| 3.125 - Audit policy using subcategories is enabled. | DISA Windows Vista STIG v6r41 | Windows | AUDIT AND ACCOUNTABILITY |
| EX19-ED-000027 Exchange connectivity logging must be enabled. | DISA Microsoft Exchange 2019 Edge Server STIG v2r1 | Windows | AUDIT AND ACCOUNTABILITY |
| EX19-MB-000033 Exchange audit record parameters must be set. | DISA Microsoft Exchange 2019 Mailbox Server STIG v2r1 | Windows | AUDIT AND ACCOUNTABILITY |
| GEN002660 - Auditing must be implemented. | DISA STIG AIX 5.3 v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| GOOG-11-006100 - Google Android 11 must be configured to generate audit records for the following auditable events: detected integrity violations. | AirWatch - DISA Google Android 11 COPE v2r1 | MDM | AUDIT AND ACCOUNTABILITY |
| GOOG-11-006100 - Google Android 11 must be configured to generate audit records for the following auditable events: detected integrity violations. | MobileIron - DISA Google Android 11 COPE v2r1 | MDM | AUDIT AND ACCOUNTABILITY |
| GOOG-12-007800 - Google Android 12 must be configured to generate audit records for the following auditable events: detected integrity violations. | AirWatch - DISA Google Android 12 COPE v1r2 | MDM | AUDIT AND ACCOUNTABILITY |
| GOOG-12-007800 - Google Android 12 must be configured to generate audit records for the following auditable events: detected integrity violations. | MobileIron - DISA Google Android 12 COPE v1r2 | MDM | AUDIT AND ACCOUNTABILITY |
| GOOG-13-007800 - Google Android 13 must be configured to generate audit records for the following auditable events: Detected integrity violations. | MobileIron - DISA Google Android 13 COBO v2r1 | MDM | AUDIT AND ACCOUNTABILITY |
| GOOG-13-007800 - Google Android 13 must be configured to generate audit records for the following auditable events: Detected integrity violations. | MobileIron - DISA Google Android 13 COPE v2r1 | MDM | AUDIT AND ACCOUNTABILITY |
| GOOG-14-007800 - Google Android 14 must be configured to generate audit records for the following auditable events: Detected integrity violations. | AirWatch - DISA Google Android 14 COBO v2r1 | MDM | AUDIT AND ACCOUNTABILITY |
| GOOG-14-007800 - Google Android 14 must be configured to generate audit records for the following auditable events: Detected integrity violations. | MobileIron - DISA Google Android 14 COBO v2r1 | MDM | AUDIT AND ACCOUNTABILITY |
| HONW-09-006100 - The Honeywell Mobility Edge Android Pie device must be configured to generate audit records for the following auditable events: detected integrity violations. | MobileIron - DISA Honeywell Android 9.x COPE v1r2 | MDM | AUDIT AND ACCOUNTABILITY |
| MADB-10-000500 - MariaDB must provide audit record generation capability for DoD-defined auditable events within all DBMS/database components. | DISA MariaDB Enterprise 10.x v2r1 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MOTO-09-006100 - The Motorola Android Pie must be configured to generate audit records for the following auditable events: detected integrity violations. | AirWatch - DISA Motorola Android Pie.x COPE v1r2 | MDM | AUDIT AND ACCOUNTABILITY |
| MOTS-11-006100 - Motorola Solutions Android 11 must be configured to generate audit records for the following auditable events: Detected integrity violations. | MobileIron - DISA Motorola Solutions Android 11 COBO v1r3 | MDM | AUDIT AND ACCOUNTABILITY |
| OL08-00-030315 - OL 8 must generate audit records for any use of the 'userhelper' command. | DISA Oracle Linux 8 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030130 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/shadow. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030150 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030160 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/gshadow. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030190 - Successful/unsuccessful uses of the su command in RHEL 8 must generate an audit record. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030200 - The RHEL 8 audit system must be configured to audit any usage of the setxattr, fsetxattr, lsetxattr, removexattr, fremovexattr, and lremovexattr system calls. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030250 - Successful/unsuccessful uses of the chage command in RHEL 8 must generate an audit record. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030260 - Successful/unsuccessful uses of the chcon command in RHEL 8 must generate an audit record. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030301 - Successful/unsuccessful uses of the umount command in RHEL 8 must generate an audit record. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030311 - Successful/unsuccessful uses of postdrop in RHEL 8 must generate an audit record. