| 9.1.5 Ensure 'Windows Firewall: Domain: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\domainfw.log' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | AUDIT AND ACCOUNTABILITY |
| 9.1.7 Ensure 'Windows Firewall: Domain: Logging: Log dropped packets' is set to 'Yes' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | AUDIT AND ACCOUNTABILITY |
| 9.1.8 Ensure 'Windows Firewall: Domain: Logging: Log successful connections' is set to 'Yes' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | AUDIT AND ACCOUNTABILITY |
| 9.2.5 Ensure 'Windows Firewall: Private: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\privatefw.log' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | AUDIT AND ACCOUNTABILITY |
| 9.2.7 Ensure 'Windows Firewall: Private: Logging: Log dropped packets' is set to 'Yes' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | AUDIT AND ACCOUNTABILITY |
| 9.2.8 Ensure 'Windows Firewall: Private: Logging: Log successful connections' is set to 'Yes' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | AUDIT AND ACCOUNTABILITY |
| 9.3.7 Ensure 'Windows Firewall: Public: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\publicfw.log' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | AUDIT AND ACCOUNTABILITY |
| 9.3.9 Ensure 'Windows Firewall: Public: Logging: Log dropped packets' is set to 'Yes' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | AUDIT AND ACCOUNTABILITY |
| 9.3.10 Ensure 'Windows Firewall: Public: Logging: Log successful connections' is set to 'Yes' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | AUDIT AND ACCOUNTABILITY |
| 17.9.1 Ensure 'Audit IPsec Driver' is set to 'Success and Failure' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | AUDIT AND ACCOUNTABILITY |
| 17.9.3 Ensure 'Audit Security State Change' is set to include 'Success' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | AUDIT AND ACCOUNTABILITY |
| 17.9.4 Ensure 'Audit Security System Extension' is set to include 'Success' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | AUDIT AND ACCOUNTABILITY |
| 17.9.5 Ensure 'Audit System Integrity' is set to 'Success and Failure' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | AUDIT AND ACCOUNTABILITY |
| 18.4.13 Ensure 'MSS: (WarningLevel) Percentage threshold for the security event log at which the system will generate a warning' is set to 'Enabled: 90% or less' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | AUDIT AND ACCOUNTABILITY |
| Catalina - Configure Audit Log Folders to Mode 700 or Less Permissive | NIST macOS Catalina v1.5.0 - CNSSI 1253 | Unix | AUDIT AND ACCOUNTABILITY |
| DO5037-ORACLE11 - Oracle SQLNet and listener log files should not be accessible to unauthorized users - '%ORACLE_HOME%\Network\Log\listener.log file permissions are correct' | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| DO5037-ORACLE11 - Oracle SQLNet and listener log files should not be accessible to unauthorized users - '%ORACLE_HOME%\NETWORK\Log\sqlnet.log file permissions are correct' | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| ESXI-80-000094 The ESXi host must enable Secure Boot. | DISA VMware vSphere 8.0 ESXi STIG OS v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| EX19-ED-000050 Exchange audit data must be on separate partitions. | DISA Microsoft Exchange 2019 Edge Server STIG v2r1 | Windows | AUDIT AND ACCOUNTABILITY |
| EX19-MB-000058 Exchange audit data must be on separate partitions. | DISA Microsoft Exchange 2019 Mailbox Server STIG v2r1 | Windows | AUDIT AND ACCOUNTABILITY |
| GEN002700 - System audit logs must have mode 0640 or less permissive. | DISA STIG AIX 6.1 v1r14 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002715 - System audit tool executables must be owned by root - '/usr/sbin/auditbin' | DISA STIG AIX 6.1 v1r14 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002715 - System audit tool executables must be owned by root - '/usr/sbin/auditcat' | DISA STIG AIX 6.1 v1r14 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002715 - System audit tool executables must be owned by root - '/usr/sbin/auditconv' | DISA STIG AIX 6.1 v1r14 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002715 - System audit tool executables must be owned by root - '/usr/sbin/auditselect' | DISA STIG AIX 6.1 v1r14 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002715 - System audit tool executables must be owned by root - '/usr/sbin/auditstream' | DISA STIG