| AIX7-00-002032 - AIX must provide the function for assigned ISSOs or designated SAs to change the auditing to be performed on all operating system components, based on all selectable event criteria in near real time. | DISA STIG AIX 7.x v2r9 | Unix | AUDIT AND ACCOUNTABILITY |
| AOSX-14-001003 - The macOS system must initiate session audits at system startup, using internal clocks with time stamps for audit records that meet a minimum granularity of one second and can be mapped to Coordinated Universal Time (UTC) or Greenwich Mean Time (GMT). | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| AOSX-15-001003 - The macOS system must initiate session audits at system startup | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| APPL-11-001003 - The macOS system must initiate session audits at system startup, using internal clocks with time stamps for audit records that meet a minimum granularity of one second and can be mapped to Coordinated Universal Time (UTC) or Greenwich Mean Time (GMT), to generate audit records containing information to establish what type of events occurred, the identity of any individual or process associated with the event, including individual identities of group account users, establish where the events occurred, source of the event, and outcome of the events including all account enabling actions, full-text recording of privileged commands, and information about the use of encryption for access wireless access to and from the system. | DISA STIG Apple macOS 11 v1r5 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| APPL-11-001003 - The macOS system must initiate session audits at system startup, using internal clocks with time stamps for audit records that meet a minimum granularity of one second and can be mapped to Coordinated Universal Time (UTC) or Greenwich Mean Time (GMT), to generate audit records containing information to establish what type of events occurred, the identity of any individual or process associated with the event, including individual identities of group account users, establish where the events occurred, source of the event, and outcome of the events including all account enabling actions, full-text recording of privileged commands, and information about the use of encryption for access wireless access to and from the system. | DISA STIG Apple macOS 11 v1r8 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| APPL-12-001003 - The macOS system must initiate session audits at system startup, using internal clocks with time stamps for audit records that meet a minimum granularity of one second and can be mapped to Coordinated Universal Time (UTC) or Greenwich Mean Time (GMT), in order to generate audit records containing information to establish what type of events occurred, the identity of any individual or process associated with the event, including individual identities of group account users, establish where the events occurred, source of the event, and outcome of the events including all account enabling actions, full-text recording of privileged commands, and information about the use of encryption for access wireless access to and from the system. | DISA STIG Apple macOS 12 v1r9 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| APPL-13-001003 - The macOS system must produce audit records containing information to establish when, where, what type, the source, and the outcome for all DOD-defined auditable events and actions. | DISA STIG Apple macOS 13 v1r4 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| APPL-15-001003 - The macOS system must enable security auditing. | DISA Apple macOS 15 (Sequoia) STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| Big Sur - Enable Security Auditing | NIST macOS Big Sur v1.4.0 - 800-171 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Big Sur - Enable Security Auditing | NIST macOS Big Sur v1.4.0 - 800-53r4 High | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Big Sur - Enable Security Auditing | NIST macOS Big Sur v1.4.0 - 800-53r4 Low | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Big Sur - Enable Security Auditing | NIST macOS Big Sur v1.4.0 - CNSSI 1253 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Big Sur - Enable Security Auditing | NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Big Sur - Enable Security Auditing | NIST macOS Big Sur v1.4.0 - 800-53r5 High | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Big Sur - Enable Security Auditing | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Big Sur - Enable Security Auditing | NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Big Sur - Enable Security Auditing | NIST macOS Big Sur v1.4.0 - 800-53r5 Low | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| BIND-9X-001010 - A BIND 9.x server implementation must be configured to allow DNS administrators to audit all DNS server components, based on selectable event criteria, and produce audit records within all DNS server components that contain information for failed security verification tests, information to establish the outcome and source of the events, any information necessary to determine cause of failure, and any information necessary to return to operations with least disruption to mission processes. | DISA BIND 9.x STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| Catalina - Enable Security Auditing | NIST macOS Catalina v1.5.0 - 800-53r4 Low | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Catalina - Enable Security Auditing | NIST macOS Catalina v1.5.0 - 800-53r5 Low | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Catalina - Enable Security Auditing | NIST macOS Catalina v1.5.0 - 800-171 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Catalina - Enable Security Auditing | NIST macOS Catalina v1.5.0 - 800-53r4 High | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Catalina - Enable Security Auditing | NIST macOS Catalina v1.5.