| AOSX-15-001044 - The macOS system must generate audit records for DoD-defined events such as successful/unsuccessful logon attempts, successful/unsuccessful direct access attempts, starting and ending time for user access, and concurrent logons to the same account from different sources. | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-11-001002 - The macOS system must monitor remote access methods and generate audit records when successful/unsuccessful attempts to access/modify privileges occur. | DISA STIG Apple macOS 11 v1r8 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| APPL-11-001020 - The macOS system must audit the enforcement actions used to restrict access associated with changes to the system - fm | DISA STIG Apple macOS 11 v1r8 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| APPL-11-001020 - The macOS system must audit the enforcement actions used to restrict access associated with changes to the system - fw | DISA STIG Apple macOS 11 v1r5 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| CISC-ND-001260 - The Cisco switch must be configured to generate audit records when successful/unsuccessful logon attempts occur. | DISA STIG Cisco IOS XE Switch NDM v3r1 | Cisco | AUDIT AND ACCOUNTABILITY |
| CISC-ND-001270 - The Cisco router must be configured to generate log records for privileged activities. | DISA STIG Cisco IOS Router NDM v3r1 | Cisco | AUDIT AND ACCOUNTABILITY |
| DB2X-00-000800 - DB2 must generate audit records when privileges/permissions are retrieved - table SYSIBM.SYSSECURITYPOLICYEXEMPTIONS | DISA STIG IBM DB2 v10.5 LUW v2r1 Database | IBM_DB2DB | AUDIT AND ACCOUNTABILITY |
| DB2X-00-000800 - DB2 must generate audit records when privileges/permissions are retrieved - table SYSIBM.SYSXSROBJECTAUTH | DISA STIG IBM DB2 v10.5 LUW v2r1 Database | IBM_DB2DB | AUDIT AND ACCOUNTABILITY |
| DB2X-00-000900 - DB2 must generate audit records when unsuccessful attempts to retrieve privileges/permissions occur - SYSIBM.SYSDBAUTH | DISA STIG IBM DB2 v10.5 LUW v2r1 Database | IBM_DB2DB | AUDIT AND ACCOUNTABILITY |
| DB2X-00-000900 - DB2 must generate audit records when unsuccessful attempts to retrieve privileges/permissions occur - SYSIBM.SYSROLEAUTH | DISA STIG IBM DB2 v10.5 LUW v2r1 Database | IBM_DB2DB | AUDIT AND ACCOUNTABILITY |
| DB2X-00-000900 - DB2 must generate audit records when unsuccessful attempts to retrieve privileges/permissions occur - SYSIBM.SYSSECURITYLABELACCESS | DISA STIG IBM DB2 v10.5 LUW v2r1 Database | IBM_DB2DB | AUDIT AND ACCOUNTABILITY |
| DB2X-00-011000 - DB2 must generate audit records when security objects are deleted | DISA STIG IBM DB2 v10.5 LUW v2r1 Database | IBM_DB2DB | AUDIT AND ACCOUNTABILITY |
| DB2X-00-011600 - DB2 must generate audit records for all privileged activities or other system-level access | DISA STIG IBM DB2 v10.5 LUW v2r1 Database | IBM_DB2DB | AUDIT AND ACCOUNTABILITY |
| DB2X-00-011800 - DB2 must generate audit records showing starting and ending time for user access to the database(s) - CONTEXT | DISA STIG IBM DB2 v10.5 LUW v2r1 Database | IBM_DB2DB | AUDIT AND ACCOUNTABILITY |
| OL6-00-000185 - The audit system must be configured to audit all discretionary access control permission modifications using chown, fchown, fchownat, and lchown - b32 auid>=500 | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000185 - The audit system must be configured to audit all discretionary access control permission modifications using chown, fchown, fchownat, and lchown - b64 auid=0 | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL07-00-030830 - The Oracle Linux operating system must audit all uses of the delete_module syscall. | DISA Oracle Linux 7 STIG v2r14 | Unix | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037500 - SQL Server must generate Trace or Audit records when successful logons or connections occur. | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037700 - SQL Server must generate Trace or Audit records for all privileged activities or other system-level access - Event ID 82 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037700 - SQL Server must generate Trace or Audit records for all privileged activities or other system-level access - Event ID 86 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037700 - SQL Server must generate Trace or Audit records for all privileged activities or other system-level access - Event ID 117 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037700 - SQL Server must generate Trace or Audit records for all privileged activities or other system-level access - Event ID 118 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037700 - SQL Server must generate Trace or Audit records for all privileged activities or other system-level access - Event ID 128 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037700 - SQL Server must generate Trace or Audit records for all privileged activities or other system-level access - Event ID 130 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037700 - SQL Server must generate Trace or Audit records for all privileged activities or other system-level