| AOSX-13-000120 - The macOS system must generate audit records for all account creations, modifications, disabling, and termination events; privileged activities or other system-level access; all kernel module load, unload, and restart actions; all program initiations; and organizationally defined events for all non-local maintenance and diagnostic sessions. | DISA STIG Apple Mac OSX 10.13 v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| AOSX-13-000120 - The macOS system must generate audit records for all account creations, modifications, disabling, and termination events; privileged activities or other system-level access; all kernel module load, unload, and restart actions; all program initiations; and organizationally defined events for all non-local maintenance and diagnostic sessions. | DISA STIG Apple Mac OSX 10.13 v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| AOSX-14-001001 - The macOS system must generate audit records for all account creations, modifications, disabling, and termination events; privileged activities or other system-level access; all kernel module load, unload, and restart actions; all program initiations; and organizationally defined events for all non-local maintenance and diagnostic sessions. | DISA STIG Apple Mac OSX 10.14 v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| AOSX-14-001001 - The macOS system must generate audit records for all account creations, modifications, disabling, and termination events; privileged activities or other system-level access; all kernel module load, unload, and restart actions; all program initiations; and organizationally defined events for all non-local maintenance and diagnostic sessions. | DISA STIG Apple Mac OSX 10.14 v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| AOSX-15-001001 - The macOS system must generate audit records for all account creations, modifications, disabling, and termination events; privileged activities or other system-level access; all kernel module load, unload, and restart actions; all program initiations; and organizationally defined events for all non-local maintenance and diagnostic sessions. | DISA STIG Apple Mac OSX 10.15 v1r3 | Unix | AUDIT AND ACCOUNTABILITY |
| AOSX-15-001001 - The macOS system must generate audit records for all account creations, modifications, disabling, and termination events; privileged activities or other system-level access; all kernel module load, unload, and restart actions; all program initiations; and organizationally defined events for all non-local maintenance and diagnostic sessions. | DISA STIG Apple Mac OSX 10.15 v1r7 | Unix | AUDIT AND ACCOUNTABILITY |
| AOSX-15-001001 - The macOS system must generate audit records for all account creations, modifications, disabling, and termination events; privileged activities or other system-level access; all kernel module load, unload, and restart actions; all program initiations; and organizationally defined events for all non-local maintenance and diagnostic sessions. | DISA STIG Apple Mac OSX 10.15 v1r5 | Unix | AUDIT AND ACCOUNTABILITY |
| CNTR-K8-000700 - Kubernetes API Server must generate audit records that identify what type of event has occurred, identify the source of the event, contain the event results, identify any users, and identify any containers associated with the event. | DISA STIG Kubernetes v1r6 | Unix | |
| OL07-00-030870 - The Oracle Linux operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd. | DISA Oracle Linux 7 STIG v2r14 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| OL08-00-030160 - OL 8 must generate audit records for all account creation events that affect '/etc/gshadow' - /etc/gshadow. | DISA Oracle Linux 8 STIG v1r8 | Unix | |
| OL08-00-030160 - OL 8 must generate audit records for all account creation events that affect '/etc/gshadow' - /etc/gshadow. | DISA Oracle Linux 8 STIG v1r7 | Unix | |
| OL08-00-030160 - OL 8 must generate audit records for all account creation events that affect '/etc/gshadow'. | DISA Oracle Linux 8 STIG v1r4 | Unix | |
| OL08-00-030160 - OL 8 must generate audit records for all account creation events that affect '/etc/gshadow'. | DISA Oracle Linux 8 STIG v1r1 | Unix | |
| OL08-00-030160 - OL 8 must generate audit records for all account creation events that affect '/etc/gshadow'. | DISA Oracle Linux 8 STIG v1r10 | Unix | |
| RHEL-09-654215 - RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/sudoers. | DISA Red Hat Enterprise Linux 9 STIG v1r2 | Unix | |
| RHEL-09-654215 - RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/sudoers. | DISA Red Hat Enterprise Linux 9 STIG v1r1 | Unix | |
| RHEL-09-654215 - RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/sudoers. | DISA Red Hat Enterprise Linux 9 STIG v1r3 | Unix | |
| RHEL-09-654220 - RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/sudoers.d/ directory. | DISA Red Hat Enterprise Linux 9 STIG v1r2 | Unix | |
| RHEL-09-654220 - RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/sudoers.d/ directory. | DISA Red Hat Enterprise Linux 9 STIG v1r3 | Unix | |
| RHEL-09-654225 - RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/group. | DISA Red Hat Enterprise Linux 9 STIG v1r2 | Unix | |
