| ALMA-09-054250 - AlmaLinux OS 9 must take appropriate action when a critical audit processing failure occurs. | DISA CloudLinux AlmaLinux OS 9 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| ALMA-09-054360 - AlmaLinux OS 9 audit system must make full use of the audit storage space. | DISA CloudLinux AlmaLinux OS 9 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| ALMA-09-054470 - AlmaLinux OS 9 audit system must take appropriate action when the audit files have reached maximum size. | DISA CloudLinux AlmaLinux OS 9 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| ALMA-09-054580 - AlmaLinux OS 9 audit system must retain an optimal number of audit records. | DISA CloudLinux AlmaLinux OS 9 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-12-001010 - The macOS system must shut down by default upon audit failure (unless availability is an overriding concern). | DISA STIG Apple macOS 12 v1r9 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-14-001010 The macOS system must configure system to shut down upon audit failure. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-15-001031 - The macOS system must configure audit failure notification. | DISA Apple macOS 15 (Sequoia) STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| CASA-FW-000090 - The Cisco ASA must be configured to queue log records locally in the event that the central audit server is down or not reachable - Queue | DISA STIG Cisco ASA FW v2r1 | Cisco | AUDIT AND ACCOUNTABILITY |
| CD12-00-002800 - PostgreSQL must be configurable to overwrite audit log records, oldest first (First-In-First-Out [FIFO]), in the event of unavailability of space for more audit log records. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| DB2X-00-001900 - Unless it has been determined that availability is paramount, DB2 must, upon audit failure, cease all auditable activity. | DISA STIG IBM DB2 v10.5 LUW v2r1 Database | IBM_DB2DB | AUDIT AND ACCOUNTABILITY |
| DTAM036 - McAfee VirusScan On-Delivery Email Scan Policies log file size must be restricted and be configured to be at least 10MB - bLimitSize | DISA McAfee VirusScan 8.8 Managed Client STIG v6r1 | Windows | AUDIT AND ACCOUNTABILITY |
| DTAM036 - McAfee VirusScan On-Delivery Email Scan Policies log file size must be restricted and be configured to be at least 10MB - dwMaxLogSizeMB | DISA McAfee VirusScan 8.8 Managed Client STIG v6r1 | Windows | AUDIT AND ACCOUNTABILITY |
| DTAM036 - McAfee VirusScan On-Delivery Email Scanner log file size must be restricted and be configured to be at least 10MB - bLimitSize | DISA McAfee VirusScan 8.8 Local Client STIG v6r1 | Windows | AUDIT AND ACCOUNTABILITY |
| DTAM036 - McAfee VirusScan On-Delivery Email Scanner log file size must be restricted and be configured to be at least 10MB - dwMaxLogSizeMB | DISA McAfee VirusScan 8.8 Local Client STIG v6r1 | Windows | AUDIT AND ACCOUNTABILITY |
| DTAM140 - McAfee VirusScan Access Protection log file size must be restricted and be configured to at least 10MB - bLimitSize | DISA McAfee VirusScan 8.8 Managed Client STIG v6r1 | Windows | AUDIT AND ACCOUNTABILITY |
| DTAM140 - McAfee VirusScan Access Protection log file size must be restricted and be configured to at least 10MB - dwMaxLogSizeMB | DISA McAfee VirusScan 8.8 Managed Client STIG v6r1 | Windows | AUDIT AND ACCOUNTABILITY |
| DTAM140 - McAfee VirusScan Access Protection Reports log file size must be restricted and be configured to at least 10MB. - bLimitSize | DISA McAfee VirusScan 8.8 Local Client STIG v6r1 | Windows | AUDIT AND ACCOUNTABILITY |
| DTAM140 - McAfee VirusScan Access Protection Reports log file size must be restricted and be configured to at least 10MB. - dwMaxLogSizeMB | DISA McAfee VirusScan 8.8 Local Client STIG v6r1 | Windows | AUDIT AND ACCOUNTABILITY |
| EP11-00-002400 - The EDB Postgres Advanced Server must be configurable to overwrite audit log records, oldest first (First-In-First-Out - FIFO), in the event of unavailability of space for more audit log records. | EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r4 | Windows | AUDIT AND ACCOUNTABILITY |
| FNFG-FW-000045 - In the event that communication with the central audit server is lost, the FortiGate firewall must continue to queue traffic log records locally. - disk status|diskfull | DISA Fortigate Firewall STIG v1r3 | FortiGate | AUDIT AND ACCOUNTABILITY |
| FNFG-FW-000045 - In the event that communication with the central audit server is lost, the FortiGate firewall must continue to queue traffic log records locally. - fortianalyzer|syslogd server | DISA Fortigate Firewall STIG v1r3 | FortiGate | AUDIT AND ACCOUNTABILITY |
| JUSX-AG-000063 - In the event that communications with the Syslog server is lost, the Juniper SRX Services Gateway must continue to queue traffic log records locally. | DISA Juniper SRX Services Gateway ALG v3r2 | Juniper | AUDIT AND ACCOUNTABILITY |