access - Event ID 173 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037700 - SQL Server must generate Trace or Audit records for all privileged activities or other system-level access - SCHEMA_OBJECT_CHANGE_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037700 - SQL Server must generate Trace or Audit records for all privileged activities or other system-level access - SCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037700 - SQL Server must generate Trace or Audit records for all privileged activities or other system-level access - SCHEMA_OBJECT_PERMISSION_CHANGE_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037700 - SQL Server must generate Trace or Audit records for all privileged activities or other system-level access - SERVER_OBJECT_CHANGE_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037700 - SQL Server must generate Trace or Audit records for all privileged activities or other system-level access - SERVER_OBJECT_PERMISSION_CHANGE_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037700 - SQL Server must generate Trace or Audit records for all privileged activities or other system-level access - SERVER_PERMISSION_CHANGE_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037700 - SQL Server must generate Trace or Audit records for all privileged activities or other system-level access - SERVER_PRINCIPAL_IMPERSONATION_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037800 - SQL Server must generate Trace or Audit records when unsuccessful attempts to execute privileged activities or other system-level access occur - DATABASE_OWNERSHIP_CHANGE_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037800 - SQL Server must generate Trace or Audit records when unsuccessful attempts to execute privileged activities or other system-level access occur - Event ID 83 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037800 - SQL Server must generate Trace or Audit records when unsuccessful attempts to execute privileged activities or other system-level access occur - Event ID 91 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037800 - SQL Server must generate Trace or Audit records when unsuccessful attempts to execute privileged activities or other system-level access occur - Event ID 170 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037800 - SQL Server must generate Trace or Audit records when unsuccessful attempts to execute privileged activities or other system-level access occur - Event ID 173 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037800 - SQL Server must generate Trace or Audit records when unsuccessful attempts to execute privileged activities or other system-level access occur - SCHEMA_OBJECT_ACCESS_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037800 - SQL Server must generate Trace or Audit records when unsuccessful attempts to execute privileged activities or other system-level access occur - SCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037800 - SQL Server must generate Trace or Audit records when unsuccessful attempts to execute privileged activities or other system-level access occur - SERVER_OBJECT_CHANGE_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037800 - SQL Server must generate Trace or Audit records when unsuccessful attempts to execute privileged activities or other system-level access occur - SERVER_PERMISSION_CHANGE_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037800 - SQL Server must generate Trace or Audit records when unsuccessful attempts to execute privileged activities or other system-level access occur - SUCCESSFUL_LOGIN_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037900 - SQL Server must generate Trace or Audit records when logoffs or disconnections occur - Event ID 17 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037900 - SQL Server must generate Trace or Audit records when logoffs or disconnections occur - LOGOUT_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037900 - SQL Server must generate Trace or Audit records when logoffs or disconnections occur. | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-038000 - SQL Server must generate Trace or Audit records when concurrent logons/connections by the same user from different workstations occur - SUCCESSFUL_LOGIN_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| WN22-AU-000140 - Windows Server 2022 must be configured to audit Detailed Tracking - Process Creation successes. | DISA Windows Server 2022 STIG v2r2 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN22-AU-000260 - Windows Server 2022 must be configured to audit Policy Change - Audit Policy Change successes. | DISA Windows Server 2022 STIG v2r2 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN22-AU-000270 - Windows Server 2022 must be configured to audit Policy Change - Audit Policy Change failures. | DISA Windows Server 2022 STIG v2r2 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN22-AU-000380 - Windows Server 2022 must be configured to audit System - System Integrity successes. | DISA Windows Server 2022 STIG v2r2 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
