| 4.1.3.7 Ensure kernel module loading and unloading is collected - delete_module 32 bit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.7 Ensure kernel module loading and unloading is collected - delete_module 64 bit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.7 Ensure kernel module loading and unloading is collected - init_module 32 bit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.7 Ensure kernel module loading and unloading is collected - init_module 64 bit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-13-001044 - The macOS system must generate audit records for DOD-defined events such as successful/unsuccessful logon attempts, successful/unsuccessful direct access attempts, starting and ending time for user access, and concurrent logons to the same account from different sources. | DISA STIG Apple macOS 13 v1r3 | Unix | AUDIT AND ACCOUNTABILITY |
| CASA-ND-001200 - The Cisco ASA must be configured to generate audit records when successful/unsuccessful attempts to modify administrator privileges occur - logging buffered | DISA STIG Cisco ASA NDM v1r6 | Cisco | AUDIT AND ACCOUNTABILITY |
| CASA-ND-001200 - The Cisco ASA must be configured to generate audit records when successful/unsuccessful attempts to modify administrator privileges occur - logging enabled | DISA STIG Cisco ASA NDM v1r6 | Cisco | AUDIT AND ACCOUNTABILITY |
| CASA-ND-001210 - The Cisco ASA must be configured to generate audit records when successful/unsuccessful attempts to delete administrator privileges occur - logging enabled | DISA STIG Cisco ASA NDM v1r6 | Cisco | AUDIT AND ACCOUNTABILITY |
| FGFW-ND-000075 - The FortiGate device must generate audit records when successful/unsuccessful logon attempts occur | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | AUDIT AND ACCOUNTABILITY |
| FGFW-ND-000080 - The FortiGate device must generate audit records for privileged activities or other system-level access | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | AUDIT AND ACCOUNTABILITY |
| FGFW-ND-000085 - The FortiGate device must generate audit records showing starting and ending time for administrator access to the system | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | AUDIT AND ACCOUNTABILITY |
| PHTN-67-000020 - The Photon operating system must generate audit records when successful/unsuccessful attempts to access privileges occur - 32 | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-67-000020 - The Photon operating system must generate audit records when successful/unsuccessful attempts to access privileges occur - 64 | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-67-000020 - The Photon operating system must generate audit records when successful/unsuccessful attempts to access privileges occur - uid 32 | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-67-000044 - The Photon operating system must audit all account modifications - groupmod | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-67-000071 - The Photon operating system must generate audit records when the sudo command is used. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-67-000072 - The Photon operating system must generate audit records when successful/unsuccessful logon attempts occur - faillog | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-67-000072 - The Photon operating system must generate audit records when successful/unsuccessful logon attempts occur - lastlog | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-67-000072 - The Photon operating system must generate audit records when successful/unsuccessful logon attempts occur - tallylog | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-67-000073 - The Photon operating system must audit the insmod module. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-67-000074 - The Photon operating system auditd service must generate audit records for all account creations, modifications, disabling, and termination events. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | AUDIT AND ACCOUNTABILITY |
| SQL4-00-035900 - Trace or Audit records must be generated when unsuccessful attempts to access categorized information (e.g., classification levels/security levels) occur. | DISA STIG SQL Server 2014 Database Audit v1r6 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036200 - SQL Server must generate Trace or Audit records when privileges/permissions are modified via locally-defined security objects - Event ID 42 | DISA STIG SQL Server 2014 Database Audit v1r6 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036200 - SQL Server must generate Trace or Audit records when privileges/permissions are modified via locally-defined security objects - Event ID 43 | DISA STIG SQL Server 2014 Database Audit v1r6 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036200 - SQL Server must generate Trace or Audit records when privileges/permissions are modified via locally-defined security objects - Event ID 83 | DISA STIG SQL Server 2014 Database Audit v1r6 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036200 - SQL Server must generate Trace or Audit records when privileges/permissions are modified via locally-defined security objects - Event ID 84 | DISA STIG SQL Server 2014 Database Audit v1r6 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036200 - SQL Server must generate Trace or Audit records when privileges/permissions are modified via locally-defined security objects - Event ID 85 | DISA STIG SQL Server 2014 Database Audit v1r6 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036200 - SQL Server must generate Trace or Audit records when privileges/permissions are modified via locally-defined security objects - Event ID 90 | DISA STIG SQL