| AOSX-13-000230 - The macOS system must initiate session audits at system startup, using internal clocks with time stamps for audit records that meet a minimum granularity of one second and can be mapped to Coordinated Universal Time (UTC) or Greenwich Mean Time (GMT). | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| AOSX-14-001003 - The macOS system must initiate session audits at system startup, using internal clocks with time stamps for audit records that meet a minimum granularity of one second and can be mapped to Coordinated Universal Time (UTC) or Greenwich Mean Time (GMT). | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| AOSX-15-001003 - The macOS system must initiate session audits at system startup | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| APPL-11-001003 - The macOS system must initiate session audits at system startup, using internal clocks with time stamps for audit records that meet a minimum granularity of one second and can be mapped to Coordinated Universal Time (UTC) or Greenwich Mean Time (GMT), to generate audit records containing information to establish what type of events occurred, the identity of any individual or process associated with the event, including individual identities of group account users, establish where the events occurred, source of the event, and outcome of the events including all account enabling actions, full-text recording of privileged commands, and information about the use of encryption for access wireless access to and from the system. | DISA STIG Apple macOS 11 v1r8 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| APPL-11-001003 - The macOS system must initiate session audits at system startup, using internal clocks with time stamps for audit records that meet a minimum granularity of one second and can be mapped to Coordinated Universal Time (UTC) or Greenwich Mean Time (GMT), to generate audit records containing information to establish what type of events occurred, the identity of any individual or process associated with the event, including individual identities of group account users, establish where the events occurred, source of the event, and outcome of the events including all account enabling actions, full-text recording of privileged commands, and information about the use of encryption for access wireless access to and from the system. | DISA STIG Apple macOS 11 v1r5 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| APPL-12-001003 - The macOS system must initiate session audits at system startup, using internal clocks with time stamps for audit records that meet a minimum granularity of one second and can be mapped to Coordinated Universal Time (UTC) or Greenwich Mean Time (GMT), in order to generate audit records containing information to establish what type of events occurred, the identity of any individual or process associated with the event, including individual identities of group account users, establish where the events occurred, source of the event, and outcome of the events including all account enabling actions, full-text recording of privileged commands, and information about the use of encryption for access wireless access to and from the system. | DISA STIG Apple macOS 12 v1r9 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| APPL-13-001003 - The macOS system must produce audit records containing information to establish when, where, what type, the source, and the outcome for all DOD-defined auditable events and actions. | DISA STIG Apple macOS 13 v1r4 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| ARST-ND-000600 - The Arista network device must be configured to synchronize internal system clocks using redundant authenticated time sources. | DISA STIG Arista MLS EOS 4.2x NDM v2r1 | Arista | AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION |
| AS24-U1-000750 - The Apache web server must generate log records that can be mapped to Coordinated Universal Time (UTC) or Greenwich Mean Time (GMT) which are stamped at a minimum granularity of one second - log_config_module | DISA STIG Apache Server 2.4 Unix Server v3r1 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| AS24-U1-000750 - The Apache web server must generate log records that can be mapped to Coordinated Universal Time (UTC) or Greenwich Mean Time (GMT) which are stamped at a minimum granularity of one second - LogFormat %t | DISA STIG Apache Server 2.4 Unix Server v3r1 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| AS24-U1-000750 - The Apache web server must generate log records that can be mapped to Coordinated Universal Time (UTC) or Greenwich Mean Time (GMT) which are stamped at a minimum granularity of one second. | DISA STIG Apache Server 2.4 Unix Server v3r1 | Unix | AUDIT AND ACCOUNTABILITY |
| Big Sur - Enable Security Auditing | NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Big Sur - Enable Security Auditing | NIST macOS Big Sur v1.4.0 - 800-53r5 Low | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Big Sur - Enable Security Auditing | NIST macOS Big Sur v1.4.0 - 800-53r5 High | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Big Sur - Enable Security Auditing | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| CASA-ND-000970 - The Cisco ASA must be configured to record time stamps for audit records that meet a granularity of one second for a minimum degree of precision. | DISA STIG Cisco ASA NDM v2r1 | Cisco | AUDIT AND ACCOUNTABILITY |
| Catalina - Enable Security Auditing | NIST macOS Catalina v1.5.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| CD12-00-007700 - PostgreSQL must generate time stamps, for audit records and application data, with a minimum granularity of one second. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| CISC-ND-001030 - The Cisco router must be configured to synchronize its clock with the primary and secondary time sources using redundant authoritative time sources. | DISA STIG Cisco IOS XE Router NDM v3r1 | Cisco | AUDIT AND ACCOUNTABILITY |
| CISC-ND-001030 - The Cisco router must be configured to synchronize its clock with the primary and secondary time sources using redundant authoritative time sources. | DISA STIG Cisco IOS Router NDM v3r1 | Cisco | AUDIT AND ACCOUNTABILITY |
