| AOSX-13-001355 - The macOS system must shut down by default upon audit failure (unless availability is an overriding concern). | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| AOSX-14-001010 - The macOS system must shut down by default upon audit failure (unless availability is an overriding concern). | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | AUDIT AND ACCOUNTABILITY |
| AOSX-15-001010 - The macOS system must shut down by default upon audit failure (unless availability is an overriding concern). | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-12-001010 - The macOS system must shut down by default upon audit failure (unless availability is an overriding concern). | DISA STIG Apple macOS 12 v1r8 | Unix | AUDIT AND ACCOUNTABILITY |
| DB2X-00-001900 - Unless it has been determined that availability is paramount, DB2 must, upon audit failure, cease all auditable activity. | DISA STIG IBM DB2 v10.5 LUW v2r1 Database | IBM_DB2DB | AUDIT AND ACCOUNTABILITY |
| DTAM036 - McAfee VirusScan On-Delivery Email Scan Policies log file size must be restricted and be configured to be at least 10MB - bLimitSize | DISA McAfee VirusScan 8.8 Managed Client STIG v6r1 | Windows | AUDIT AND ACCOUNTABILITY |
| DTAM036 - McAfee VirusScan On-Delivery Email Scan Policies log file size must be restricted and be configured to be at least 10MB - dwMaxLogSizeMB | DISA McAfee VirusScan 8.8 Managed Client STIG v6r1 | Windows | AUDIT AND ACCOUNTABILITY |
| DTAM036 - McAfee VirusScan On-Delivery Email Scanner log file size must be restricted and be configured to be at least 10MB - bLimitSize | DISA McAfee VirusScan 8.8 Local Client STIG v6r1 | Windows | AUDIT AND ACCOUNTABILITY |
| DTAM036 - McAfee VirusScan On-Delivery Email Scanner log file size must be restricted and be configured to be at least 10MB - dwMaxLogSizeMB | DISA McAfee VirusScan 8.8 Local Client STIG v6r1 | Windows | AUDIT AND ACCOUNTABILITY |
| DTAM140 - McAfee VirusScan Access Protection log file size must be restricted and be configured to at least 10MB - bLimitSize | DISA McAfee VirusScan 8.8 Managed Client STIG v6r1 | Windows | AUDIT AND ACCOUNTABILITY |
| DTAM140 - McAfee VirusScan Access Protection log file size must be restricted and be configured to at least 10MB - dwMaxLogSizeMB | DISA McAfee VirusScan 8.8 Managed Client STIG v6r1 | Windows | AUDIT AND ACCOUNTABILITY |
| DTAM140 - McAfee VirusScan Access Protection Reports log file size must be restricted and be configured to at least 10MB. - bLimitSize | DISA McAfee VirusScan 8.8 Local Client STIG v6r1 | Windows | AUDIT AND ACCOUNTABILITY |
| DTAM140 - McAfee VirusScan Access Protection Reports log file size must be restricted and be configured to at least 10MB. - dwMaxLogSizeMB | DISA McAfee VirusScan 8.8 Local Client STIG v6r1 | Windows | AUDIT AND ACCOUNTABILITY |
| EP11-00-002300 - The EDB Postgres Advanced Server must by default shut down upon audit failure, to include the unavailability of space for more audit log records; or must be configurable to shut down upon audit failure. | EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r3 | Windows | AUDIT AND ACCOUNTABILITY |
| EP11-00-002400 - The EDB Postgres Advanced Server must be configurable to overwrite audit log records, oldest first (First-In-First-Out - FIFO), in the event of unavailability of space for more audit log records. | EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r3 | Windows | AUDIT AND ACCOUNTABILITY |
| JUSX-AG-000063 - In the event that communications with the Syslog server is lost, the Juniper SRX Services Gateway must continue to queue traffic log records locally. | DISA Juniper SRX Services Gateway ALG v2r1 | Juniper | AUDIT AND ACCOUNTABILITY |
| MADB-10-001700 - MariaDB must by default shut down upon audit failure, to include the unavailability of space for more audit log records; or must be configurable to shut down upon audit failure. | DISA MariaDB Enterprise 10.x v1r3 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| O112-N2-008601 - Disk space used by audit trail(s) must be monitored; audit records must be regularly or continuously offloaded to a centralized log management system. | DISA STIG Oracle 11.2g v2r3 Database | OracleDB | AUDIT AND ACCOUNTABILITY |
| OL6-00-000510 - The audit system must take appropriate action when the audit storage volume is full. | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000511 - The audit system must take appropriate action when there are disk errors on the audit storage volume. | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| PPS9-00-002300 - The EDB Postgres Advanced Server must by default shut down upon audit failure, to include the unavailability of space for more audit log records; or must be configurable to shut down upon audit failure. | EDB PostgreSQL Advanced Server OS Linux Audit v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| PPS9-00-002400 - The EDB Postgres Advanced Server must be configurable to overwrite audit log records, oldest first (First-In-First-Out - FIFO), in the event of unavailability of space for more audit log records. | EDB PostgreSQL Advanced Server OS Linux Audit v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000510 - The audit system must take appropriate action when the audit storage volume is full. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000511 - The audit system must take appropriate action when there are disk errors on the audit storage volume. