| AS24-U1-000730 - The Apache web server must be configured to integrate with an organizations security infrastructure. | DISA STIG Apache Server 2.4 Unix Server v3r1 | Unix | AUDIT AND ACCOUNTABILITY |
| AS24-U1-000730 - The Apache web server must be configured to integrate with an organizations security infrastructure. | DISA STIG Apache Server 2.4 Unix Server v3r1 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| AS24-W1-000730 - The Apache web server must be configurable to integrate with an organizations security infrastructure. | DISA STIG Apache Server 2.4 Windows Server v2r3 | Windows | AUDIT AND ACCOUNTABILITY |
| CD12-00-011300 - PostgreSQL must off-load audit data to a separate log management facility; this must be continuous and in near real time for systems with a network connection to the storage facility and weekly or more often for stand-alone systems. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| EPAS-00-013000 - The EDB Postgres Advanced Server must off-load audit data to a separate log management facility; this must be continuous and in near real time for systems with a network connection to the storage facility and weekly or more often for stand-alone systems. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| ESXI-06-400004 - The VMM must off-load audit records onto a different system or media than the system being audited by configuring remote logging. | DISA STIG VMware vSphere 6.x ESXi v1r5 | VMware | AUDIT AND ACCOUNTABILITY |
| ESXI-06-500004 - The VMM must, at a minimum, off-load interconnected systems in real time and off-load standalone systems weekly by configuring remote logging. | DISA STIG VMware vSphere 6.x ESXi v1r5 | VMware | AUDIT AND ACCOUNTABILITY |
| FNFG-FW-000100 - The FortiGate firewall must send traffic log entries to a central audit server for management and configuration of the traffic log entries. | DISA Fortigate Firewall STIG v1r3 | FortiGate | AUDIT AND ACCOUNTABILITY |
| MYS8-00-009700 - The MySQL Database Server 8.0 must off-load audit data to a separate log management facility; this must be continuous and in near real time for systems with a network connection to the storage facility and weekly or more often for stand-alone systems. | DISA Oracle MySQL 8.0 v2r1 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| OL07-00-030211 - The Oracle Linux operating system must label all off-loaded audit logs before sending them to the central log server. | DISA Oracle Linux 7 STIG v2r14 | Unix | AUDIT AND ACCOUNTABILITY |
| OL08-00-030062 - OL 8 must label all offloaded audit logs before sending them to the central log server. | DISA Oracle Linux 8 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| OL08-00-030690 - The OL 8 audit records must be offloaded onto a different system or storage media from the system being audited. | DISA Oracle Linux 8 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| OL08-00-030700 - OL 8 must take appropriate action when the internal event queue is full. | DISA Oracle Linux 8 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| OL08-00-030710 - OL 8 must encrypt the transfer of audit records offloaded onto a different system or media from the system being audited. | DISA Oracle Linux 8 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| OL08-00-030720 - OL 8 must authenticate the remote logging server for offloading audit logs. | DISA Oracle Linux 8 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-67-000129 - The Photon operating system must be configured to offload audit logs to a syslog server. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
| RHEL-08-030062 - RHEL 8 must label all off-loaded audit logs before sending them to the central log server. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030690 - The RHEL 8 audit records must be off-loaded onto a different system or storage media from the system being audited. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030700 - RHEL 8 must take appropriate action when the internal event queue is full. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030710 - RHEL 8 must encrypt the transfer of audit records off-loaded onto a different system or media from the system being audited. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-652040 - RHEL 9 must authenticate the remote logging server for offloading audit logs via rsyslog. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-652045 - RHEL 9 must encrypt the transfer of audit records offloaded onto a different system or media from the system being audited via rsyslog. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-652055 - RHEL 9 must be configured to forward audit records via TCP to a different system or media from the system being audited via rsyslog. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| RHEL-09-653030 - RHEL 9 must allocate audit record storage capacity to store at least one week's worth of audit records. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-653060 - RHEL 9 must label all offloaded audit logs before sending them to the central log server. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-653065 - RHEL 9 must take appropriate action when the internal event queue is full. