| AOSX-14-001001 - The macOS system must generate audit records for all account creations, modifications, disabling, and termination events; privileged activities or other system-level access; all kernel module load, unload, and restart actions; all program initiations; and organizationally defined events for all non-local maintenance and diagnostic sessions. | DISA STIG Apple Mac OSX 10.14 v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| OL08-00-030130 - OL 8 must generate audit records for all account creation events that affect '/etc/shadow' - /etc/shadow. | DISA Oracle Linux 8 STIG v1r6 | Unix | |
| OL08-00-030130 - OL 8 must generate audit records for all account creation events that affect '/etc/shadow' - /etc/shadow. | DISA Oracle Linux 8 STIG v1r8 | Unix | |
| OL08-00-030130 - OL 8 must generate audit records for all account creation events that affect '/etc/shadow'. | DISA Oracle Linux 8 STIG v1r1 | Unix | |
| OL08-00-030140 - OL 8 must generate audit records for all account creation events that affect '/etc/security/opasswd' - /etc/security/opasswd. | DISA Oracle Linux 8 STIG v1r6 | Unix | |
| OL08-00-030140 - OL 8 must generate audit records for all account creation events that affect '/etc/security/opasswd' - /etc/security/opasswd. | DISA Oracle Linux 8 STIG v1r7 | Unix | |
| OL08-00-030140 - OL 8 must generate audit records for all account creation events that affect '/etc/security/opasswd' - /etc/security/opasswd. | DISA Oracle Linux 8 STIG v1r8 | Unix | |
| OL08-00-030140 - OL 8 must generate audit records for all account creation events that affect '/etc/security/opasswd'. | DISA Oracle Linux 8 STIG v1r10 | Unix | |
| OL08-00-030150 - OL 8 must generate audit records for all account creation events that affect '/etc/passwd' - /etc/passwd. | DISA Oracle Linux 8 STIG v1r7 | Unix | |
| OL08-00-030150 - OL 8 must generate audit records for all account creation events that affect '/etc/passwd' - /etc/passwd. | DISA Oracle Linux 8 STIG v1r6 | Unix | |
| OL08-00-030150 - OL 8 must generate audit records for all account creation events that affect '/etc/passwd' - /etc/passwd. | DISA Oracle Linux 8 STIG v1r8 | Unix | |
| OL08-00-030150 - OL 8 must generate audit records for all account creation events that affect '/etc/passwd'. | DISA Oracle Linux 8 STIG v1r4 | Unix | |
| OL08-00-030150 - OL 8 must generate audit records for all account creation events that affect '/etc/passwd'. | DISA Oracle Linux 8 STIG v1r10 | Unix | |
| OL08-00-030160 - OL 8 must generate audit records for all account creation events that affect '/etc/gshadow' - /etc/gshadow. | DISA Oracle Linux 8 STIG v1r2 | Unix | |
| OL08-00-030160 - OL 8 must generate audit records for all account creation events that affect '/etc/gshadow' - /etc/gshadow. | DISA Oracle Linux 8 STIG v1r6 | Unix | |
| OL08-00-030160 - OL 8 must generate audit records for all account creation events that affect '/etc/gshadow'. | DISA Oracle Linux 8 STIG v1r9 | Unix | |
| OL08-00-030170 - OL 8 must generate audit records for all account creation events that affect '/etc/group' - /etc/group. | DISA Oracle Linux 8 STIG v1r2 | Unix | |
| OL08-00-030170 - OL 8 must generate audit records for all account creation events that affect '/etc/group'. | DISA Oracle Linux 8 STIG v1r1 | Unix | |
| OL08-00-030171 - OL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect '/etc/sudoers' - /etc/sudoers. | DISA Oracle Linux 8 STIG v1r7 | Unix | |
| OL08-00-030171 - OL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect '/etc/sudoers' - /etc/sudoers. | DISA Oracle Linux 8 STIG v1r6 | Unix | |
| OL08-00-030172 - OL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect '/etc/sudoers.d/' - /etc/sudoers.d/. | DISA Oracle Linux 8 STIG v1r2 | Unix | |
| OL08-00-030172 - OL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect '/etc/sudoers.d/' - /etc/sudoers.d/. | DISA Oracle Linux 8 STIG v1r6 | Unix | |
| OL08-00-030172 - OL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect '/etc/sudoers.d/' - /etc/sudoers.d/. | DISA Oracle Linux 8 STIG v1r7 | Unix | |
| OL08-00-030172 - OL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect '/etc/sudoers.d/' - /etc/sudoers.d/. | DISA Oracle Linux 8 STIG v1r8 | Unix | |
| OL08-00-030172 - OL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect '/etc/sudoers.d/'. | DISA Oracle Linux 8 STIG v1r4 | Unix | |
