Item Search

NameAudit NamePluginCategory
AIX7-00-002016 - AIX must provide audit record generation functionality for DoD-defined auditable eventsDISA STIG AIX 7.x v2r8Unix
AIX7-00-002016 - AIX must provide audit record generation functionality for DoD-defined auditable events - /etc/groupDISA STIG AIX 7.x v2r6Unix
AIX7-00-002016 - AIX must provide audit record generation functionality for DoD-defined auditable events - /etc/groupDISA STIG AIX 7.x v2r5Unix
AIX7-00-002016 - AIX must provide audit record generation functionality for DoD-defined auditable events - /etc/security/audit/configDISA STIG AIX 7.x v2r5Unix
AIX7-00-002016 - AIX must provide audit record generation functionality for DoD-defined auditable events - /etc/security/environDISA STIG AIX 7.x v2r6Unix
AIX7-00-002016 - AIX must provide audit record generation functionality for DoD-defined auditable events - /etc/security/groupDISA STIG AIX 7.x v2r6Unix
AIX7-00-002016 - AIX must provide audit record generation functionality for DoD-defined auditable events - /etc/security/limitsDISA STIG AIX 7.x v2r6Unix
AIX7-00-002016 - AIX must provide audit record generation functionality for DoD-defined auditable events - /etc/security/login.cfgDISA STIG AIX 7.x v2r5Unix
AIX7-00-002016 - AIX must provide audit record generation functionality for DoD-defined auditable events - /etc/security/passwd readDISA STIG AIX 7.x v2r5Unix
AIX7-00-002016 - AIX must provide audit record generation functionality for DoD-defined auditable events - /etc/security/passwd writeDISA STIG AIX 7.x v2r6Unix
Big Sur - Configure the System to Notify upon Account Removed ActionsNIST macOS Big Sur v1.4.0 - 800-53r4 ModerateUnix

ACCESS CONTROL

Big Sur - Configure the System to Notify upon Account Removed ActionsNIST macOS Big Sur v1.4.0 - All ProfilesUnix

ACCESS CONTROL

Big Sur - Configure the System to Notify upon Account Removed ActionsNIST macOS Big Sur v1.4.0 - CNSSI 1253Unix

ACCESS CONTROL

Big Sur - Configure the System to Notify upon Account Removed ActionsNIST macOS Big Sur v1.4.0 - 800-53r4 HighUnix

ACCESS CONTROL

Catalina - Configure the System to Notify upon Account Removed ActionsNIST macOS Catalina v1.5.0 - 800-53r4 HighUnix

ACCESS CONTROL

Catalina - Configure the System to Notify upon Account Removed ActionsNIST macOS Catalina v1.5.0 - All ProfilesUnix

ACCESS CONTROL

Catalina - Configure the System to Notify upon Account Removed ActionsNIST macOS Catalina v1.5.0 - 800-53r4 ModerateUnix

ACCESS CONTROL

Catalina - Configure the System to Notify upon Account Removed ActionsNIST macOS Catalina v1.5.0 - CNSSI 1253Unix

ACCESS CONTROL

F5BI-DM-000161 - The BIG-IP appliance must be configured to generate alerts that can be forwarded to the administrators and Information System Security Officer (ISSO) when accounts are removed.DISA F5 BIG-IP Device Management 11.x STIG v1r7F5
F5BI-DM-000161 - The BIG-IP appliance must be configured to generate alerts that can be forwarded to the administrators and Information System Security Officer (ISSO) when accounts are removed.DISA F5 BIG-IP Device Management 11.x STIG v2r2F5
F5BI-DM-000161 - The BIG-IP appliance must be configured to generate alerts that can be forwarded to the administrators and Information System Security Officer (ISSO) when accounts are removed.DISA F5 BIG-IP Device Management 11.x STIG v2r1F5
F5BI-DM-000161 - The BIG-IP appliance must be configured to generate alerts that can be forwarded to the administrators and Information System Security Officer (ISSO) when accounts are removed.DISA F5 BIG-IP Device Management STIG v2r3F5

ACCESS CONTROL, CONFIGURATION MANAGEMENT

JUSX-DM-000061 - In the event that communications with the events server is lost, the Juniper SRX Services Gateway must continue to queue log records locally.DISA Juniper SRX Services Gateway NDM v2r1Juniper
Monterey - Configure the System to Notify upon Account Removed ActionsNIST macOS Monterey v1.0.0 - 800-53r4 HighUnix

ACCESS CONTROL

Monterey - Configure the System to Notify upon Account Removed ActionsNIST macOS Monterey v1.0.0 - 800-53r4 ModerateUnix

