| 4.1.3.14 Ensure events that modify user/group information are collected - group | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.3.14 Ensure events that modify user/group information are collected - passwd | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| ALMA-09-005080 - AlmaLinux OS 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/group. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-005190 - AlmaLinux OS 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/gshadow. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-005300 - AlmaLinux OS 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/security/opasswd. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-005410 - AlmaLinux OS 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-005960 - AlmaLinux OS 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/shadow. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-006070 - AlmaLinux OS 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect the files within /etc/sudoers.d/ | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| APPL-15-001001 - The macOS system must be configured to audit all administrative action events. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ARST-ND-000150 - The Arista network device must be configured to audit all administrator activity. | DISA STIG Arista MLS EOS 4.2x NDM v2r1 | Arista | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| ARST-ND-000150 - The Arista network device must be configured to audit all administrator activity. | DISA STIG Arista MLS EOS 4.x NDM v2r2 | Arista | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| OL07-00-030870 - The Oracle Linux operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd. | DISA Oracle Linux 7 STIG v3r3 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| OL08-00-030130 - OL 8 must generate audit records for all account creation events that affect "/etc/shadow". | DISA Oracle Linux 8 STIG v2r5 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030140 - OL 8 must generate audit records for all account creation events that affect "/etc/security/opasswd". | DISA Oracle Linux 8 STIG v2r5 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030150 - OL 8 must generate audit records for all account creation events that affect "/etc/passwd". | DISA Oracle Linux 8 STIG v2r5 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030170 - OL 8 must generate audit records for all account creation events that affect "/etc/group". | DISA Oracle Linux 8 STIG v2r5 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030171 - OL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect "/etc/sudoers". | DISA Oracle Linux 8 STIG v2r5 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030172 - OL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect "/etc/sudoers.d/". | DISA Oracle Linux 8 STIG v2r5 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL09-00-000500 - OL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/sudoers. | DISA Oracle Linux 9 STIG v1r2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL09-00-000505 - OL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/sudoers.d/ directory. | DISA Oracle Linux 9 STIG v1r2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL09-00-000510 - OL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/group. | DISA Oracle Linux 9 STIG v1r2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL09-00-000515 - OL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/gshadow. | DISA Oracle Linux 9 STIG v1r2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL09-00-000520 - OL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/opasswd. | DISA Oracle Linux 9 STIG v1r2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL09-00-000525 - OL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd. | DISA Oracle Linux 9 STIG v1r2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL09-00-000530 - OL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/shadow. | DISA Oracle Linux 9 STIG v1r2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654215 - RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/sudoers. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654220 - RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/sudoers.d/ directory. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-12-020200 - The SUSE operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd. | DISA SLES 12 STIG v3r3 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| SLES-12-020210 - The SUSE operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/group. | DISA SLES 12 STIG v3r3 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| SLES-12-020220 - The SUSE operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/shadow. | DISA SLES 12 STIG v3r3 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| SLES-12-020230 - The SUSE operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/opasswd. | DISA SLES 12 STIG v3r3 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| SLES-15-030000 - The SUSE operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd. | DISA SUSE Linux Enterprise Server 15 STIG v2r4 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| UBTU-18-010244 - The Ubuntu operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN10-AU-000030 - The system must be configured to audit Account Management - Security Group Management successes. | DISA Microsoft Windows 10 STIG v3r4 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN10-AU-000035 - The system must be configured to audit Account Management - User Account Management failures. | DISA Microsoft Windows 10 STIG v3r4 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN10-AU-000040 - The system must be configured to audit Account Management - User Account Management successes. | DISA Microsoft Windows 10 STIG v3r4 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN12-AU-000017 - The system must be configured to audit Account Management - Security Group Management successes. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN12-AU-000017 - The system must be configured to audit Account Management - Security Group Management successes. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN12-AU-000019 - The system must be configured to audit Account Management - User Account Management successes. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN12-AU-000019 - The system must be configured to audit Account Management - User Account Management successes. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN12-AU-000020 - The system must be configured to audit Account Management - User Account Management failures. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN12-AU-000020 - The system must be configured to audit Account Management - User Account Management failures. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN16-AU-000120 - Windows Server 2016 must be configured to audit Account Management - Security Group Management successes. | DISA Microsoft Windows Server 2016 STIG v2r10 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN16-AU-000140 - Windows Server 2016 must be configured to audit Account Management - User Account Management successes. | DISA Microsoft Windows Server 2016 STIG v2r10 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN16-AU-000150 - Windows Server 2016 must be configured to audit Account Management - User Account Management failures. | DISA Microsoft Windows Server 2016 STIG v2r10 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN16-DC-000230 - Windows Server 2016 must be configured to audit Account Management - Computer Account Management successes. | DISA Microsoft Windows Server 2016 STIG v2r10 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN19-AU-000100 - Windows Server 2019 must be configured to audit Account Management - Security Group Management successes. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN19-AU-000110 - Windows Server 2019 must be configured to audit Account Management - User Account Management successes. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN19-AU-000120 - Windows Server 2019 must be configured to audit Account Management - User Account Management failures. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN19-DC-000230 - Windows Server 2019 must be configured to audit Account Management - Computer Account Management successes. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