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-653130 - RHEL 9 audispd-plugins package must be installed. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| SLES-15-010580 - The SUSE operating system must off-load rsyslog messages for networked systems in real time and off-load standalone systems at least weekly. | DISA SLES 15 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| SLES-15-030670 - The audit-audispd-plugins must be installed on the SUSE operating system. | DISA SLES 15 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| SPLK-CL-000150 - Splunk Enterprise must be configured to offload log records onto a different system or media than the system being audited. | DISA STIG Splunk Enterprise 8.x for Linux v2r1 STIG REST API | Splunk | AUDIT AND ACCOUNTABILITY |
| SYMP-AG-000220 - Symantec ProxySG must be configured to send the access logs to the centralized log server continuously. | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | AUDIT AND ACCOUNTABILITY |
| SYMP-NM-000080 - Symantec ProxySG must be configured to support centralized management and configuration of the audit log - enable | DISA Symantec ProxySG Benchmark NDM v1r2 | BlueCoat | AUDIT AND ACCOUNTABILITY |
| SYMP-NM-000080 - Symantec ProxySG must be configured to support centralized management and configuration of the audit log - Syslog IP | DISA Symantec ProxySG Benchmark NDM v1r2 | BlueCoat | AUDIT AND ACCOUNTABILITY |
| UBTU-20-010216 - The Ubuntu operating system audit event multiplexor must be configured to off-load audit logs onto a different system or storage media from the system being audited. | DISA STIG Ubuntu 20.04 LTS v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-20-010300 - The Ubuntu operating system must have a crontab script running weekly to offload audit events of standalone systems. | DISA STIG Ubuntu 20.04 LTS v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-22-651035 - Ubuntu 22.04 LTS must have a crontab script running weekly to offload audit events of standalone systems. | DISA STIG Canonical Ubuntu 22.04 LTS v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| VCFL-67-000027 - Rsyslog must be configured to monitor and ship vSphere Client log files - access | DISA STIG VMware vSphere 6.7 Virgo Client v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| VCFL-67-000027 - Rsyslog must be configured to monitor and ship vSphere Client log files - runtime | DISA STIG VMware vSphere 6.7 Virgo Client v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| VCLU-80-000081 The vCenter Lookup service must offload log records onto a different system or media from the system being logged. | DISA VMware vSphere 8.0 vCenter Appliance Lookup Service STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| VCPF-80-000081 The vCenter Perfcharts service must offload log records onto a different system or media from the system being logged. | DISA VMware vSphere 8.0 vCenter Appliance Perfcharts STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| VCRP-67-000009 - The rhttpproxy log files must be moved to a permanent repository in accordance with site policy. | DISA STIG VMware vSphere 6.7 RhttpProxy v1r3 | Unix | AUDIT AND ACCOUNTABILITY |
| VCRP-70-000007 - Envoy (rhttpproxy) log files must be shipped via syslog to a central log server. | DISA STIG VMware vSphere 7.0 RhttpProxy v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| VCRP-70-000008 - Envoy log files must be shipped via syslog to a central log server | DISA STIG VMware vSphere 7.0 RhttpProxy v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| VCSA-70-000280 - The vCenter server must be configured to send events to a central log server. | DISA STIG VMware vSphere 7.0 vCenter v1r3 | VMware | AUDIT AND ACCOUNTABILITY |
| VCST-80-000081 The vCenter STS service must offload log records onto a different system or media from the system being logged. | DISA VMware vSphere 8.0 vCenter Appliance Secure Token Service (STS) STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| VCUI-80-000081 The vCenter UI service must offload log records onto a different system or media from the system being logged. | DISA VMware vSphere 8.0 vCenter Appliance User Interface (UI) STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| WN16-AU-000020 - Windows Server 2016 must, at a minimum, offload audit records of interconnected systems in real time and offload standalone or nondomain-joined systems weekly. | DISA Windows Server 2016 STIG v2r9 | Windows | AUDIT AND ACCOUNTABILITY |
| WN19-AU-000020 - Windows Server 2019 must, at a minimum, offload audit records of interconnected systems in real time and offload standalone or nondomain-joined systems weekly. | DISA Windows Server 2019 STIG v3r2 | Windows | AUDIT AND ACCOUNTABILITY |
| WN22-AU-000010 - Windows Server 2022 audit records must be backed up to a different system or media than the system being audited. | DISA Windows Server 2022 STIG v2r2 | Windows | AUDIT AND ACCOUNTABILITY |
| WN22-AU-000020 - Windows Server 2022 must, at a minimum, offload audit records of interconnected systems in real time and offload standalone or nondomain-joined systems weekly. | DISA Windows Server 2022 STIG v2r2 | Windows | AUDIT AND ACCOUNTABILITY |
