| ARST-RT-000230 - The Arista router must be configured to produce audit records containing information to establish where the events occurred. | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | AUDIT AND ACCOUNTABILITY |
| AS24-U1-000130 - An Apache web server, behind a load balancer or proxy server, must produce log records containing the client IP information as the source and destination and not the load balancer or proxy IP information with each event. | DISA STIG Apache Server 2.4 Unix Server v3r1 | Unix | AUDIT AND ACCOUNTABILITY |
| AS24-U1-000130 - An Apache web server, behind a load balancer or proxy server, must produce log records containing the client IP information as the source and destination and not the load balancer or proxy IP information with each event. | DISA STIG Apache Server 2.4 Unix Server v3r1 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| AS24-W1-000130 - An Apache web server, behind a load balancer or proxy server, must produce log records containing the client IP information as the source and destination and not the load balancer or proxy IP information with each event. | DISA STIG Apache Server 2.4 Windows Server v2r3 | Windows | AUDIT AND ACCOUNTABILITY |
| AS24-W1-000130 - An Apache web server, behind a load balancer or proxy server, must produce log records containing the client IP information as the source and destination and not the load balancer or proxy IP information with each event. | DISA STIG Apache Server 2.4 Windows Server v3r1 | Windows | AUDIT AND ACCOUNTABILITY |
| CASA-ND-000290 - The Cisco ASA must be configured to produce audit log records containing information to establish the source of events - buffered informational | DISA STIG Cisco ASA NDM v2r1 | Cisco | AUDIT AND ACCOUNTABILITY |
| CISC-RT-000220 - The Cisco router must be configured to produce audit records containing information to establish the source of the events. | DISA STIG Cisco IOS XE Router RTR v3r1 | Cisco | AUDIT AND ACCOUNTABILITY |
| CISC-RT-000220 - The Cisco router must be configured to produce audit records containing information to establish the source of the events. | DISA STIG Cisco IOS-XR Router RTR v3r1 | Cisco | AUDIT AND ACCOUNTABILITY |
| CISC-RT-000220 - The Cisco router must be configured to produce audit records containing information to establish the source of the events. | DISA STIG Cisco IOS Router RTR v3r1 | Cisco | AUDIT AND ACCOUNTABILITY |
| CISC-RT-000220 - The Cisco switch must be configured to produce audit records containing information to establish the source of the events. | DISA STIG Cisco IOS XE Switch RTR v3r1 | Cisco | AUDIT AND ACCOUNTABILITY |
| CISC-RT-000220 - The Cisco switch must be configured to produce audit records containing information to establish the source of the events. | DISA STIG Cisco IOS Switch RTR v3r1 | Cisco | AUDIT AND ACCOUNTABILITY |
| EX13-MB-000035 - Exchange Circular Logging must be disabled. | DISA Microsoft Exchange 2013 Mailbox Server STIG v2r3 | Windows | AUDIT AND ACCOUNTABILITY |
| EX13-MB-000040 - Exchange Email Subject Line logging must be disabled. | DISA Microsoft Exchange 2013 Mailbox Server STIG v2r3 | Windows | AUDIT AND ACCOUNTABILITY |
| EX13-MB-000045 - Exchange Message Tracking Logging must be enabled. | DISA Microsoft Exchange 2013 Mailbox Server STIG v2r3 | Windows | AUDIT AND ACCOUNTABILITY |
| EX16-MB-000070 - Exchange Circular Logging must be disabled. | DISA Microsoft Exchange 2016 Mailbox Server STIG v2r6 | Windows | AUDIT AND ACCOUNTABILITY |
| EX16-MB-000080 - Exchange Email Subject Line logging must be disabled. | DISA Microsoft Exchange 2016 Mailbox Server STIG v2r6 | Windows | AUDIT AND ACCOUNTABILITY |
| EX16-MB-000090 - Exchange Message Tracking Logging must be enabled. | DISA Microsoft Exchange 2016 Mailbox Server STIG v2r6 | Windows | AUDIT AND ACCOUNTABILITY |
| FNFG-FW-000035 - The FortiGate firewall must generate traffic log entries containing information to establish the source of the events, such as the source IP address at a minimum. | DISA Fortigate Firewall STIG v1r3 | FortiGate | AUDIT AND ACCOUNTABILITY |
| IIST-SI-000208 - An IIS 10.0 website behind a load balancer or proxy server must produce log records containing the source client IP, and destination information. | DISA IIS 10.0 Site v2r9 | Windows | AUDIT AND ACCOUNTABILITY |
| IIST-SV-000109 - An IIS 10.0 web server behind a load balancer or proxy server must produce log records containing the source client IP and destination information. | DISA IIS 10.0 Server v2r10 | Windows | AUDIT AND ACCOUNTABILITY |
| IIST-SV-000109 - An IIS 10.0 web server behind a load balancer or proxy server must produce log records containing the source client IP and destination information. | DISA IIS 10.0 Server v3r1 | Windows | AUDIT AND ACCOUNTABILITY |
| IISW-SI-000208 - An IIS 8.5 website behind a load balancer or proxy server, must produce log records containing the source client IP and destination information. | DISA IIS 8.5 Site v2r9 | Windows | AUDIT AND ACCOUNTABILITY |
| IISW-SV-000109 - An IIS 8.5 web server behind a load balancer or proxy server, must produce log records containing the source client IP and destination information. | DISA IIS 8.5 Server v2r7 | Windows | AUDIT AND ACCOUNTABILITY |
| JBOS-AS-000125 - JBoss must be configured to record the IP address and port information used by management interface network traffic. | DISA RedHat JBoss EAP 6.3 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| JUNI-RT-000220 - The Juniper router must be configured to produce audit records containing information to establish the source of the events. | DISA STIG Juniper Router RTR v3r1 | Juniper | AUDIT AND ACCOUNTABILITY |
