| 2.001 - Permissions for event logs must conform to minimum requirements - security.evtx | DISA Windows Vista STIG v6r41 | Windows | AUDIT AND ACCOUNTABILITY |
| APPL-11-001017 - The macOS system must be configured with audit log folders set to mode 700 or less permissive. | DISA STIG Apple macOS 11 v1r5 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-11-001017 - The macOS system must be configured with audit log folders set to mode 700 or less permissive. | DISA STIG Apple macOS 11 v1r8 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-12-001017 - The macOS system must be configured with audit log folders set to mode 700 or less permissive. | DISA STIG Apple macOS 12 v1r8 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-13-001017 - The macOS system must be configured with audit log folders set to mode 700 or less permissive. | DISA STIG Apple macOS 13 v1r3 | Unix | AUDIT AND ACCOUNTABILITY |
| APPNET0055 - CAS and policy configuration files must be backed up. | DISA STIG for Microsoft Dot Net Framework 4.0 v2r2 | Windows | AUDIT AND ACCOUNTABILITY |
| CISC-ND-000390 - The Cisco router must be configured to protect audit information from unauthorized deletion. | DISA STIG Cisco IOS XE Router NDM v2r9 | Cisco | AUDIT AND ACCOUNTABILITY |
| CISC-ND-000390 - The Cisco router must be configured to protect audit information from unauthorized deletion. | DISA STIG Cisco IOS Router NDM v2r8 | Cisco | AUDIT AND ACCOUNTABILITY |
| CISC-ND-000390 - The Cisco switch must be configured to protect audit information from unauthorized deletion. | DISA STIG Cisco IOS Switch NDM v2r8 | Cisco | AUDIT AND ACCOUNTABILITY |
| DB2X-00-002400 - The audit information produced by DB2 must be protected from unauthorized deletion | DISA STIG IBM DB2 v10.5 LUW v2r1 OS Windows | Windows | AUDIT AND ACCOUNTABILITY |
| DB2X-00-002400 - The audit information produced by DB2 must be protected from unauthorized deletion | DISA STIG IBM DB2 v10.5 LUW v2r1 OS Linux | Unix | AUDIT AND ACCOUNTABILITY |
| EP11-00-002800 - The audit information produced by the EDB Postgres Advanced Server must be protected from unauthorized deletion. | EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r2 | Windows | AUDIT AND ACCOUNTABILITY |
| EX13-CA-000080 - Exchange must have audit data protected against unauthorized deletion. | DISA Microsoft Exchange 2013 Client Access Server STIG v2r1 | Windows | AUDIT AND ACCOUNTABILITY |
| EX13-MB-000075 - Exchange must protect audit data against unauthorized deletion. | DISA Microsoft Exchange 2013 Mailbox Server STIG v2r2 | Windows | AUDIT AND ACCOUNTABILITY |
| EX16-ED-000130 - Exchange audit data must be protected against unauthorized access for deletion. | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r5 | Windows | AUDIT AND ACCOUNTABILITY |
| F5BI-DM-000077 - The BIG-IP appliance must be configured to protect audit information from unauthorized deletion. | DISA F5 BIG-IP Device Management STIG v2r3 | F5 | AUDIT AND ACCOUNTABILITY |
| F5BI-LT-000059 - The BIG-IP Core implementation must be configured to protect audit information from unauthorized deletion. | DISA F5 BIG-IP Local Traffic Manager STIG v2r3 | F5 | AUDIT AND ACCOUNTABILITY |
| JBOS-AS-000175 - File permissions must be configured to protect log information from unauthorized deletion. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| MD4X-00-000200 - The audit information produced by MongoDB must be protected from unauthorized access. | DISA STIG MongoDB Enterprise Advanced 4.x v1r2 OS | Unix | AUDIT AND ACCOUNTABILITY |
| O121-C2-009500 - The system must protect audit information from unauthorized deletion. | DISA STIG Oracle 12c v2r8 Database | OracleDB | AUDIT AND ACCOUNTABILITY |
| OH12-1X-000076 - The log information from OHS must be protected from unauthorized deletion - user/group | DISA STIG Oracle HTTP Server 12.1.3 v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| OL08-00-030070 - OL 8 audit logs must have a mode of '0600' or less permissive to prevent unauthorized read access - 0600 or less permissive to prevent unauthorized read access. | DISA Oracle Linux 8 STIG v1r8 | Unix | AUDIT AND ACCOUNTABILITY |
| OL08-00-030080 - OL 8 audit logs must be owned by root to prevent unauthorized read access. | DISA Oracle Linux 8 STIG v1r8 | Unix | AUDIT AND ACCOUNTABILITY |
| OL08-00-030090 - OL 8 audit logs must be group-owned by root to prevent unauthorized read access. | DISA Oracle Linux 8 STIG v1r8 | Unix | AUDIT AND ACCOUNTABILITY |
| OL08-00-030100 - The OL 8 audit log directory must be owned by root to prevent unauthorized read access. | DISA Oracle Linux 8 STIG v1r8 | Unix | AUDIT AND ACCOUNTABILITY |