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030040 - The RHEL 8 System must take appropriate action when an audit processing failure occurs. | DISA Red Hat Enterprise Linux 8 STIG v1r14 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030060 - The RHEL 8 audit system must take appropriate action when the audit storage volume is full. | DISA Red Hat Enterprise Linux 8 STIG v1r14 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-653020 - RHEL 9 audit system must take appropriate action when an error writing to the audit storage volume occurs. | DISA Red Hat Enterprise Linux 9 STIG v1r3 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-653025 - RHEL 9 audit system must take appropriate action when the audit storage volume is full. | DISA Red Hat Enterprise Linux 9 STIG v1r3 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-653055 - RHEL 9 audit system must take appropriate action when the audit files have reached maximum size. | DISA Red Hat Enterprise Linux 9 STIG v1r3 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-654265 - RHEL 9 must take appropriate action when a critical audit processing failure occurs. | DISA Red Hat Enterprise Linux 9 STIG v1r3 | Unix | AUDIT AND ACCOUNTABILITY |
| SLES-12-020060 - The SUSE operating system audit system must take appropriate action when the audit storage volume is full. | DISA SLES 12 STIG v2r13 | Unix | AUDIT AND ACCOUNTABILITY |
| SOL-11.1-010420 - The operating system must shut down by default upon audit failure (unless availability is an overriding concern) - unless availability is an overriding concern. | DISA STIG Solaris 11 SPARC v2r9 | Unix | AUDIT AND ACCOUNTABILITY |
| SOL-11.1-010420 - The operating system must shut down by default upon audit failure (unless availability is an overriding concern) - unless availability is an overriding concern. | DISA STIG Solaris 11 X86 v2r9 | Unix | AUDIT AND ACCOUNTABILITY |
| SOL-11.1-010420 - The operating system must shut down by default upon audit failure (unless availability is an overriding concern). | DISA STIG Solaris 11 SPARC v2r9 | Unix | AUDIT AND ACCOUNTABILITY |
| SQL4-00-013000 - Unless it has been determined that availability is paramount, SQL Server must shut down upon the failure of an Audit, or a Trace used for auditing purposes, to include the unavailability of space for more audit/trace log records. | DISA STIG SQL Server 2014 Instance DB Audit v2r3 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-030600 - Where availability is paramount, the SQL Server must continue processing (preferably overwriting existing records, oldest first), in the event of lack of space for more Audit/Trace log records; and must keep processing after any failure of an Audit/Trace. | DISA STIG SQL Server 2014 Instance DB Audit v2r3 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL6-D0-005600 - SQL Server must by default shut down upon audit failure, to include the unavailability of space for more audit log records; or must be configurable to shut down upon audit failure. | DISA STIG SQL Server 2016 Instance DB Audit v2r11 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL6-D0-005700 - SQL Server must be configurable to overwrite audit log records, oldest first (First-In-First-Out - FIFO), in the event of unavailability of space for more audit log records. | DISA STIG SQL Server 2016 Instance DB Audit v2r11 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| UBTU-16-020050 - The System Administrator (SA) and Information System Security Officer (ISSO) (at a minimum) must be alerted when the audit storage volume is full. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-18-010301 - The Ubuntu operating system must shut down by default upon audit failure (unless availability is an overriding concern). | DISA STIG Ubuntu 18.04 LTS v2r13 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-20-010118 - The Ubuntu operating system must shut down by default upon audit failure (unless availability is an overriding concern). | DISA STIG Ubuntu 20.04 LTS v1r12 | Unix | AUDIT AND ACCOUNTABILITY |
| WBLC-02-000086 - Oracle WebLogic must notify administrative personnel as a group in the event of audit processing failure - Module-HealthState | Oracle WebLogic Server 12c Linux v2r1 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| WBLC-02-000086 - Oracle WebLogic must notify administrative personnel as a group in the event of audit processing failure - Module-HealthState | Oracle WebLogic Server 12c Windows v2r1 | Windows | AUDIT AND ACCOUNTABILITY |
| WBLC-02-000086 - Oracle WebLogic must notify administrative personnel as a group in the event of audit processing failure - Module-HealthState | Oracle WebLogic Server 12c Linux v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| WBLC-02-000086 - Oracle WebLogic must notify administrative personnel as a group in the event of audit processing failure - SMTP Notification | Oracle WebLogic Server 12c Linux v2r1 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| WBLC-02-000086 - Oracle WebLogic must notify administrative personnel as a group in the event of audit processing failure - SMTP Notification | Oracle WebLogic Server 12c Linux v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| WBLC-02-000086 - Oracle WebLogic must notify administrative personnel as a group in the event of audit processing failure - SMTP Notification | Oracle WebLogic Server 12c Windows v2r1 | Windows | AUDIT AND ACCOUNTABILITY |
| WNFWA-000009 - Windows Defender Firewall with Advanced Security log size must be configured for domain connections. | DISA Microsoft Windows Firewall v2r2 | Windows | AUDIT AND ACCOUNTABILITY |
| WNFWA-000017 - Windows Defender Firewall with Advanced Security log size must be configured for private network connections. | DISA Microsoft Windows Firewall v2r2 | Windows | AUDIT AND ACCOUNTABILITY |
| WNFWA-000027 - Windows Defender Firewall with Advanced Security log size must be configured for public network connections. | DISA Microsoft Windows Firewall v2r2 | Windows | AUDIT AND ACCOUNTABILITY |
