| 3.1.6 Ensure the log file permissions are set correctly | CIS PostgreSQL 14 DB v 1.2.0 | PostgreSQLDB | ACCESS CONTROL, MEDIA PROTECTION |
| 3.1.12 Ensure syslog messages are not lost due to size | CIS PostgreSQL 13 DB v1.2.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.12 Ensure syslog messages are not lost due to size | CIS PostgreSQL 15 DB v1.1.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.12 Ensure syslog messages are not lost due to size | CIS PostgreSQL 16 DB v1.0.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 5.2.4.5 Ensure audit configuration files are 640 or more restrictive | CIS Oracle Linux 7 v4.0.0 L2 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.2.4.5 Ensure audit configuration files are 640 or more restrictive | CIS Amazon Linux 2023 Server L2 v1.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.2.4.5 Ensure audit configuration files are 640 or more restrictive | CIS Rocky Linux 8 Workstation L2 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.2.4.6 Ensure audit configuration files are owned by root | CIS Ubuntu Linux 18.04 LTS v2.2.0 L2 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.2.4.6 Ensure audit configuration files are owned by root | CIS AlmaLinux OS 8 Server L2 v3.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.2.4.6 Ensure audit configuration files are owned by root | CIS Rocky Linux 8 Workstation L2 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.2.4.7 Ensure audit configuration files belong to group root | CIS Ubuntu Linux 18.04 LTS v2.2.0 L2 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.2.4.7 Ensure audit configuration files belong to group root | CIS Debian 10 Workstation L2 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.2.4.7 Ensure audit configuration files belong to group root | CIS Red Hat Enterprise Linux 7 v4.0.0 L2 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.2.4.7 Ensure audit configuration files belong to group root | CIS Red Hat Enterprise Linux 7 v4.0.0 L2 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.2.4.7 Ensure audit configuration files belong to group root | CIS Oracle Linux 8 Server L2 v3.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.2.7 Ensure 'AUDIT SYSTEM' Is Revoked from Unauthorized 'GRANTEE' | CIS Oracle Server 12c DB Traditional Auditing v3.0.0 | OracleDB | ACCESS CONTROL |
| 5.2.7 Ensure 'AUDIT SYSTEM' Is Revoked from Unauthorized 'GRANTEE' | CIS Oracle Server 12c DB Unified Auditing v3.0.0 | OracleDB | ACCESS CONTROL |
| 5.2.7 Ensure 'AUDIT SYSTEM' Is Revoked from Unauthorized 'GRANTEE' | CIS Oracle Server 18c DB Traditional Auditing v1.1.0 | OracleDB | ACCESS CONTROL |
| 5.2.7 Ensure 'AUDIT SYSTEM' Is Revoked from Unauthorized 'GRANTEE' | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | ACCESS CONTROL, MEDIA PROTECTION |
| 6.2.4.5 Ensure audit configuration files mode is configured | CIS Ubuntu Linux 24.04 LTS v1.0.0 L2 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.3.4.5 Ensure audit configuration files mode is configured | CIS Red Hat Enterprise Linux 9 v2.0.0 L2 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.3.4.5 Ensure audit configuration files mode is configured | CIS Rocky Linux 9 v2.0.0 L2 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.3.4.5 Ensure audit configuration files mode is configured | CIS Rocky Linux 9 v2.0.0 L2 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.3.4.5 Ensure audit configuration files mode is configured | CIS SUSE Linux Enterprise 15 v2.0.1 L2 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.3.4.6 Ensure audit configuration files owner is configured | CIS Red Hat Enterprise Linux 9 v2.0.0 L2 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.3.4.6 Ensure audit configuration files owner is configured | CIS Ubuntu Linux 22.04 LTS v2.0.0 L2 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.3.4.6 Ensure audit configuration files owner is configured | CIS Rocky Linux 9 v2.0.0 L2 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.3.4.7 Ensure audit configuration files group owner is configured | CIS Red Hat Enterprise Linux 9 v2.0.0 L2 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.3.4.7 Ensure audit configuration files group owner is configured | CIS AlmaLinux OS 9 v2.0.0 L2 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.3.4.7 Ensure audit configuration files group owner is configured | CIS Rocky Linux 9 v2.0.0 L2 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.3.4.7 Ensure audit configuration files group owner is configured | CIS SUSE Linux Enterprise 15 v2.0.1 L2 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.4.4.7 Ensure audit configuration files group owner is configured | CIS Debian Linux 11 v2.0.0 L2 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 7.1.2 Ensure Audit configuration defines audit classes | CIS IBM AIX 7 v1.0.0 L2 | Unix | AUDIT AND ACCOUNTABILITY |
| 7.1.3 Ensure Audit creates audit processing commands | CIS IBM AIX 7 v1.0.0 L2 | Unix | AUDIT AND ACCOUNTABILITY |
| BIND-9X-001080 - A BIND 9.x implementation configured as a caching name server must restrict recursive queries to only the IP addresses and IP address ranges of known supported clients. | DISA BIND 9.x STIG v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| DB2X-00-000500 - DB2 must protect against a user falsely repudiating having performed organization-defined actions - audit policies used | DISA STIG IBM DB2 v10.5 LUW v2r1 Database | IBM_DB2DB | AUDIT AND ACCOUNTABILITY |
| DB2X-00-000500 - DB2 must protect against a user falsely repudiating having performed organization-defined actions - database policies | DISA STIG IBM DB2 v10.5 LUW v2r1 Database | IBM_DB2DB | AUDIT AND ACCOUNTABILITY |
| DB2X-00-000500 - DB2 must protect against a user falsely repudiating having performed organization-defined actions - table policies | DISA STIG IBM DB2 v10.5 LUW v2r1 Database | IBM_DB2DB | AUDIT AND ACCOUNTABILITY |
| GEN002750 - The audit system must be configured to audit account creation - '/etc/security/audit/config USER_Create exists' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| O19C-00-006600 - The audit information produced by the Oracle Database must be protected from unauthorized access, modification, or deletion. | DISA Oracle Database 19c STIG v1r1 Database | OracleDB | AUDIT AND ACCOUNTABILITY |
| RHEL-09-252060 - RHEL 9 must forward mail from postmaster to the root account using a postfix alias. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| SHPT-00-000465 - SharePoint must support the requirement that privileged access is further defined between audit-related privileges and other privileges. | DISA STIG SharePoint 2010 v1r9 | Windows | AUDIT AND ACCOUNTABILITY |
| SOL-11.1-060180 - The operating system must use cryptographic mechanisms to protect the integrity of audit information. | DISA STIG Solaris 11 SPARC v3r1 | Unix | AUDIT AND ACCOUNTABILITY |
| SQL2-00-001600 - SQL Server must ensure that remote sessions that access an organization-defined list of security functions and security-relevant information are audited - 'Event ID 14' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-001600 - SQL Server must ensure that remote sessions that access an organization-defined list of security functions and security-relevant information are audited - 'Event ID 15' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-001600 - SQL Server must ensure that remote sessions that access an organization-defined list of security functions and security-relevant information are audited - 'Event ID 20' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-001600 - SQL Server must ensure that remote sessions that access an organization-defined list of security functions and security-relevant information are audited - 'Event ID 110' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-001600 - SQL Server must ensure that remote sessions that access an organization-defined list of security functions and security-relevant information are audited - 'Event ID 118' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-001600 - SQL Server must ensure that remote sessions that access an organization-defined list of security functions and security-relevant information are audited - 'Event ID 129' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-001600 - SQL Server must ensure that remote sessions that access an organization-defined list of security functions and security-relevant information are audited - 'Event ID 132' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