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Catalina - Enable Security Auditing | NIST macOS Catalina v1.5.0 - 800-53r5 High | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Catalina - Enable Security Auditing | NIST macOS Catalina v1.5.0 - CNSSI 1253 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Catalina - Enable Security Auditing | NIST macOS Catalina v1.5.0 - All Profiles | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Catalina - Enable Security Auditing | NIST macOS Catalina v1.5.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| CD12-00-010000 - PostgreSQL must provide the means for individuals in authorized roles to change the auditing to be performed on all application components, based on all selectable event criteria within organization-defined time thresholds. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| Monterey - Enable Security Auditing | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Monterey - Enable Security Auditing | NIST macOS Monterey v1.0.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Monterey - Enable Security Auditing | NIST macOS Monterey v1.0.0 - 800-53r5 Low | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Monterey - Enable Security Auditing | NIST macOS Monterey v1.0.0 - CNSSI 1253 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Monterey - Enable Security Auditing | NIST macOS Monterey v1.0.0 - All Profiles | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Monterey - Enable Security Auditing | NIST macOS Monterey v1.0.0 - 800-171 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Monterey - Enable Security Auditing | NIST macOS Monterey v1.0.0 - 800-53r4 Low | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Monterey - Enable Security Auditing | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Monterey - Enable Security Auditing | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| SLES-12-020000 - The SUSE operating system must have the auditing package installed. | DISA SLES 12 STIG v2r13 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| SLES-12-020240 - The SUSE operating system must generate audit records for all uses of the privileged functions. | DISA SLES 12 STIG v2r13 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| SLES-15-030640 - The SUSE operating system must generate audit records for all uses of the privileged functions. | DISA SLES 15 STIG v2r1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| SLES-15-030650 - The SUSE operating system must have the auditing package installed. | DISA SLES 15 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| SPLK-CL-000120 - The System Administrator (SA) and Information System Security Manager (ISSM) must configure the retention of the log records based on the defined security plan. | DISA STIG Splunk Enterprise 8.x for Linux v2r1 STIG OS | Unix | AUDIT AND ACCOUNTABILITY |
| SPLK-CL-000260 - The System Administrator (SA) and Information System Security Officer (ISSO) must configure the retention of the log records based on the defined security plan. | DISA STIG Splunk Enterprise 7.x for Windows v3r1 REST API | Splunk | AUDIT AND ACCOUNTABILITY |
| WN10-UR-000130 - The Manage auditing and security log user right must only be assigned to the Administrators group. | DISA Windows 10 STIG v3r2 | Windows | AUDIT AND ACCOUNTABILITY |
| WN11-AU-000030 - The system must be configured to audit Account Management - Security Group Management successes. | DISA Windows 11 STIG v2r2 | Windows | AUDIT AND ACCOUNTABILITY |
| WN12-UR-000032 - The Manage auditing and security log user right must only be assigned to the Administrators group. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | AUDIT AND ACCOUNTABILITY |
| WN12-UR-000032 - The Manage auditing and security log user right must only be assigned to the Administrators group. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | AUDIT AND ACCOUNTABILITY |
| WN16-UR-000260 - The Manage auditing and security log user right must only be assigned to the Administrators group. | DISA Windows Server 2016 STIG v2r9 | Windows | AUDIT AND ACCOUNTABILITY |
| WN19-UR-000170 - Windows Server 2019 Manage auditing and security log user right must only be assigned to the Administrators group. | DISA Windows Server 2019 STIG v3r2 | Windows | AUDIT AND ACCOUNTABILITY |
| WN22-UR-000170 - Windows Server 2022 manage auditing and security log user right must only be assigned to the Administrators group. | DISA Windows Server 2022 STIG v2r2 | Windows | AUDIT AND ACCOUNTABILITY |
