| 3.1.20 Secure permissions for the log mirror location - MIRROLOGPATH OS Permission | CIS IBM DB2 v10 v1.1.0 Linux OS Level 1 | Unix | |
| 3.1.20 Secure permissions for the log mirror location - MIRRORLOGPATH OS Permissions | CIS IBM DB2 v10 v1.1.0 Windows OS Level 1 | Windows | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| 3.5 Ensure 'PASSWORD_REUSE_TIME' Is Greater than or Equal to '365' | CIS Oracle Server 12c DB Traditional Auditing v3.0.0 | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| 4.2.1.1 Ensure rsyslog is installed | CIS CentOS 6 Workstation L1 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.1 Ensure rsyslog is installed | CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.2 Ensure rsyslog is installed | CIS Aliyun Linux 2 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3 (L1) Ensure 'Account Logon Logoff Audit Group Membership' is set to include 'Success' | CIS Microsoft Intune for Windows 10 v4.0.0 L1 | Windows | AUDIT AND ACCOUNTABILITY |
| 6.6 Ensure ALL Events are Audited - audit_log_filter | CIS MySQL 5.7 Enterprise Database L2 v2.0.0 | MySQLDB | AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION |
| 17.5.2 (L1) Ensure 'Audit Group Membership' is set to include 'Success' | CIS Microsoft Windows Server 2016 v3.0.0 L1 DC | Windows | AUDIT AND ACCOUNTABILITY |
| 17.5.2 (L1) Ensure 'Audit Group Membership' is set to include 'Success' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker | Windows | AUDIT AND ACCOUNTABILITY |
| 17.5.2 (L1) Ensure 'Audit Group Membership' is set to include 'Success' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 | Windows | AUDIT AND ACCOUNTABILITY |
| 17.5.2 (L1) Ensure 'Audit Group Membership' is set to include 'Success' | CIS Microsoft Windows Server 2019 v4.0.0 L1 MS | Windows | AUDIT AND ACCOUNTABILITY |
| 17.5.2 Ensure 'Audit Group Membership' is set to include 'Success' | CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain Controller | Windows | AUDIT AND ACCOUNTABILITY |
| 17.5.2 Ensure 'Audit Group Membership' is set to include 'Success' | CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Member Server | Windows | AUDIT AND ACCOUNTABILITY |
| ALMA-09-006845 - AlmaLinux OS 9 must have the postfix package installed. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | ACCESS CONTROL |
| APPL-11-000030 - The macOS system must be configured so that log files must not contain access control lists (ACLs). | DISA STIG Apple macOS 11 v1r5 | Unix | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
| APPL-11-001003 - The macOS system must initiate session audits at system startup, using internal clocks with time stamps for audit records that meet a minimum granularity of one second and can be mapped to Coordinated Universal Time (UTC) or Greenwich Mean Time (GMT), to generate audit records containing information to establish what type of events occurred, the identity of any individual or process associated with the event, including individual identities of group account users, establish where the events occurred, source of the event, and outcome of the events including all account enabling actions, full-text recording of privileged commands, and information about the use of encryption for access wireless access to and from the system. | DISA STIG Apple macOS 11 v1r8 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| APPL-12-001003 - The macOS system must initiate session audits at system startup, using internal clocks with time stamps for audit records that meet a minimum granularity of one second and can be mapped to Coordinated Universal Time (UTC) or Greenwich Mean Time (GMT), in order to generate audit records containing information to establish what type of events occurred, the identity of any individual or process associated with the event, including individual identities of group account users, establish where the events occurred, source of the event, and outcome of the events including all account enabling actions, full-text recording of privileged commands, and information about the use of encryption for access wireless access to and from the system. | DISA STIG Apple macOS 12 v1r9 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| APPL-13-001003 - The macOS system must produce audit records containing information to establish when, where, what type, the source, and the outcome for all DOD-defined auditable events and actions. | DISA STIG Apple macOS 13 v1r5 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| APPL-14-005001 The macOS system must ensure System Integrity Protection is enabled. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| EPAS-00-010900 - The EDB Postgres Advanced Server must generate audit records when unsuccessful attempts to modify security objects occur. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| MADB-10-010200 - MariaDB must generate audit records when security objects are modified. | DISA MariaDB Enterprise 10.x v2r3 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| OL08-00-030350 - OL 8 must generate audit records for any use of the "newgrp" command. | DISA Oracle Linux 8 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| PPS9-00-000700 - The EDB Postgres Advanced Server must integrate with an organization-level authentication/access mechanism providing account management and automation for all users, groups, roles, and any other principals. | EDB PostgreSQL Advanced Server OS Linux Audit v2r3 | Unix | ACCESS CONTROL |