| MADB-10-001700 - MariaDB must by default shut down upon audit failure, to include the unavailability of space for more audit log records; or must be configurable to shut down upon audit failure. | DISA MariaDB Enterprise 10.x v2r2 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| OL6-00-000510 - The audit system must take appropriate action when the audit storage volume is full. | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000511 - The audit system must take appropriate action when there are disk errors on the audit storage volume. | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL08-00-030060 - The OL 8 audit system must take appropriate action when the audit storage volume is full. | DISA Oracle Linux 8 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| PANW-IP-000010 - In the event of a logging failure caused by the lack of audit record storage capacity, the Palo Alto Networks security platform must continue generating and storing audit records if possible, overwriting the oldest audit records in a first-in-first-out manner. | DISA STIG Palo Alto IDPS v3r1 | Palo_Alto | AUDIT AND ACCOUNTABILITY |
| PHTN-67-000014 - The Photon operating system audit log must attempt to log audit failures to syslog - disk_error_action | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000510 - The audit system must take appropriate action when the audit storage volume is full. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030040 - The RHEL 8 System must take appropriate action when an audit processing failure occurs. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030060 - The RHEL 8 audit system must take appropriate action when the audit storage volume is full. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-653025 - RHEL 9 audit system must take appropriate action when the audit storage volume is full. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-653055 - RHEL 9 audit system must take appropriate action when the audit files have reached maximum size. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-654265 - RHEL 9 must take appropriate action when a critical audit processing failure occurs. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| SLES-12-020060 - The SUSE operating system audit system must take appropriate action when the audit storage volume is full. | DISA SLES 12 STIG v3r1 | Unix | AUDIT AND ACCOUNTABILITY |
| SLES-15-030590 - The SUSE operating system audit system must take appropriate action when the audit storage volume is full. | DISA SLES 15 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| SOL-11.1-010420 - The operating system must shut down by default upon audit failure (unless availability is an overriding concern). | DISA STIG Solaris 11 X86 v3r1 | Unix | AUDIT AND ACCOUNTABILITY |
| SQL4-00-013000 - Unless it has been determined that availability is paramount, SQL Server must shut down upon the failure of an Audit, or a Trace used for auditing purposes, to include the unavailability of space for more audit/trace log records. | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| UBTU-22-653030 - Ubuntu 22.04 LTS must shut down by default upon audit failure. | DISA Canonical Ubuntu 22.04 LTS STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| VCPG-67-000004 - VMware Postgres must be configured to overwrite older logs when necessary. | DISA STIG VMware vSphere 6.7 PostgreSQL v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| VCPG-70-000004 - VMware Postgres must be configured to overwrite older logs when necessary. | DISA STIG VMware vSphere 7.0 PostgreSQL v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| WBLC-02-000086 - Oracle WebLogic must notify administrative personnel as a group in the event of audit processing failure - Module-HealthState | Oracle WebLogic Server 12c Linux v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| WBLC-02-000086 - Oracle WebLogic must notify administrative personnel as a group in the event of audit processing failure - Module-HealthState | Oracle WebLogic Server 12c Windows v2r1 | Windows | AUDIT AND ACCOUNTABILITY |
| WBLC-02-000086 - Oracle WebLogic must notify administrative personnel as a group in the event of audit processing failure - SMTP Notification | Oracle WebLogic Server 12c Linux v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| WBLC-02-000086 - Oracle WebLogic must notify administrative personnel as a group in the event of audit processing failure - SMTP Notification | Oracle WebLogic Server 12c Linux v2r1 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| WBSP-AS-000660 - The WebSphere Application Server must shut down by default upon log failure (unless availability is an overriding concern). | DISA IBM WebSphere Traditional 9 Windows STIG v1r1 | Windows | AUDIT AND ACCOUNTABILITY |
| WBSP-AS-000660 - The WebSphere Application Server must shut down by default upon log failure (unless availability is an overriding concern). | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| WNFWA-000009 - Windows Defender Firewall with Advanced Security log size must be configured for domain connections. | DISA Microsoft Windows Firewall v2r2 | Windows | AUDIT AND ACCOUNTABILITY |
| WNFWA-000017 - Windows Defender Firewall with Advanced Security log size must be configured for private network connections. | DISA Microsoft Windows Firewall v2r2 | Windows | AUDIT AND ACCOUNTABILITY |
| WNFWA-000027 - Windows Defender Firewall with Advanced Security log size must be configured for public network connections. | DISA Microsoft Windows Firewall v2r2 | Windows | AUDIT AND ACCOUNTABILITY |