| CISC-ND-001030 - The Cisco switch must be configured to synchronize its clock with the primary and secondary time sources using redundant authoritative time sources. | DISA STIG Cisco IOS Switch NDM v3r1 | Cisco | AUDIT AND ACCOUNTABILITY |
| CISC-ND-001030 - The Cisco switch must be configured to synchronize its clock with the primary and secondary time sources using redundant authoritative time sources. | DISA STIG Cisco IOS XE Switch NDM v3r1 | Cisco | AUDIT AND ACCOUNTABILITY |
| CISC-ND-001040 - The Cisco router must record time stamps for audit records that meet a granularity of one second for a minimum degree of precision. | DISA STIG Cisco IOS-XR Router NDM v3r1 | Cisco | AUDIT AND ACCOUNTABILITY |
| EPAS-00-008300 - The EDB Postgres Advanced Server must generate time stamps for audit records and application data, with a minimum granularity of one second. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| Monterey - Enable Security Auditing | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Monterey - Enable Security Auditing | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| PGS9-00-007700 - PostgreSQL must generate time stamps, for audit records and application data, with a minimum granularity of one second. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| SLES-12-020000 - The SUSE operating system must have the auditing package installed. | DISA SLES 12 STIG v2r13 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| SLES-12-020240 - The SUSE operating system must generate audit records for all uses of the privileged functions. | DISA SLES 12 STIG v2r13 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| SLES-15-030640 - The SUSE operating system must generate audit records for all uses of the privileged functions. | DISA SLES 15 STIG v2r1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| SLES-15-030650 - The SUSE operating system must have the auditing package installed. | DISA SLES 15 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| SQL4-00-033700 - Time stamps in database tables, intended for auditing or activity-tracking purposes, must include both date and time of day, with a minimum granularity of one second. | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| VCEM-67-000005 - ESX Agent Manager must record user access in a format that enables monitoring of remote access. | DISA STIG VMware vSphere 6.7 EAM Tomcat v1r4 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| VCEM-70-000005 - ESX Agent Manager must record user access in a format that enables monitoring of remote access. | DISA STIG VMware vSphere 7.0 EAM Tomcat v1r2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| VCFL-67-000009 - vSphere Client must record user access in a format that enables monitoring of remote access. | DISA STIG VMware vSphere 6.7 Virgo Client v1r2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| VCLD-67-000006 - VAMI must produce log records containing sufficient information to establish what type of events occurred. | DISA STIG VMware vSphere 6.7 VAMI-lighttpd v1r3 | Unix | AUDIT AND ACCOUNTABILITY |
| VCLD-70-000006 - VAMI must produce log records containing sufficient information to establish what type of events occurred. | DISA STIG VMware vSphere 7.0 VAMI v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| VCLD-80-000010 The vCenter VAMI service must produce log records containing sufficient information to establish what type of events occurred. | DISA VMware vSphere 8.0 vCenter Appliance Management Interface (VAMI) STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| VCLU-70-000005 - Lookup Service must record user access in a format that enables monitoring of remote access. | DISA STIG VMware vSphere 7.0 Lookup Service v1r2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| VCLU-80-000014 The vCenter Lookup service must produce log records containing sufficient information regarding event details. | DISA VMware vSphere 8.0 vCenter Appliance Lookup Service STIG v2r1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| VCPF-67-000005 - Performance Charts must record user access in a format that enables monitoring of remote access. | DISA STIG VMware vSphere 6.7 Perfcharts Tomcat v1r3 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| VCPF-70-000005 - Performance Charts must record user access in a format that enables monitoring of remote access. | DISA STIG VMware vSphere 7.0 Perfcharts Tomcat v1r1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| VCPF-80-000014 The vCenter Perfcharts service must produce log records containing sufficient information regarding event details. | DISA VMware vSphere 8.0 vCenter Appliance Perfcharts STIG v2r1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| VCPG-70-000002 - VMware Postgres log files must contain required fields. | DISA STIG VMware vSphere 7.0 PostgreSQL v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| VCST-67-000005 - The Security Token Service must record user access in a format that enables monitoring of remote access. | DISA STIG VMware vSphere 6.7 STS Tomcat v1r3 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| VCST-70-000005 - The Security Token Service must record user access in a format that enables monitoring of remote access. | DISA STIG VMware vSphere 7.0 STS Tomcat v1r2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| VCST-80-000014 The vCenter STS service must produce log records containing sufficient information regarding event details. | DISA VMware vSphere 8.0 vCenter Appliance Secure Token Service (STS) STIG v2r1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| VCUI-67-000005 - vSphere UI must record user access in a format that enables monitoring of remote access. | DISA STIG VMware vSphere 6.7 UI Tomcat v1r3 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| VCUI-70-000005 - vSphere UI must record user access in a format that enables monitoring of remote access. | DISA STIG VMware vSphere 7.0 vCA UI v1r2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| VCUI-80-000014 The vCenter UI service must produce log records containing sufficient information regarding event details. | DISA VMware vSphere 8.0 vCenter Appliance User Interface (UI) STIG v2r1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