AIX 6.1 v1r14 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002716 - System audit tool executables must be group-owned by root, bin, sys, or system - '/sbin/aureport' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002717 - System audit tool executables must have mode 0750 or less permissive - '/sbin/audispd' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002717 - System audit tool executables must have mode 0750 or less permissive - '/sbin/auditctl' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002718 - System audit tool executables must not have extended ACLs - '/sbin/audispd' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002718 - System audit tool executables must not have extended ACLs - '/usr/sbin/auditpr' | DISA STIG AIX 6.1 v1r14 | Unix | AUDIT AND ACCOUNTABILITY |
| Monterey - Configure Audit Log Files to Not Contain Access Control Lists | NIST macOS Monterey v1.0.0 - 800-171 | Unix | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
| OL08-00-030650 - OL 8 must use cryptographic mechanisms to protect the integrity of audit tools. | DISA Oracle Linux 8 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-30-000051 - The Photon operating system package files must not be modified. | DISA STIG VMware vSphere 7.0 Photon OS v1r3 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-40-000092 The Photon operating system must use cryptographic mechanisms to protect the integrity of audit tools. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-67-000053 - The Photon operating system package files must not be modified. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030650 - RHEL 8 must use cryptographic mechanisms to protect the integrity of audit tools. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| SHPT-00-000465 - SharePoint must support the requirement that privileged access is further defined between audit-related privileges and other privileges. | DISA STIG SharePoint 2010 v1r9 | Windows | AUDIT AND ACCOUNTABILITY |
| SLES-15-030630 - The SUSE operating system file integrity tool must be configured to protect the integrity of the audit tools. | DISA SLES 15 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| SPLK-CL-000250 - Splunk Enterprise must be configured to back up the log records repository at least every seven days onto a different system or system component other than the system or component being audited. | DISA STIG Splunk Enterprise 8.x for Linux v2r1 STIG REST API | Splunk | AUDIT AND ACCOUNTABILITY |
| SYMP-NM-000140 - Symantec ProxySG must back up event logs onto a different system or system component than the system or component being audited - Syslog Enabled | DISA Symantec ProxySG Benchmark NDM v1r2 | BlueCoat | AUDIT AND ACCOUNTABILITY |
| SYMP-NM-000140 - Symantec ProxySG must back up event logs onto a different system or system component than the system or component being audited - Syslog IP | DISA Symantec ProxySG Benchmark NDM v1r2 | BlueCoat | AUDIT AND ACCOUNTABILITY |
| UBTU-20-010205 - The Ubuntu operating system must use cryptographic mechanisms to protect the integrity of audit tools. | DISA STIG Ubuntu 20.04 LTS v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-22-651030 - Ubuntu 22.04 LTS must use cryptographic mechanisms to protect the integrity of audit tools. | DISA STIG Canonical Ubuntu 22.04 LTS v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| WBSP-AS-000810 - The WebSphere Application Server must be configured to encrypt log information. | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| WBSP-AS-000810 - The WebSphere Application Server must be configured to encrypt log information. | DISA IBM WebSphere Traditional 9 Windows STIG v1r1 | Windows | AUDIT AND ACCOUNTABILITY |
| WBSP-AS-000810 - The WebSphere Application Server must be configured to encrypt log information. | DISA IBM WebSphere Traditional 9 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| WBSP-AS-000820 - The WebSphere Application Server must be configured to sign log information. | DISA IBM WebSphere Traditional 9 Windows STIG v1r1 | Windows | AUDIT AND ACCOUNTABILITY |
| WBSP-AS-000820 - The WebSphere Application Server must be configured to sign log information. | DISA IBM WebSphere Traditional 9 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| WBSP-AS-000820 - The WebSphere Application Server must be configured to sign log information. | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
