800-53|AU-14(1)

Title

SYSTEM START-UP

Description

The information system initiates session audits at system start-up.

Reference Item Details

Category: AUDIT AND ACCOUNTABILITY

Parent Title: SESSION AUDIT

Family: AUDIT AND ACCOUNTABILITY

Audit Items

View all Reference Audit Items

NamePluginAudit Name
AIX7-00-002023 - AIX must start audit at boot.UnixDISA STIG AIX 7.x v2r5
AS24-U1-000070 - The Apache web server must generate, at a minimum, log records for system startup and shutdown, system access, and system authentication events - log_config_moduleUnixDISA STIG Apache Server 2.4 Unix Server v2r5
AS24-U1-000070 - The Apache web server must generate, at a minimum, log records for system startup and shutdown, system access, and system authentication events - log_config_moduleUnixDISA STIG Apache Server 2.4 Unix Server v2r5 Middleware
AS24-U1-000070 - The Apache web server must generate, at a minimum, log records for system startup and shutdown, system access, and system authentication events - LogFormatUnixDISA STIG Apache Server 2.4 Unix Server v2r5
AS24-U1-000070 - The Apache web server must generate, at a minimum, log records for system startup and shutdown, system access, and system authentication events - LogFormatUnixDISA STIG Apache Server 2.4 Unix Server v2r5 Middleware
AS24-W1-000070 - The Apache web server must generate, at a minimum, log records for system startup and shutdown, system access, and system authentication events.WindowsDISA STIG Apache Server 2.4 Windows Server v2r2
Big Sur - Enable Security AuditingUnixNIST macOS Big Sur v1.4.0 - 800-53r5 High
Big Sur - Enable Security AuditingUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Low
Big Sur - Enable Security AuditingUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Moderate
Big Sur - Enable Security AuditingUnixNIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Enable Security AuditingUnixNIST macOS Big Sur v1.4.0 - 800-53r4 High
Big Sur - Enable Security AuditingUnixNIST macOS Big Sur v1.4.0 - 800-171
Big Sur - Enable Security AuditingUnixNIST macOS Big Sur v1.4.0 - CNSSI 1253
Big Sur - Enable Security AuditingUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Moderate
Big Sur - Enable Security AuditingUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Low
Catalina - Enable Security AuditingUnixNIST macOS Catalina v1.5.0 - 800-53r4 High
Catalina - Enable Security AuditingUnixNIST macOS Catalina v1.5.0 - CNSSI 1253
Catalina - Enable Security AuditingUnixNIST macOS Catalina v1.5.0 - 800-53r5 Low
Catalina - Enable Security AuditingUnixNIST macOS Catalina v1.5.0 - 800-53r5 Moderate
Catalina - Enable Security AuditingUnixNIST macOS Catalina v1.5.0 - 800-171
Catalina - Enable Security AuditingUnixNIST macOS Catalina v1.5.0 - 800-53r4 Moderate
Catalina - Enable Security AuditingUnixNIST macOS Catalina v1.5.0 - 800-53r4 Low
Catalina - Enable Security AuditingUnixNIST macOS Catalina v1.5.0 - 800-53r5 High
Catalina - Enable Security AuditingUnixNIST macOS Catalina v1.5.0 - All Profiles
CNTR-K8-000600 - The Kubernetes API Server must have an audit policy set.UnixDISA STIG Kubernetes v1r5
CNTR-K8-000610 - The Kubernetes API Server must have an audit log path set.UnixDISA STIG Kubernetes v1r5
DKER-EE-001080 - The audit log configuration level must be set to request in the Universal Control Plane (UCP) component of Docker Enterprise.UnixDISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r1
DKER-EE-001090 - The host operating systems auditing policies for the Docker Engine - Enterprise component of Docker Enterprise must be set - docker pathsUnixDISA STIG Docker Enterprise 2.x Linux/Unix v2r1
DKER-EE-001090 - The host operating systems auditing policies for the Docker Engine - Enterprise component of Docker Enterprise must be set - docker servicesUnixDISA STIG Docker Enterprise 2.x Linux/Unix v2r1
