| 1.14 APPL-14-000031 | CIS Apple macOS 14 (Sonoma) STIG v1.0.0 CAT II | Unix | AUDIT AND ACCOUNTABILITY |
| 1.38 APPL-14-001014 | CIS Apple macOS 14 (Sonoma) STIG v1.0.0 CAT II | Unix | AUDIT AND ACCOUNTABILITY |
| 1.354 RHEL-09-651025 | CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II | Unix | AUDIT AND ACCOUNTABILITY |
| AIX7-00-002025 - AIX audit tools must be owned by root. | DISA STIG AIX 7.x v3r1 | Unix | AUDIT AND ACCOUNTABILITY |
| AIX7-00-002027 - AIX audit tools must be set to 4550 or less permissive. | DISA STIG AIX 7.x v3r1 | Unix | AUDIT AND ACCOUNTABILITY |
| ALMA-09-056890 - AlmaLinux OS 9 must use cryptographic mechanisms to protect the integrity of audit tools. | DISA CloudLinux AlmaLinux OS 9 STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-14-000030 - The macOS system must configure audit log files to not contain access control lists. | DISA Apple macOS 14 Sonoma STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-14-000031 - The macOS system must configure audit log folders to not contain access control lists. | DISA Apple macOS 14 Sonoma STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-14-001015 - The macOS system must configure audit log folders group to wheel. | DISA Apple macOS 14 Sonoma STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-14-001016 - The macOS system must configure audit log files to mode 440 or less permissive. | DISA Apple macOS 14 Sonoma STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-14-001017 - The macOS system must configure audit log folders to mode 700 or less permissive. | DISA Apple macOS 14 Sonoma STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-15-000031 - The macOS system must configure the audit log folder to not contain access control lists (ACLs). | DISA Apple macOS 15 Sequoia STIG v1r5 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-15-001014 - The macOS system must configure the audit log files group to wheel. | DISA Apple macOS 15 Sequoia STIG v1r5 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-15-001016 - The macOS system must configure audit log files to mode 440 or less permissive. | DISA Apple macOS 15 Sequoia STIG v1r5 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-26-000031 - The macOS system must configure the audit log folder to not contain access control lists (ACLs). | DISA Apple macOS 26 Tahoe STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-26-001012 - The macOS system must configure audit log files to be owned by root. | DISA Apple macOS 26 Tahoe STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-26-001015 - The macOS system must configure the audit log folders group to wheel. | DISA Apple macOS 26 Tahoe STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-26-001017 - The macOS system must configure audit log folders to mode 700 or less permissive. | DISA Apple macOS 26 Tahoe STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| AZLX-23-001070 - Amazon Linux 2023 must use cryptographic mechanisms to protect the integrity of audit tools. | DISA Amazon Linux 2023 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| MD3X-00-000220 - MongoDB must protect its audit features from unauthorized access. | DISA STIG MongoDB Enterprise Advanced 3.x v2r3 OS | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000279 - The system package management tool must verify ownership on all files and directories associated with the audit package. | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| PPS9-00-003000 - The EDB Postgres Advanced Server must protect its audit configuration from unauthorized modification. | EDB PostgreSQL Advanced Server OS Linux Audit v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000279 - The system package management tool must verify ownership on all files and directories associated with the audit package. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-651025 - RHEL 9 must use cryptographic mechanisms to protect the integrity of audit tools. | DISA Red Hat Enterprise Linux 9 STIG v2r6 | Unix | AUDIT AND ACCOUNTABILITY |
| SLES-12-020130 - The SUSE operating system audit tools must have the proper permissions configured to protect against unauthorized access. | DISA SLES 12 STIG v3r3 | Unix | AUDIT AND ACCOUNTABILITY |
| SOL-11.1-020040 - The operating system must protect audit tools from unauthorized modification. | DISA Solaris 11 SPARC STIG v3r3 | Unix | AUDIT AND ACCOUNTABILITY |
| SPLK-CL-000190 - Splunk Enterprise installation directories must be secured. | DISA STIG Splunk Enterprise 8.x for Linux v2r3 STIG OS | Unix | AUDIT AND ACCOUNTABILITY |
| SQL2-00-015800 - The OS must limit privileges to change SQL Server software resident within software libraries (including privileged programs) - '\110\Shared' | DISA STIG SQL Server 2012 Database OS Audit v1r20 | Windows | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| SQL2-00-015800 - The OS must limit privileges to change SQL Server software resident within software libraries (including privileged programs) - 'binn' | DISA STIG SQL Server 2012 Database OS Audit v1r20 | Windows | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| SQL2-00-015800 - The OS must limit privileges to change SQL Server software resident within software libraries (including privileged programs) - 'Install' | DISA STIG SQL Server 2012 Database OS Audit v1r20 | Windows | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| SQL6-D0-006300 - SQL Server must protect its audit configuration from authorized and unauthorized access and modification. | DISA STIG SQL Server 2016 Instance DB Audit v3r5 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| UBTU-16-020180 - Audit tools must have a mode of 0755 or less permissive - auditctl | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-16-020180 - Audit tools must have a mode of 0755 or less permissive - aureport | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-16-020180 - Audit tools must have a mode of 0755 or less permissive - ausearch | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-16-020190 - Audit tools must be owned by root - audispd | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-16-020190 - Audit tools must be owned by root - auditctl | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-16-020190 - Audit tools must be owned by root - auditd | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-16-020190 - Audit tools must be owned by root - augenrules | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-16-020190 - Audit tools must be owned by root - ausearch | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-16-020190 - Audit tools must be owned by root - autrace | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-16-020200 - Audit tools must be group-owned by root - auditctl | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-16-020200 - Audit tools must be group-owned by root - auditd | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-16-020200 - Audit tools must be group-owned by root - ausearch | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-18-010128 - The Ubuntu operating system must configure audit tools with a mode of 0755 or less permissive. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | AUDIT AND ACCOUNTABILITY |
| WBLC-02-000099 - Oracle WebLogic must protect audit tools from unauthorized modification. | Oracle WebLogic Server 12c Linux v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| WBLC-02-000099 - Oracle WebLogic must protect audit tools from unauthorized modification. | Oracle WebLogic Server 12c Windows v2r2 | Windows | AUDIT AND ACCOUNTABILITY |
| WN12-AU-000213 - Event Viewer must be protected from unauthorized modification and deletion. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | AUDIT AND ACCOUNTABILITY |
| WN12-AU-000213 - Event Viewer must be protected from unauthorized modification and deletion. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | AUDIT AND ACCOUNTABILITY |
| WN16-AU-000060 - Event Viewer must be protected from unauthorized modification and deletion. | DISA Microsoft Windows Server 2016 STIG v2r10 | Windows | AUDIT AND ACCOUNTABILITY |
| WN19-AU-000060 - Windows Server 2019 Event Viewer must be protected from unauthorized modification and deletion. | DISA Microsoft Windows Server 2019 STIG v3r5 | Windows | AUDIT AND ACCOUNTABILITY |