| PPS9-00-002400 - The EDB Postgres Advanced Server must be configurable to overwrite audit log records, oldest first (First-In-First-Out - FIFO), in the event of unavailability of space for more audit log records. | EDB PostgreSQL Advanced Server OS Linux Audit v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| PPS9-00-002600 - The audit information produced by the EDB Postgres Advanced Server must be protected from unauthorized read access. | EDB PostgreSQL Advanced Server OS Linux Audit v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| PPS9-00-002900 - The EDB Postgres Advanced Server must protect its audit features from unauthorized access. | EDB PostgreSQL Advanced Server OS Linux Audit v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| PPS9-00-003000 - The EDB Postgres Advanced Server must protect its audit configuration from unauthorized modification. | EDB PostgreSQL Advanced Server OS Linux Audit v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| PPS9-00-003100 - The EDB Postgres Advanced Server must protect its audit features from unauthorized removal. | EDB PostgreSQL Advanced Server OS Linux Audit v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| PPS9-00-003200 - Software, applications, and configuration files that are part of, or related to, the Postgres Plus Advanced Server installation must be monitored to discover unauthorized changes. | EDB PostgreSQL Advanced Server OS Linux Audit v2r3 | Unix | CONFIGURATION MANAGEMENT |
| PPS9-00-003600 - The role(s)/group(s) used to modify database structure (including but not necessarily limited to tables, indexes, storage, etc.) and logic modules (stored procedures, functions, triggers, links to software external to the EDB Postgres Advanced Server, etc.) must be restricted to authorized users - s used to modify database structure and logic modules must be restricted to authorized users. | EDB PostgreSQL Advanced Server OS Linux Audit v2r3 | Unix | CONFIGURATION MANAGEMENT |
| PPS9-00-003900 - Unused database components which are integrated in the EDB Postgres Advanced Server and cannot be uninstalled must be disabled. | EDB PostgreSQL Advanced Server OS Linux Audit v2r3 | Unix | CONFIGURATION MANAGEMENT |
| PPS9-00-004000 - Access to external executables must be disabled or restricted. | EDB PostgreSQL Advanced Server OS Linux Audit v2r3 | Unix | CONFIGURATION MANAGEMENT |
| PPS9-00-004200 - The EDB Postgres Advanced Server must uniquely identify and authenticate organizational users (or processes acting on behalf of organizational users). | EDB PostgreSQL Advanced Server OS Linux Audit v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| PPS9-00-004400 - If passwords are used for authentication, the EDB Postgres Advanced Server must transmit only encrypted representations of passwords. | EDB PostgreSQL Advanced Server OS Linux Audit v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| PPS9-00-008000 - The EDB Postgres Advanced Server must provide a warning to appropriate support staff when allocated audit record storage volume reaches 75% of maximum audit record storage capacity. | EDB PostgreSQL Advanced Server OS Linux Audit v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| PPS9-00-008500 - The EDB Postgres Advanced Server must enforce access restrictions associated with changes to the configuration of the EDB Postgres Advanced Server or database(s). | EDB PostgreSQL Advanced Server OS Linux Audit v2r3 | Unix | CONFIGURATION MANAGEMENT |
| PPS9-00-008700 - The EDB Postgres Advanced Server must disable network functions, ports, protocols, and services deemed by the organization to be nonsecure, in accord with the Ports, Protocols, and Services Management (PPSM) guidance. | EDB PostgreSQL Advanced Server OS Linux Audit v2r3 | Unix | CONFIGURATION MANAGEMENT |
| PPS9-00-009100 - The EDB Postgres Advanced Server must only accept end entity certificates issued by DoD PKI or DoD-approved PKI Certification Authorities (CAs) for the establishment of all encrypted sessions. | EDB PostgreSQL Advanced Server OS Linux Audit v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| PPS9-00-009300 - The EDB Postgres Advanced Server must implement cryptographic mechanisms preventing the unauthorized disclosure of organization-defined information at rest on organization-defined information system components. | EDB PostgreSQL Advanced Server OS Linux Audit v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| PPS9-00-013300 - EDB Postgres Advanced Server products must be a version supported by the vendor. | EDB PostgreSQL Advanced Server OS Linux Audit v2r3 | Unix | SYSTEM AND SERVICES ACQUISITION |
| RHEL-09-654255 - RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /var/log/lastlog. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SQL2-00-012300 - SQL Server must produce audit records containing sufficient information to establish the identity of any user/subject associated with the event - 'Event ID 107' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-012300 - SQL Server must produce audit records containing sufficient information to establish the identity of any user/subject associated with the event - 'Event ID 112' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-012300 - SQL Server must produce audit records containing sufficient information to establish the identity of any user/subject associated with the event - 'Event ID 128' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-012300 - SQL Server must produce audit records containing sufficient information to establish the identity of any user/subject associated with the event - 'Event ID 153' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-012300 - SQL Server must produce audit records containing sufficient information to establish the identity of any user/subject associated with the event - 'Event ID 176' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| UBTU-18-010202 - The Ubuntu operating system must generate audit records for the use and modification of faillog file. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-24-900250 - Ubuntu 24.04 LTS must generate audit records for the use and modification of faillog file. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-24-900260 - Ubuntu 24.04 LTS must generate audit records for the use and modification of the lastlog file. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