| RHEL-09-654220 - RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/sudoers.d/ directory. | DISA Red Hat Enterprise Linux 9 STIG v1r1 | Unix | |
| RHEL-09-654230 - RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/gshadow. | DISA Red Hat Enterprise Linux 9 STIG v1r2 | Unix | |
| RHEL-09-654235 - RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/opasswd. | DISA Red Hat Enterprise Linux 9 STIG v1r1 | Unix | |
| UBTU-18-010244 - The Ubuntu operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd. | DISA STIG Ubuntu 18.04 LTS v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-18-010246 - The Ubuntu operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/gshadow. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN10-AU-000030 - The system must be configured to audit Account Management - Security Group Management successes. | DISA Windows 10 STIG v2r9 | Windows | |
| WN10-AU-000035 - The system must be configured to audit Account Management - User Account Management failures. | DISA Windows 10 STIG v2r8 | Windows | |
| WN10-AU-000035 - The system must be configured to audit Account Management - User Account Management failures. | DISA Windows 10 STIG v2r4 | Windows | |
| WN10-AU-000040 - The system must be configured to audit Account Management - User Account Management successes. | DISA Windows 10 STIG v2r8 | Windows | |
| WN10-AU-000040 - The system must be configured to audit Account Management - User Account Management successes. | DISA Windows 10 STIG v2r9 | Windows | |
| WN12-AU-000017 - The system must be configured to audit Account Management - Security Group Management successes. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r4 | Windows | |
| WN12-AU-000017 - The system must be configured to audit Account Management - Security Group Management successes. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r4 | Windows | |
| WN12-AU-000019 - The system must be configured to audit Account Management - User Account Management successes. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r4 | Windows | |
| WN12-AU-000019 - The system must be configured to audit Account Management - User Account Management successes. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r6 | Windows | |
| WN12-AU-000019 - The system must be configured to audit Account Management - User Account Management successes. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r5 | Windows | |
| WN12-AU-000020 - The system must be configured to audit Account Management - User Account Management failures. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r4 | Windows | |
| WN12-AU-000020 - The system must be configured to audit Account Management - User Account Management failures. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r5 | Windows | |
| WN12-AU-000020 - The system must be configured to audit Account Management - User Account Management failures. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r5 | Windows | |
| WN12-AU-000020 - The system must be configured to audit Account Management - User Account Management failures. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r6 | Windows | |
| WN16-AU-000140 - Windows Server 2016 must be configured to audit Account Management - User Account Management successes. | DISA Windows Server 2016 STIG v2r2 | Windows | AUDIT AND ACCOUNTABILITY |
| WN16-AU-000140 - Windows Server 2016 must be configured to audit Account Management - User Account Management successes. | DISA Windows Server 2016 STIG v2r3 | Windows | AUDIT AND ACCOUNTABILITY |
| WN16-AU-000150 - Windows Server 2016 must be configured to audit Account Management - User Account Management failures. | DISA Windows Server 2016 STIG v2r3 | Windows | AUDIT AND ACCOUNTABILITY |
| WN19-AU-000100 - Windows Server 2019 must be configured to audit Account Management - Security Group Management successes. | DISA Windows Server 2019 STIG v2r2 | Windows | AUDIT AND ACCOUNTABILITY |
| WN19-AU-000120 - Windows Server 2019 must be configured to audit Account Management - User Account Management failures. | DISA Windows Server 2019 STIG v2r3 | Windows | AUDIT AND ACCOUNTABILITY |
| WN19-AU-000120 - Windows Server 2019 must be configured to audit Account Management - User Account Management failures. | DISA Windows Server 2019 STIG v2r2 | Windows | AUDIT AND ACCOUNTABILITY |
