| 4.1.3.20 Ensure audit the umount command | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.3.21 Ensure audit of postdrop command | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.3.22 Ensure audit of postqueue command. | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.3.37 Ensure audit of the mount command and syscall | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.3.37 Ensure audit of the mount command and syscall - 32 bit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.3.37 Ensure audit of the mount command and syscall - 64 bit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| AIX7-00-002006 - AIX must produce audit records containing the full-text recording of privileged commands. | DISA STIG AIX 7.x v2r9 | Unix | AUDIT AND ACCOUNTABILITY |
| AMLS-NM-000200 - The Arista Multilayer Switch must generate audit records containing the full-text recording of privileged commands. | DISA STIG Arista MLS DCS-7000 Series NDM v1r4 | Arista | AUDIT AND ACCOUNTABILITY |
| CISC-ND-000330 - The Cisco router must be configured to generate audit records containing the full-text recording of privileged commands. | DISA STIG Cisco IOS Router NDM v3r1 | Cisco | AUDIT AND ACCOUNTABILITY |
| CISC-ND-000330 - The Cisco router must be configured to generate audit records containing the full-text recording of privileged commands. | DISA STIG Cisco IOS XE Router NDM v3r1 | Cisco | AUDIT AND ACCOUNTABILITY |
| CISC-ND-000330 - The Cisco switch must be configured to generate audit records containing the full-text recording of privileged commands. | DISA STIG Cisco NX-OS Switch NDM v3r1 | Cisco | AUDIT AND ACCOUNTABILITY |
| CISC-ND-000330 - The Cisco switch must be configured to generate audit records containing the full-text recording of privileged commands. | DISA STIG Cisco IOS XE Switch NDM v3r1 | Cisco | AUDIT AND ACCOUNTABILITY |
| CISC-ND-000330 - The Cisco switch must be configured to generate audit records containing the full-text recording of privileged commands. | DISA STIG Cisco IOS Switch NDM v3r1 | Cisco | AUDIT AND ACCOUNTABILITY |
| DB2X-00-001800 - DB2 must include additional, more detailed, organization-defined information in the audit records for audit events identified by type, location, or subject. | DISA STIG IBM DB2 v10.5 LUW v2r1 Database | IBM_DB2DB | AUDIT AND ACCOUNTABILITY |
| EP11-00-002200 - The EDB Postgres Advanced Server must include additional, more detailed, organization-defined information in the audit records for audit events identified by type, location, or subject. | EDB PostgreSQL Advanced Server v11 DB Audit v2r4 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| JUNI-ND-000330 - The Juniper router must be configured to generate audit records containing the full-text recording of privileged commands. | DISA STIG Juniper Router NDM v3r1 | Juniper | AUDIT AND ACCOUNTABILITY |
| JUSX-DM-000055 - The Juniper SRX Services Gateway must generate log records containing the full-text recording of privileged commands. | DISA Juniper SRX Services Gateway NDM v3r1 | Juniper | AUDIT AND ACCOUNTABILITY |
| O112-C2-008000 - The DBMS must include organization-defined additional, more detailed information in the audit records for audit events identified by type, location, or subject. | DISA STIG Oracle 11.2g v2r5 Database | OracleDB | AUDIT AND ACCOUNTABILITY |
| O121-C2-008000 - The DBMS must include organization-defined additional, more detailed information in the audit records for audit events identified by type, location, or subject. | DISA STIG Oracle 12c v3r1 Database | OracleDB | AUDIT AND ACCOUNTABILITY |
| OL07-00-030630 - The Oracle Linux operating system must audit all uses of the passwd command. | DISA Oracle Linux 7 STIG v2r14 | Unix | AUDIT AND ACCOUNTABILITY |
| OL07-00-030640 - The Oracle Linux operating system must audit all uses of the unix_chkpwd command. | DISA Oracle Linux 7 STIG v2r14 | Unix | AUDIT AND ACCOUNTABILITY |
| OL07-00-030650 - The Oracle Linux operating system must audit all uses of the gpasswd command. | DISA Oracle Linux 7 STIG v2r14 | Unix | AUDIT AND ACCOUNTABILITY |
| OL07-00-030660 - The Oracle Linux operating system must audit all uses of the chage command. | DISA Oracle Linux 7 STIG v2r14 | Unix | AUDIT AND ACCOUNTABILITY |
| OL07-00-030670 - The Oracle Linux operating system must audit all uses of the userhelper command. | DISA Oracle Linux 7 STIG v2r14 | Unix | AUDIT AND ACCOUNTABILITY |
| OL07-00-030750 - The Oracle Linux operating system must audit all uses of the umount command. | DISA Oracle Linux 7 STIG v2r14 | Unix | AUDIT AND ACCOUNTABILITY |
