| 1.212 OL08-00-030062 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | AUDIT AND ACCOUNTABILITY |
| 1.278 OL08-00-030690 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | AUDIT AND ACCOUNTABILITY |
| 1.279 OL08-00-030700 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | AUDIT AND ACCOUNTABILITY |
| 1.281 OL08-00-030720 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | AUDIT AND ACCOUNTABILITY |
| 1.363 RHEL-09-652045 | CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II | Unix | AUDIT AND ACCOUNTABILITY |
| 1.364 RHEL-09-652050 | CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II | Unix | AUDIT AND ACCOUNTABILITY |
| 1.365 RHEL-09-652055 | CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II | Unix | AUDIT AND ACCOUNTABILITY |
| 1.378 RHEL-09-653065 | CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II | Unix | AUDIT AND ACCOUNTABILITY |
| ALMA-09-052160 - AlmaLinux OS 9 audispd-plugins package must be installed. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| ALMA-09-052270 - AlmaLinux OS 9 must label all offloaded audit logs before sending them to the central log server. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| ALMA-09-052490 - AlmaLinux OS 9 must be configured to offload audit records onto a different system from the system being audited via syslog. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| ALMA-09-052820 - AlmaLinux OS 9 must encrypt, via the gtls driver, the transfer of audit records offloaded onto a different system or media from the system being audited via rsyslog. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| ALMA-09-052930 - AlmaLinux OS 9 must have the rsyslog package installed. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| ALMA-09-053150 - The rsyslog service on AlmaLinux OS 9 must be active. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| CASA-ND-001410 - The Cisco ASA must be configured to send log data to at least two central log servers for the purpose of forwarding alerts to organization-defined personnel and/or the firewall administrator. | DISA STIG Cisco ASA NDM v2r2 | Cisco | AUDIT AND ACCOUNTABILITY |
| FGFW-ND-000110 - The FortiGate device must off-load audit records on to a different system or media than the system being audited. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | AUDIT AND ACCOUNTABILITY |
| JUEX-NM-000600 - The Juniper EX switch must be configured to offload audit records onto a different system or media than the system being audited. | DISA Juniper EX Series Network Device Management v2r3 | Juniper | AUDIT AND ACCOUNTABILITY |
| MD7X-00-012400 MongoDB must off-load audit data to a separate log management facility; this must be continuous and in near real time for systems with a network connection to the storage facility and weekly or more often for standalone systems. | DISA MongoDB Enterprise Advanced 7.x STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| MYS8-00-009700 - The MySQL Database Server 8.0 must off-load audit data to a separate log management facility; this must be continuous and in near real time for systems with a network connection to the storage facility and weekly or more often for stand-alone systems. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| O19C-00-005800 - Oracle Database must off-load audit data to a separate log management facility; this must be continuous and in near-real-time for systems with a network connection to the storage facility, and weekly or more often for stand-alone systems. | DISA Oracle Database 19c STIG v1r1 Database | OracleDB | AUDIT AND ACCOUNTABILITY |
| OL08-00-030062 - OL 8 must label all offloaded audit logs before sending them to the central log server. | DISA Oracle Linux 8 STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| OL08-00-030690 - The OL 8 audit records must be offloaded onto a different system or storage media from the system being audited. | DISA Oracle Linux 8 STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| OL08-00-030700 - OL 8 must take appropriate action when the internal event queue is full. | DISA Oracle Linux 8 STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| OL09-00-000450 - OL 9 must have the audispd-plugins package installed. | DISA Oracle Linux 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| OL09-00-000855 - OL 9 must be configured to offload audit records onto a different system from the system being audited via syslog. | DISA Oracle Linux 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| OL09-00-000860 - OL 9 must take appropriate action when the internal event queue is full. | DISA Oracle Linux 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| OL09-00-005015 - OL 9 must authenticate the remote logging server for offloading audit logs via rsyslog. | DISA Oracle Linux 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| OL09-00-005020 - OL 9 must encrypt the transfer of audit records offloaded onto a different system or media from the system being audited via rsyslog. | DISA Oracle Linux 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030690 - The RHEL 8 audit records must be off-loaded onto a different system or storage media from the system being audited. | DISA Red Hat Enterprise Linux 8 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-652040 - RHEL 9 must authenticate the remote logging server for offloading audit logs via rsyslog. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-652050 - RHEL 9 must encrypt via the gtls driver the transfer of audit records offloaded onto a different system or media from the system being audited via rsyslog. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-652055 - RHEL 9 must be configured to forward audit records via TCP to a different system or media from the system being audited via rsyslog. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-653065 - RHEL 9 must take appropriate action when the internal event queue is full. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-653130 - RHEL 9 audispd-plugins package must be installed. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| SLES-15-030670 - The audit-audispd-plugins must be installed on the SUSE operating system. | DISA SUSE Linux Enterprise Server 15 STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| SLES-15-030680 - The SUSE operating system audit event multiplexor must be configured to use Kerberos. | DISA SUSE Linux Enterprise Server 15 STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| SPLK-CL-000150 - Splunk Enterprise must be configured to offload log records onto a different system or media than the system being audited. | DISA STIG Splunk Enterprise 8.x for Linux v2r2 STIG REST API | Splunk | AUDIT AND ACCOUNTABILITY |
| SYMP-AG-000210 - Symantec ProxySG must use a centralized log server. | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | AUDIT AND ACCOUNTABILITY |
| SYMP-NM-000080 - Symantec ProxySG must be configured to support centralized management and configuration of the audit log - enable | DISA Symantec ProxySG Benchmark NDM v1r2 | BlueCoat | AUDIT AND ACCOUNTABILITY |
| UBTU-20-010300 - The Ubuntu operating system must have a crontab script running weekly to offload audit events of standalone systems. | DISA Canonical Ubuntu 20.04 LTS STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-22-651035 - Ubuntu 22.04 LTS must have a crontab script running weekly to offload audit events of standalone systems. | DISA Canonical Ubuntu 22.04 LTS STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-24-100450 - Ubuntu 24.04 LTS audit event multiplexor must be configured to offload audit logs onto a different system or storage media from the system being audited. | DISA Canonical Ubuntu 24.04 LTS STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-24-900950 - Ubuntu 24.04 LTS must have a crontab script running weekly to offload audit events of standalone systems. | DISA Canonical Ubuntu 24.04 LTS STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| VCRP-70-000007 - Envoy (rhttpproxy) log files must be shipped via syslog to a central log server. | DISA STIG VMware vSphere 7.0 RhttpProxy v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| VCSA-70-000148 - The vCenter Server must be configured to send logs to a central log server. | DISA STIG VMware vSphere 7.0 vCenter v1r3 | VMware | AUDIT AND ACCOUNTABILITY |
| VCSA-70-000280 - The vCenter server must be configured to send events to a central log server. | DISA STIG VMware vSphere 7.0 vCenter v1r3 | VMware | AUDIT AND ACCOUNTABILITY |
| VCSA-80-000148 - The vCenter Server must be configured to send logs to a central log server. | DISA VMware vSphere 8.0 vCenter STIG v2r3 | VMware | AUDIT AND ACCOUNTABILITY |
| VCST-80-000081 The vCenter STS service must offload log records onto a different system or media from the system being logged. | DISA VMware vSphere 8.0 vCenter Appliance Secure Token Service (STS) STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| VCUI-80-000081 The vCenter UI service must offload log records onto a different system or media from the system being logged. | DISA VMware vSphere 8.0 vCenter Appliance User Interface (UI) STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| WN22-AU-000020 - Windows Server 2022 must, at a minimum, offload audit records of interconnected systems in real time and offload standalone or nondomain-joined systems weekly. | DISA Microsoft Windows Server 2022 STIG v2r5 | Windows | AUDIT AND ACCOUNTABILITY |