| RHEL-09-654225 - RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/group. | DISA Red Hat Enterprise Linux 9 STIG v1r3 | Unix | |
| RHEL-09-654225 - RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/group. | DISA Red Hat Enterprise Linux 9 STIG v1r1 | Unix | |
| RHEL-09-654230 - RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/gshadow. | DISA Red Hat Enterprise Linux 9 STIG v1r1 | Unix | |
| RHEL-09-654230 - RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/gshadow. | DISA Red Hat Enterprise Linux 9 STIG v1r3 | Unix | |
| RHEL-09-654235 - RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/opasswd. | DISA Red Hat Enterprise Linux 9 STIG v1r2 | Unix | |
| RHEL-09-654235 - RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/opasswd. | DISA Red Hat Enterprise Linux 9 STIG v1r3 | Unix | |
| RHEL-09-654245 - RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/shadow. | DISA Red Hat Enterprise Linux 9 STIG v1r2 | Unix | |
| RHEL-09-654245 - RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/shadow. | DISA Red Hat Enterprise Linux 9 STIG v1r1 | Unix | |
| RHEL-09-654245 - RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/shadow. | DISA Red Hat Enterprise Linux 9 STIG v1r3 | Unix | |
| UBTU-18-010244 - The Ubuntu operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| UBTU-18-010245 - The Ubuntu operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/group. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| UBTU-18-010247 - The Ubuntu operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/shadow. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| UBTU-18-010248 - The Ubuntu operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/security/opasswd. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN10-AU-000035 - The system must be configured to audit Account Management - User Account Management failures. | DISA Windows 10 STIG v2r1 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN10-AU-000040 - The system must be configured to audit Account Management - User Account Management successes. | DISA Windows 10 STIG v2r1 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN16-AU-000120 - Windows Server 2016 must be configured to audit Account Management - Security Group Management successes. | DISA Windows Server 2016 STIG v2r2 | Windows | AUDIT AND ACCOUNTABILITY |
| WN16-AU-000120 - Windows Server 2016 must be configured to audit Account Management - Security Group Management successes. | DISA Windows Server 2016 STIG v2r3 | Windows | AUDIT AND ACCOUNTABILITY |
| WN16-AU-000120 - Windows Server 2016 must be configured to audit Account Management - Security Group Management successes. | DISA Windows Server 2016 STIG v2r8 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN16-AU-000140 - Windows Server 2016 must be configured to audit Account Management - User Account Management successes. | DISA Windows Server 2016 STIG v2r8 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN16-AU-000150 - Windows Server 2016 must be configured to audit Account Management - User Account Management failures. | DISA Windows Server 2016 STIG v2r2 | Windows | AUDIT AND ACCOUNTABILITY |
| WN16-AU-000150 - Windows Server 2016 must be configured to audit Account Management - User Account Management failures. | DISA Windows Server 2016 STIG v2r8 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN16-DC-000230 - Windows Server 2016 must be configured to audit Account Management - Computer Account Management successes. | DISA Windows Server 2016 STIG v2r3 | Windows | AUDIT AND ACCOUNTABILITY |
| WN16-DC-000230 - Windows Server 2016 must be configured to audit Account Management - Computer Account Management successes. | DISA Windows Server 2016 STIG v2r2 | Windows | AUDIT AND ACCOUNTABILITY |
| WN16-DC-000230 - Windows Server 2016 must be configured to audit Account Management - Computer Account Management successes. | DISA Windows Server 2016 STIG v2r8 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN19-AU-000100 - Windows Server 2019 must be configured to audit Account Management - Security Group Management successes. | DISA Windows Server 2019 STIG v3r1 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN19-AU-000110 - Windows Server 2019 must be configured to audit Account Management - User Account Management successes. | DISA Windows Server 2019 STIG v2r2 | Windows | AUDIT AND ACCOUNTABILITY |
| WN19-AU-000110 - Windows Server 2019 must be configured to audit Account Management - User Account Management successes. | DISA Windows Server 2019 STIG v3r1 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN19-AU-000120 - Windows Server 2019 must be configured to audit Account Management - User Account Management failures. | DISA Windows Server 2019 STIG v3r1 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN19-DC-000230 - Windows Server 2019 must be configured to audit Account Management - Computer Account Management successes. | DISA Windows Server 2019 STIG v2r3 | Windows | AUDIT AND ACCOUNTABILITY |
| WN19-DC-000230 - Windows Server 2019 must be configured to audit Account Management - Computer Account Management successes. | DISA Windows Server 2019 STIG v3r1 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