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030312 - Successful/unsuccessful uses of postqueue in RHEL 8 must generate an audit record. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030313 - Successful/unsuccessful uses of semanage in RHEL 8 must generate an audit record. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030317 - Successful/unsuccessful uses of unix_chkpwd in RHEL 8 must generate an audit record. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030340 - Successful/unsuccessful uses of the pam_timestamp_check command in RHEL 8 must generate an audit record. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030550 - Successful/unsuccessful uses of the sudo command in RHEL 8 must generate an audit record. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030580 - Successful/unsuccessful uses of the kmod command in RHEL 8 must generate an audit record. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-291025 - RHEL 9 must enable Linux audit logging for the USBGuard daemon. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| SQL2-00-011200 - SQL Server must provide audit record generation capability for organization-defined auditable events within the database - 'Event ID 18' | DISA STIG SQL Server 2012 Database Audit v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-011200 - SQL Server must provide audit record generation capability for organization-defined auditable events within the database - 'Event ID 20' | DISA STIG SQL Server 2012 Database Audit v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-011200 - SQL Server must provide audit record generation capability for organization-defined auditable events within the database - 'Event ID 103' | DISA STIG SQL Server 2012 Database Audit v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-011200 - SQL Server must provide audit record generation capability for organization-defined auditable events within the database - 'Event ID 108' | DISA STIG SQL Server 2012 Database Audit v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-011200 - SQL Server must provide audit record generation capability for organization-defined auditable events within the database - 'Event ID 110' | DISA STIG SQL Server 2012 Database Audit v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-011200 - SQL Server must provide audit record generation capability for organization-defined auditable events within the database - 'Event ID 113' | DISA STIG SQL Server 2012 Database Audit v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-011200 - SQL Server must provide audit record generation capability for organization-defined auditable events within the database - 'Event ID 132' | DISA STIG SQL Server 2012 Database Audit v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-011200 - SQL Server must provide audit record generation capability for organization-defined auditable events within the database - 'Event ID 133' | DISA STIG SQL Server 2012 Database Audit v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-011200 - SQL Server must provide audit record generation capability for organization-defined auditable events within the database - 'Event ID 170' | DISA STIG SQL Server 2012 Database Audit v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-011200 - SQL Server must provide audit record generation capability for organization-defined auditable events within the database - 'Event ID 171' | DISA STIG SQL Server 2012 Database Audit v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-011200 - SQL Server must provide audit record generation capability for organization-defined auditable events within the database - 'Event ID 176' | DISA STIG SQL Server 2012 Database Audit v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SYMP-NM-000070 - Symantec ProxySG must enable event access logging. | DISA Symantec ProxySG Benchmark NDM v1r2 | BlueCoat | AUDIT AND ACCOUNTABILITY |
| VCLD-67-000005 - VAMI must generate log records for system startup and shutdown. | DISA STIG VMware vSphere 6.7 VAMI-lighttpd v1r3 | Unix | AUDIT AND ACCOUNTABILITY |
| VCST-67-000006 - The Security Token Service must generate log records during Java startup and shutdown - handlers | DISA STIG VMware vSphere 6.7 STS Tomcat v1r3 | Unix | AUDIT AND ACCOUNTABILITY |
| WN11-SO-000030 - Audit policy using subcategories must be enabled. | DISA Windows 11 STIG v2r2 | Windows | AUDIT AND ACCOUNTABILITY |
| ZEBR-10-006100 - Zebra Android 10 must be configured to generate audit records for the following auditable events: detected integrity violations. | MobileIron - DISA Zebra Android 10 COBO v1r2 | MDM | AUDIT AND ACCOUNTABILITY |
| ZEBR-10-006100 - Zebra Android 10 must be configured to generate audit records for the following auditable events: detected integrity violations. | MobileIron - DISA Zebra Android 10 COPE v1r2 | MDM | AUDIT AND ACCOUNTABILITY |