IIST-SI-000206 - Both the log file and Event Tracing for Windows (ETW) for each IIS 10.0 website must be enabled.WindowsDISA IIS 10.0 Site v2r5
IIST-SV-000102 - The enhanced logging for the IIS 10.0 web server must be enabled and capture all user and web server events - Field DateWindowsDISA IIS 10.0 Server v2r5
IIST-SV-000102 - The enhanced logging for the IIS 10.0 web server must be enabled and capture all user and web server events - Field IPWindowsDISA IIS 10.0 Server v2r5
IIST-SV-000102 - The enhanced logging for the IIS 10.0 web server must be enabled and capture all user and web server events - Field MethodWindowsDISA IIS 10.0 Server v2r5
IIST-SV-000102 - The enhanced logging for the IIS 10.0 web server must be enabled and capture all user and web server events - Field QueryWindowsDISA IIS 10.0 Server v2r5
IIST-SV-000102 - The enhanced logging for the IIS 10.0 web server must be enabled and capture all user and web server events - Field RefererWindowsDISA IIS 10.0 Server v2r5
IIST-SV-000102 - The enhanced logging for the IIS 10.0 web server must be enabled and capture all user and web server events - Field StatusWindowsDISA IIS 10.0 Server v2r5
IIST-SV-000102 - The enhanced logging for the IIS 10.0 web server must be enabled and capture all user and web server events - Field TimeWindowsDISA IIS 10.0 Server v2r5
IIST-SV-000102 - The enhanced logging for the IIS 10.0 web server must be enabled and capture all user and web server events - Field UserWindowsDISA IIS 10.0 Server v2r5
IIST-SV-000102 - The enhanced logging for the IIS 10.0 web server must be enabled and capture all user and web server events - Format W3CWindowsDISA IIS 10.0 Server v2r5
IIST-SV-000103 - Both the log file and Event Tracing for Windows (ETW) for the IIS 10.0 web server must be enabled.WindowsDISA IIS 10.0 Server v2r5
IISW-SI-000205 - The enhanced logging for each IIS 8.5 website must be enabled and capture, record, and log all content related to a user session - Field Client IP AddressWindowsDISA IIS 8.5 Site v2r5
IISW-SI-000205 - The enhanced logging for each IIS 8.5 website must be enabled and capture, record, and log all content related to a user session - Field DateWindowsDISA IIS 8.5 Site v2r5
IISW-SI-000205 - The enhanced logging for each IIS 8.5 website must be enabled and capture, record, and log all content related to a user session - Field MethodWindowsDISA IIS 8.5 Site v2r5
IISW-SI-000205 - The enhanced logging for each IIS 8.5 website must be enabled and capture, record, and log all content related to a user session - Field Protocol StatusWindowsDISA IIS 8.5 Site v2r5
IISW-SI-000205 - The enhanced logging for each IIS 8.5 website must be enabled and capture, record, and log all content related to a user session - Field RefererWindowsDISA IIS 8.5 Site v2r5
IISW-SI-000205 - The enhanced logging for each IIS 8.5 website must be enabled and capture, record, and log all content related to a user session - Field TimeWindowsDISA IIS 8.5 Site v2r5
IISW-SI-000205 - The enhanced logging for each IIS 8.5 website must be enabled and capture, record, and log all content related to a user session - Field URI QueryWindowsDISA IIS 8.5 Site v2r5
IISW-SI-000205 - The enhanced logging for each IIS 8.5 website must be enabled and capture, record, and log all content related to a user session - Field User NameWindowsDISA IIS 8.5 Site v2r5
IISW-SI-000205 - The enhanced logging for each IIS 8.5 website must be enabled and capture, record, and log all content related to a user session - Format W3CWindowsDISA IIS 8.5 Site v2r5
IISW-SI-000206 - Both the log file and Event Tracing for Windows (ETW) for each IIS 8.5 website must be enabled.WindowsDISA IIS 8.5 Site v2r5