| O112-C2-007700 - The DBMS must produce audit records containing sufficient information to establish the sources (origins) of the events. | DISA STIG Oracle 11.2g v2r5 Database | OracleDB | AUDIT AND ACCOUNTABILITY |
| O121-C2-007700 - The DBMS must produce audit records containing sufficient information to establish the sources (origins) of the events. | DISA STIG Oracle 12c v3r1 Database | OracleDB | AUDIT AND ACCOUNTABILITY |
| OH12-1X-000060 - OHS must have a log format defined for log records that allow the establishment of the source of events. | DISA STIG Oracle HTTP Server 12.1.3 v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| OH12-1X-000061 - OHS must have a SSL log format defined for log records that allow the establishment of the source of events. | DISA STIG Oracle HTTP Server 12.1.3 v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| OH12-1X-000062 - OHS must have a log file defined for each site/virtual host to capture logs generated that allow the establishment of the source of events. | DISA STIG Oracle HTTP Server 12.1.3 v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| OH12-1X-000063 - OHS, behind a load balancer or proxy server, must produce log records containing the client IP information as the source and destination and not the load balancer or proxy IP information with each event. | DISA STIG Oracle HTTP Server 12.1.3 v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| OH12-1X-000064 - OHS, behind a load balancer or proxy server, must have the SSL log format set correctly to produce log records containing the client IP information as the source and destination and not the load balancer or proxy IP information with each event. | DISA STIG Oracle HTTP Server 12.1.3 v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| OH12-1X-000065 - OHS, behind a load balancer or proxy server, must have a log file defined for each site/virtual host to produce log records containing the client IP information as the source and destination and not the load balancer or proxy IP information with each event. | DISA STIG Oracle HTTP Server 12.1.3 v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| PANW-AG-000024 - The Palo Alto Networks security platform must log violations of security policies. | DISA STIG Palo Alto ALG v3r1 | Palo_Alto | AUDIT AND ACCOUNTABILITY |
| PANW-IP-000007 - The Palo Alto Networks security platform must produce audit records containing information to establish the source of the event, including, at a minimum, originating source address. | DISA STIG Palo Alto IDPS v3r1 | Palo_Alto | AUDIT AND ACCOUNTABILITY |
| PANW-NM-000029 - The Palo Alto Networks security platform must produce audit log records containing information (FQDN, unique hostname, management IP address) to establish the source of events - 'Hostname' | DISA STIG Palo Alto NDM v3r1 | Palo_Alto | AUDIT AND ACCOUNTABILITY |
| PANW-NM-000029 - The Palo Alto Networks security platform must produce audit log records containing information (FQDN, unique hostname, management IP address) to establish the source of events - 'Send Hostname in Syslog' | DISA STIG Palo Alto NDM v3r1 | Palo_Alto | AUDIT AND ACCOUNTABILITY |
| PGS9-00-008800 - PostgreSQL must produce audit records containing sufficient information to establish the sources (origins) of the events. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PHTN-30-000010 - The Photon operating system must configure auditd to log to disk. | DISA STIG VMware vSphere 7.0 Photon OS v1r3 | Unix | AUDIT AND ACCOUNTABILITY |
| PPS9-00-001900 - The EDB Postgres Advanced Server must produce audit records containing sufficient information to establish the sources (origins) of the events - origins of the events. | EDB PostgreSQL Advanced Server DB Audit v2r3 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| SOL-11.1-010170 - Audit records must include the sources of the events that occurred. | DISA STIG Solaris 11 X86 v3r1 | Unix | AUDIT AND ACCOUNTABILITY |
| SOL-11.1-010170 - Audit records must include the sources of the events that occurred. | DISA STIG Solaris 11 SPARC v3r1 | Unix | AUDIT AND ACCOUNTABILITY |
| SQL2-00-012100 - SQL Server must produce audit records containing sufficient information to establish the sources (origins) of the events - 'Event ID 129' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-012100 - SQL Server must produce audit records containing sufficient information to establish the sources (origins) of the events - 'Event ID 130' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-012100 - SQL Server must produce audit records containing sufficient information to establish the sources (origins) of the events - 'Event ID 135' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-012100 - SQL Server must produce audit records containing sufficient information to establish the sources (origins) of the events - 'Event ID 173' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-012100 - SQL Server must produce Trace or Audit records containing sufficient information to establish the sources (origins) of the events - origins of the events. | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| WBLC-02-000078 - Oracle WebLogic must produce audit records containing sufficient information to establish the sources of the events. | Oracle WebLogic Server 12c Linux v2r1 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| WBLC-02-000078 - Oracle WebLogic must produce audit records containing sufficient information to establish the sources of the events. | Oracle WebLogic Server 12c Windows v2r1 | Windows | AUDIT AND ACCOUNTABILITY |
| WBLC-02-000078 - Oracle WebLogic must produce audit records containing sufficient information to establish the sources of the events. | Oracle WebLogic Server 12c Linux v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