Server 2014 Database Audit v1r6 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036200 - SQL Server must generate Trace or Audit records when privileges/permissions are modified via locally-defined security objects - Event ID 162 | DISA STIG SQL Server 2014 Database Audit v1r6 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036200 - SQL Server must generate Trace or Audit records when privileges/permissions are modified via locally-defined security objects. | DISA STIG SQL Server 2014 Database Audit v1r6 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036300 - SQL Server must generate Trace or Audit records when unsuccessful attempts to modify privileges/permissions via locally-defined security objects occur - Event ID 43 | DISA STIG SQL Server 2014 Database Audit v1r6 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036300 - SQL Server must generate Trace or Audit records when unsuccessful attempts to modify privileges/permissions via locally-defined security objects occur - Event ID 82 | DISA STIG SQL Server 2014 Database Audit v1r6 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036300 - SQL Server must generate Trace or Audit records when unsuccessful attempts to modify privileges/permissions via locally-defined security objects occur - Event ID 83 | DISA STIG SQL Server 2014 Database Audit v1r6 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036300 - SQL Server must generate Trace or Audit records when unsuccessful attempts to modify privileges/permissions via locally-defined security objects occur - Event ID 86 | DISA STIG SQL Server 2014 Database Audit v1r6 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036300 - SQL Server must generate Trace or Audit records when unsuccessful attempts to modify privileges/permissions via locally-defined security objects occur - Event ID 87 | DISA STIG SQL Server 2014 Database Audit v1r6 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036300 - SQL Server must generate Trace or Audit records when unsuccessful attempts to modify privileges/permissions via locally-defined security objects occur - Event ID 88 | DISA STIG SQL Server 2014 Database Audit v1r6 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036300 - SQL Server must generate Trace or Audit records when unsuccessful attempts to modify privileges/permissions via locally-defined security objects occur - Event ID 90 | DISA STIG SQL Server 2014 Database Audit v1r6 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036300 - SQL Server must generate Trace or Audit records when unsuccessful attempts to modify privileges/permissions via locally-defined security objects occur - SCHEMA_OBJECT_ACCESS_GROUP | DISA STIG SQL Server 2014 Database Audit v1r6 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036400 - SQL Server must generate Trace or Audit records when locally-defined security objects are modified - Event ID 164 | DISA STIG SQL Server 2014 Database Audit v1r6 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036500 - SQL Server must generate Trace or Audit records when unsuccessful attempts to modify locally-defined security objects occur - Event ID 162 | DISA STIG SQL Server 2014 Database Audit v1r6 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036500 - SQL Server must generate Trace or Audit records when unsuccessful attempts to modify locally-defined security objects occur - Event ID 164 | DISA STIG SQL Server 2014 Database Audit v1r6 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036500 - SQL Server must generate Trace or Audit records when unsuccessful attempts to modify locally-defined security objects occur. | DISA STIG SQL Server 2014 Database Audit v1r6 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036600 - Trace or Audit records must be generated when categorized information (e.g., classification levels/security levels) is created - Event ID 84 | DISA STIG SQL Server 2014 Database Audit v1r6 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036600 - Trace or Audit records must be generated when categorized information (e.g., classification levels/security levels) is created - Event ID 85 | DISA STIG SQL Server 2014 Database Audit v1r6 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036600 - Trace or Audit records must be generated when categorized information (e.g., classification levels/security levels) is created - Event ID 86 | DISA STIG SQL Server 2014 Database Audit v1r6 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036600 - Trace or Audit records must be generated when categorized information (e.g., classification levels/security levels) is created - Event ID 87 | DISA STIG SQL Server 2014 Database Audit v1r6 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036600 - Trace or Audit records must be generated when categorized information (e.g., classification levels/security levels) is created - Event ID 89 | DISA STIG SQL Server 2014 Database Audit v1r6 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036600 - Trace or Audit records must be generated when categorized information (e.g., classification levels/security levels) is created - Event ID 162 | DISA STIG SQL Server 2014 Database Audit v1r6 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036600 - Trace or Audit records must be generated when categorized information (e.g., classification levels/security levels) is created - SCHEMA_OBJECT_ACCESS_GROUP | DISA STIG SQL Server 2014 Database Audit v1r6 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| WBSP-AS-000380 - The WebSphere Application Server must generate log records when attempts to access subject privileges occur. | DISA IBM WebSphere Traditional 9 Windows STIG v1r1 | Windows | AUDIT AND ACCOUNTABILITY |