| OL07-00-030760 - The Oracle Linux operating system must audit all uses of the postdrop command. | DISA Oracle Linux 7 STIG v2r14 | Unix | AUDIT AND ACCOUNTABILITY |
| OL07-00-030770 - The Oracle Linux operating system must audit all uses of the postqueue command. | DISA Oracle Linux 7 STIG v2r14 | Unix | AUDIT AND ACCOUNTABILITY |
| OL07-00-030780 - The Oracle Linux operating system must audit all uses of the ssh-keysign command. | DISA Oracle Linux 7 STIG v2r14 | Unix | AUDIT AND ACCOUNTABILITY |
| OL07-00-030800 - The Oracle Linux operating system must audit all uses of the crontab command. | DISA Oracle Linux 7 STIG v2r14 | Unix | AUDIT AND ACCOUNTABILITY |
| PGS9-00-003500 - PostgreSQL must include additional, more detailed, organization-defined information in the audit records for audit events identified by type, location, or subject. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PHTN-40-000019 The Photon operating system must be configured to audit the execution of privileged functions. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| PHTN-67-000012 - The Photon operating system must be configured to audit the execution of privileged functions - gid 32 | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| PHTN-67-000012 - The Photon operating system must be configured to audit the execution of privileged functions - gid 64 | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| PHTN-67-000012 - The Photon operating system must be configured to audit the execution of privileged functions - uid 32 | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| PHTN-67-000012 - The Photon operating system must be configured to audit the execution of privileged functions - uid 64 | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| PPS9-00-002200 - The EDB Postgres Advanced Server must include additional, more detailed, organization-defined information in the audit records for audit events identified by type, location, or subject. | EDB PostgreSQL Advanced Server DB Audit v2r3 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-012400 - SQL Server must include organization-defined additional, more detailed information in Trace or Audit records for events identified by type, location, or subject. | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL6-D0-005500 - SQL Server must include additional, more detailed, organization-defined information in the audit records for audit events identified by type, location, or subject. | DISA STIG SQL Server 2016 Instance DB Audit v3r1 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| WN10-CC-000066 - Command line data must be included in process creation events. | DISA Windows 10 STIG v3r2 | Windows | AUDIT AND ACCOUNTABILITY |
| WN10-CC-000326 - PowerShell script block logging must be enabled on Windows 10. | DISA Windows 10 STIG v3r2 | Windows | AUDIT AND ACCOUNTABILITY |
| WN12-00-000210 - PowerShell script block logging must be enabled on Windows 2012/2012 R2 - Enabled | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | AUDIT AND ACCOUNTABILITY |
| WN12-00-000210 - PowerShell script block logging must be enabled on Windows 2012/2012 R2 - Enabled | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | AUDIT AND ACCOUNTABILITY |
| WN12-00-000210 - PowerShell script block logging must be enabled on Windows 2012/2012 R2 - Patch | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | AUDIT AND ACCOUNTABILITY |
| WN12-00-000210 - PowerShell script block logging must be enabled on Windows 2012/2012 R2 - Patch | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | AUDIT AND ACCOUNTABILITY |
| WN12-CC-000139 - Windows 2012 R2 must include command line data in process creation events. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | AUDIT AND ACCOUNTABILITY |
| WN12-CC-000139 - Windows 2012 R2 must include command line data in process creation events. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | AUDIT AND ACCOUNTABILITY |
| WN16-CC-000100 - Command line data must be included in process creation events. | DISA Windows Server 2016 STIG v2r9 | Windows | AUDIT AND ACCOUNTABILITY |
| WN16-CC-000490 - PowerShell script block logging must be enabled. | DISA Windows Server 2016 STIG v2r9 | Windows | AUDIT AND ACCOUNTABILITY |
| WN19-CC-000090 - Windows Server 2019 command line data must be included in process creation events. | DISA Windows Server 2019 STIG v3r2 | Windows | AUDIT AND ACCOUNTABILITY |
| WN19-CC-000460 - Windows Server 2019 PowerShell script block logging must be enabled. | DISA Windows Server 2019 STIG v3r2 | Windows | AUDIT AND ACCOUNTABILITY |