ACCESS CONTROL

Monterey - Configure the System to Notify upon Account Removed ActionsNIST macOS Monterey v1.0.0 - All ProfilesUnix

ACCESS CONTROL

Monterey - Configure the System to Notify upon Account Removed ActionsNIST macOS Monterey v1.0.0 - CNSSI 1253Unix

ACCESS CONTROL

PHTN-67-000040 - The Photon operating system must configure rsyslog to offload system logs to a central server.DISA STIG VMware vSphere 6.7 Photon OS v1r1Unix
PHTN-67-000040 - The Photon operating system must configure rsyslog to offload system logs to a central server.DISA STIG VMware vSphere 6.7 Photon OS v1r3Unix
PHTN-67-000040 - The Photon operating system must configure rsyslog to offload system logs to a central server.DISA STIG VMware vSphere 6.7 Photon OS v1r5Unix
PHTN-67-000040 - The Photon operating system must configure rsyslog to offload system logs to a central server.DISA STIG VMware vSphere 6.7 Photon OS v1r6Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY

RHEL-09-654240 - RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd.DISA Red Hat Enterprise Linux 9 STIG v1r3Unix
RHEL-09-654240 - RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd.DISA Red Hat Enterprise Linux 9 STIG v1r1Unix
SLES-15-030000 - The SUSE operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd.DISA SLES 15 STIG v1r6Unix
SLES-15-030000 - The SUSE operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd.DISA SLES 15 STIG v1r11Unix
SLES-15-030000 - The SUSE operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd.DISA SLES 15 STIG v1r12Unix
SLES-15-030000 - The SUSE operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd.DISA SLES 15 STIG v1r10Unix
SLES-15-030000 - The SUSE operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd.DISA SLES 15 STIG v1r9Unix
SLES-15-030000 - The SUSE operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd.DISA SLES 15 STIG v1r13Unix
SLES-15-030000 - The SUSE operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd.DISA SLES 15 STIG v1r1Unix

AUDIT AND ACCOUNTABILITY

SLES-15-030000 - The SUSE operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd.DISA SLES 15 STIG v1r3Unix

AUDIT AND ACCOUNTABILITY

SPLK-CL-000020 - Splunk Enterprise must notify the System Administrator (SA) and Information System Security Officer (ISSO) when account events are received (creation, deletion, modification, or disabling).DISA STIG Splunk Enterprise 8.x for Linux v1r3 STIG REST APISplunk
SPLK-CL-000020 - Splunk Enterprise must notify the System Administrator (SA) and Information System Security Officer (ISSO) when account events are received (creation, deletion, modification, or disabling).DISA STIG Splunk Enterprise 8.x for Linux v1r4 STIG REST APISplunk
SPLK-CL-000020 - Splunk Enterprise must notify the System Administrator (SA) and Information System Security Officer (ISSO) when account events are received (creation, deletion, modification, or disabling).DISA STIG Splunk Enterprise 8.x for Linux v1r5 STIG REST APISplunk
SPLK-CL-000200 - Splunk Enterprise must notify the System Administrator (SA) and Information System Security Officer (ISSO) when account events are received (creation, deletion, modification, disabling).DISA STIG Splunk Enterprise 7.x for Windows v2r3 REST APISplunk
SPLK-CL-000200 - Splunk Enterprise must notify the System Administrator (SA) and Information System Security Officer (ISSO) when account events are received (creation, deletion, modification, disabling).DISA STIG Splunk Enterprise 7.x for Windows v2r4 REST APISplunk
SPLK-CL-000235 - Splunk Enterprise must notify analysts of applicable events for Tier 2 CSSP and JRSS only.DISA STIG Splunk Enterprise 7.x for Windows v2r3 REST APISplunk
SPLK-CL-000235 - Splunk Enterprise must notify analysts of applicable events for Tier 2 CSSP and JRSS only.DISA STIG Splunk Enterprise 7.x for Windows v2r4 REST APISplunk
VCSA-70-000123 - The vCenter Server must provide an immediate real-time alert to the system administrator (SA) and information system security officer (ISSO), at a minimum, on every Single Sign-On (SSO) account action.DISA STIG VMware vSphere 7.0 vCenter v1r2VMware
VCSA-70-000123 - The vCenter Server must provide an immediate real-time alert to the system administrator (SA) and information system security officer (ISSO), at a minimum, on every Single Sign-On (SSO) account action.DISA STIG VMware vSphere 7.0 vCenter v1r3VMware

ACCESS CONTROL