| 3.1.3 Set Diagnostic Logging to Capture Errors and Warnings (DIAGLEVEL) | CIS IBM DB2 11 v1.1.0 Windows OS Level 1 | Windows | AUDIT AND ACCOUNTABILITY |
| 3.1.19 Ensure 'debug_pretty_print' is enabled | CIS PostgreSQL 13 DB v1.2.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.19 Ensure 'debug_pretty_print' is enabled | CIS PostgreSQL 16 DB v1.0.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.20 Ensure 'log_connections' is enabled | CIS PostgreSQL 13 DB v1.2.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.21 Ensure 'log_disconnections' is enabled | CIS PostgreSQL 16 DB v1.0.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.22 Ensure 'log_error_verbosity' is set correctly | CIS PostgreSQL 15 DB v1.1.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.22 Ensure 'log_error_verbosity' is set correctly | CIS PostgreSQL 16 DB v1.0.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.24 Ensure 'log_line_prefix' is set correctly | CIS PostgreSQL 13 DB v1.2.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.24 Ensure 'log_line_prefix' is set correctly | CIS PostgreSQL 15 DB v1.1.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.26 Ensure 'log_timezone' is set correctly | CIS PostgreSQL 15 DB v1.1.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.26 Ensure 'log_timezone' is set correctly | CIS PostgreSQL 16 DB v1.0.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.2.2 Ensure that the audit policy covers key security concerns | CIS Kubernetes v1.24 Benchmark v1.0.0 L2 Master | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.2 Ensure system administrator command executions (sudo) are collected - 32 bit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.2 Ensure system administrator command executions (sudo) are collected - 32 bit auditctl | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.7 Ensure kernel module loading and unloading is collected - auditctl init_module | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.7 Ensure kernel module loading and unloading is collected - init_module | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.7 Ensure kernel module loading and unloading is collected - insmod | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.8 Ensure events that modify user/group information are collected | CIS Fedora 28 Family Linux Workstation L2 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.14 Ensure events that modify the system's Mandatory Access Controls are collected | CIS Fedora 28 Family Linux Workstation L2 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.4 Ensure events that modify date and time information are collected - audit.rules b32 clock_settime | CIS SUSE Linux Enterprise Server 11 L2 v2.1.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.4 Ensure events that modify date and time information are collected - auditctl time-change | CIS SUSE Linux Enterprise Server 11 L2 v2.1.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.5 Ensure events that modify user/group information are collected - /etc/passwd | CIS SUSE Linux Enterprise Server 11 L2 v2.1.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.6 Ensure events that modify the system's Mandatory Access Controls are collected | CIS SUSE Linux Enterprise 15 Workstation L2 v1.1.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.7 Ensure events that modify the system's Mandatory Access Controls are collected - /etc/apparmor/ | CIS SUSE Linux Enterprise Server 11 L2 v2.1.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.9 Ensure discretionary access control permission modification events are collected | CIS SUSE Linux Enterprise 12 v3.1.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.10 Ensure discretionary access control permission modification events are collected - b32 chown fchown | CIS SUSE Linux Enterprise Server 11 L2 v2.1.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - auditctl b32 EACCES | CIS SUSE Linux Enterprise Server 11 L2 v2.1.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - auditctl b64 EACCES | CIS SUSE Linux Enterprise Server 11 L2 v2.1.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.12 Ensure successful file system mounts are collected | CIS SUSE Linux Enterprise 12 v3.1.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.14 Ensure changes to system administration scope (sudoers) is collected | CIS SUSE Linux Enterprise 12 v3.1.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.16 Ensure kernel module loading and unloading is collected | CIS SUSE Linux Enterprise 12 v3.1.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 4.3 (L1) Host must log sufficient information for events | CIS VMware ESXi 8.0 v1.1.0 L1 | VMware | AUDIT AND ACCOUNTABILITY |
| 4.3.3 Ensure sudo log file exists | CIS Rocky Linux 8 Server L1 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.1 Ensure changes to system administration scope (sudoers) is collected | CIS Red Hat EL8 Workstation L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.4 Ensure events that modify date and time information are collected | CIS Red Hat EL8 Workstation L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.5 Ensure events that modify the system's network environment are collected | CIS Rocky Linux 8 Workstation L2 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.6 Ensure use of privileged commands are collected | CIS Rocky Linux 8 Server L2 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.7 Ensure unsuccessful file access attempts are collected | CIS Rocky Linux 8 Workstation L2 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.8 Ensure events that modify user/group information are collected | CIS Red Hat EL8 Workstation L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.5 Ensure SSH MaxAuthTries is set to 4 or less | CIS SUSE Linux Enterprise Server 11 L1 v2.1.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.1 Ensure 'Log_error_verbosity' Database Flag for Cloud SQL PostgreSQL Instance Is Set to 'DEFAULT' or Stricter | CIS Google Cloud Platform v3.0.0 L2 | GCP | AUDIT AND ACCOUNTABILITY |
| 6.2.3.2 Ensure actions as another user are always logged | CIS Ubuntu Linux 24.04 LTS v1.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.3.2 Ensure actions as another user are always logged | CIS Ubuntu Linux 24.04 LTS v1.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.3.14 Ensure events that modify the system's Mandatory Access Controls are collected | CIS Ubuntu Linux 24.04 LTS v1.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.3.21 Ensure the running and on disk configuration is the same | CIS Ubuntu Linux 24.04 LTS v1.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.6 Ensure 'Log_min_error_statement' Database Flag for Cloud SQL PostgreSQL Instance Is Set to 'Error' or Stricter | CIS Google Cloud Platform v3.0.0 L1 | GCP | AUDIT AND ACCOUNTABILITY |
| 17.6.1 (L1) Ensure 'Audit Other Object Access Events' is set to 'Success and Failure' | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC | Windows | AUDIT AND ACCOUNTABILITY |
| 17.6.3 (L1) Ensure 'Audit Other Object Access Events' is set to 'Success and Failure' | CIS Windows Server 2012 MS L1 v3.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 17.6.3 (L1) Ensure 'Audit Other Object Access Events' is set to 'Success and Failure' | CIS Windows Server 2012 R2 MS L1 v3.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 17.9.2 (L1) Ensure 'Audit Other System Events' is set to 'Success and Failure' | CIS Windows Server 2012 R2 MS L1 v3.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
