server service or daemon, and for the success and failure of all name server events, a BIND 9.x server implementation must generate a log entry. | DISA BIND 9.x STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| OL08-00-030290 - OL 8 must generate audit records for any use of the "passwd" command. | DISA Oracle Linux 8 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030312 - OL 8 must generate audit records for any use of the "postqueue" command. | DISA Oracle Linux 8 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030317 - OL 8 must generate audit records for any use of the "unix_chkpwd" command. | DISA Oracle Linux 8 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030350 - OL 8 must generate audit records for any use of the "newgrp" command. | DISA Oracle Linux 8 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030400 - OL 8 must generate audit records for any use of the "crontab" command. | DISA Oracle Linux 8 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030570 - OL 8 must generate audit records for any use of the "chacl" command. | DISA Oracle Linux 8 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030590 - OL 8 must generate audit records for any attempted modifications to the "faillock" log file. | DISA Oracle Linux 8 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030600 - OL 8 must generate audit records for any attempted modifications to the "lastlog" file. | DISA Oracle Linux 8 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654015 - RHEL 9 must audit all uses of the chmod, fchmod, and fchmodat system calls. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654055 - RHEL 9 must audit all uses of the setfiles command. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654060 - RHEL 9 must audit all uses of the setsebool command. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654100 - RHEL 9 must audit all uses of the gpasswd command. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654110 - RHEL 9 must audit all uses of the newgrp command. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654115 - RHEL 9 must audit all uses of the pam_timestamp_check command. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654120 - RHEL 9 must audit all uses of the passwd command. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654125 - RHEL 9 must audit all uses of the postdrop command. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654150 - RHEL 9 must audit all uses of the sudo command. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654155 - RHEL 9 must audit all uses of the sudoedit command. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654160 - RHEL 9 must audit all uses of the unix_chkpwd command. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654165 - RHEL 9 must audit all uses of the unix_update command. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654255 - RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /var/log/lastlog. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-12-020260 - The SUSE operating system must generate audit records for all uses of the sudo command. | DISA SLES 12 STIG v3r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-12-020360 - The SUSE operating system must generate audit records for all uses of the kmod command. | DISA SLES 12 STIG v3r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-12-020490 - The SUSE operating system must generate audit records for all uses of the creat, open, openat, open_by_handle_at, truncate, and ftruncate syscalls. | DISA SLES 12 STIG v3r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-12-020560 - The SUSE operating system must generate audit records for all uses of the gpasswd command. | DISA SLES 12 STIG v3r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-12-020580 - The SUSE operating system must generate audit records for a uses of the chsh command. | DISA SLES 12 STIG v3r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-12-020630 - Successful/unsuccessful attempts to modify categories of information (e.g., classification levels) must generate audit records. | DISA SLES 12 STIG v3r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-12-020640 - The SUSE operating system must generate audit records for all uses of the rm command. | DISA SLES 12 STIG v3r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-12-020650 - The SUSE operating system must generate audit records for all modifications to the tallylog file must generate an audit record. | DISA SLES 12 STIG v3r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-12-020660 - The SUSE operating system must generate audit records for all modifications to the lastlog file. | DISA SLES 12 STIG v3r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-12-020690 - The SUSE operating system must generate audit records for all uses of the chage command. | DISA SLES 12 STIG v3r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-12-020720 - The SUSE operating system must generate audit records for all uses of the pam_timestamp_check command. | DISA SLES 12 STIG v3r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-12-020740 - The SUSE operating system must generate audit records for all uses of the init_module and finit_module syscalls. | DISA SLES 12 STIG v3r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-12-020760 - The SUSE operating system must generate audit records for all modifications to the faillog file. | DISA SLES 12 STIG v3r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