| OL08-00-030110 - The OL 8 audit log directory must be group-owned by root to prevent unauthorized read access. | DISA Oracle Linux 8 STIG v1r8 | Unix | AUDIT AND ACCOUNTABILITY |
| OL08-00-030120 - The OL 8 audit log directory must have a mode of 0700 or less permissive to prevent unauthorized read access. | DISA Oracle Linux 8 STIG v1r8 | Unix | AUDIT AND ACCOUNTABILITY |
| OL08-00-030121 - The OL 8 audit system must protect auditing rules from unauthorized change. | DISA Oracle Linux 8 STIG v1r8 | Unix | AUDIT AND ACCOUNTABILITY |
| OL08-00-030122 - The OL 8 audit system must protect logon UIDs from unauthorized change. | DISA Oracle Linux 8 STIG v1r8 | Unix | AUDIT AND ACCOUNTABILITY |
| PGS9-00-002300 - The audit information produced by PostgreSQL must be protected from unauthorized deletion - log directory | DISA STIG PostgreSQL 9.x on RHEL OS v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| PGS9-00-002300 - The audit information produced by PostgreSQL must be protected from unauthorized deletion - log files | DISA STIG PostgreSQL 9.x on RHEL OS v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| PGS9-00-002300 - The audit information produced by PostgreSQL must be protected from unauthorized deletion - log_file_mode | DISA STIG PostgreSQL 9.x on RHEL OS v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| PPS9-00-002800 - The audit information produced by the EDB Postgres Advanced Server must be protected from unauthorized deletion. | EDB PostgreSQL Advanced Server OS Linux Audit v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000385 - Audit log directories must have mode 0755 or less permissive. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| SLES-15-030600 - The SUSE operating system must protect audit rules from unauthorized modification. | DISA SLES 15 STIG v1r12 | Unix | AUDIT AND ACCOUNTABILITY |
| SQL4-00-013800 - The audit information produced by SQL Server must be protected from unauthorized deletion. | DISA STIG SQL Server 2014 Instance DB Audit v2r3 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| TCAT-AS-000380 - Jar files in the $CATALINA_HOME/bin/ folder must have their permissions set to 640. | DISA STIG Apache Tomcat Application Server 9 v2r6 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-18-010308 - The Ubuntu operating system must be configured so that the audit log directory is not write-accessible by unauthorized users. | DISA STIG Ubuntu 18.04 LTS v2r13 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-18-010309 - The Ubuntu operating system must allow only authorized accounts to own the audit log directory. | DISA STIG Ubuntu 18.04 LTS v2r13 | Unix | AUDIT AND ACCOUNTABILITY |
| VCLD-67-000011 - VAMI log files must only be accessible by privileged users - access.log | DISA STIG VMware vSphere 6.7 VAMI-lighttpd v1r3 | Unix | AUDIT AND ACCOUNTABILITY |
| VCLD-67-000011 - VAMI log files must only be accessible by privileged users - error.log | DISA STIG VMware vSphere 6.7 VAMI-lighttpd v1r3 | Unix | AUDIT AND ACCOUNTABILITY |
| VCLD-70-000007 - VAMI log files must only be accessible by privileged users. | DISA STIG VMware vSphere 7.0 VAMI v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| VCLU-70-000007 - Lookup Service log files must only be accessible by privileged users. | DISA STIG VMware vSphere 7.0 Lookup Service v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| VCPF-70-000007 - Performance Charts log files must only be modifiable by privileged users. | DISA STIG VMware vSphere 7.0 Perfcharts Tomcat v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| VCPG-70-000005 - The VMware Postgres database must protect log files from unauthorized access and modification. | DISA STIG VMware vSphere 7.0 PostgreSQL v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| VCUI-67-000007 - vSphere UI log files must only be accessible by privileged users. | DISA STIG VMware vSphere 6.7 UI Tomcat v1r3 | Unix | AUDIT AND ACCOUNTABILITY |
| VCUI-70-000007 - vSphere UI log files must only be accessible by privileged users. | DISA STIG VMware vSphere 7.0 vCA UI v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| WN22-AU-000030 - Windows Server 2022 permissions for the Application event log must prevent access by nonprivileged accounts. | DISA Windows Server 2022 STIG v1r4 | Windows | AUDIT AND ACCOUNTABILITY |
| WN22-AU-000040 - Windows Server 2022 permissions for the Security event log must prevent access by nonprivileged accounts. | DISA Windows Server 2022 STIG v1r4 | Windows | AUDIT AND ACCOUNTABILITY |
| WN22-AU-000050 - Windows Server 2022 permissions for the System event log must prevent access by nonprivileged accounts. | DISA Windows Server 2022 STIG v1r4 | Windows | AUDIT AND ACCOUNTABILITY |
