| 1.1.16 Ensure that the --audit-log-path argument is set as appropriate | CIS Kubernetes 1.7.0 Benchmark v1.1.0 L1 | Unix | AUDIT AND ACCOUNTABILITY |
| 1.7 Ensure auditing is configured for Docker files and directories - /etc/docker | CIS Docker Community Edition v1.1.0 L1 Linux Host OS | Unix | AUDIT AND ACCOUNTABILITY |
| 5.4 CIFS - 'cifs.audit.autosave.onsize.threshold has been configured' | TNS NetApp Data ONTAP 7G | NetApp | AUDIT AND ACCOUNTABILITY |
| 5.4 CIFS - 'cifs.audit.liveview.enable = off' | TNS NetApp Data ONTAP 7G | NetApp | AUDIT AND ACCOUNTABILITY |
| 15 - NAS File System Auditing - CIFS auditing is enabled | NetApp Security Hardening Guide for ONTAP 9 v1.7.0 | Netapp_API | AUDIT AND ACCOUNTABILITY |
| Audit Authentication Policy Change | MSCT MSCT Windows Server 2022 DC v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit directory service access | MSCT Windows Server 2012 R2 DC v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit directory service access | MSCT Windows Server 2016 DC v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Directory Service Changes | MSCT Windows Server 2019 DC v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Directory Service Changes | MSCT MSCT Windows Server 2022 DC v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Directory Service Changes | MSCT Windows Server v20H2 DC v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit File Share | MSCT Windows 10 1803 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit File Share | MSCT Windows Server 2019 MS v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Group Membership | MSCT Windows Server v2004 DC v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Group Membership | MSCT Windows Server 2016 MS v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Group Membership | MSCT Windows Server v20H2 DC v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Kerberos Authentication Service | MSCT MSCT Windows Server 2022 DC v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Kerberos Service Ticket Operations | MSCT Windows Server v2004 DC v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Kerberos Service Ticket Operations | MSCT MSCT Windows Server 2022 DC v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Logon | MSCT MSCT Windows Server 2022 DC v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit MPSSVC Rule-Level Policy Change | MSCT Windows 10 1803 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit MPSSVC Rule-Level Policy Change | MSCT Windows 10 1909 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit MPSSVC Rule-Level Policy Change | MSCT Windows 10 v2004 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit MPSSVC Rule-Level Policy Change | MSCT Windows Server v20H2 MS v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Other Object Access Events | MSCT Windows 10 1803 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Other System Events | MSCT Windows Server 2022 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit PNP Activity | MSCT MSCT Windows Server 2022 DC v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Process Creation | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Process Creation | MSCT Windows 10 1909 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Process Creation | MSCT Windows Server 2019 DC v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Security State Change | MSCT Windows 10 1909 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Security State Change | MSCT Windows 10 v2004 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Security State Change | MSCT Windows Server 2016 MS v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Security System Extension | MSCT Windows Server 2022 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit SGID executables | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY |
| Audit SUID executables | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY |
| Ensure 'logging to monitor' is disabled - show logging | Tenable Cisco Firepower Threat Defense Best Practices Audit | Cisco_Firepower | AUDIT AND ACCOUNTABILITY |
| Ensure 'logging with timestamps' is enabled - show logging | Tenable Cisco Firepower Threat Defense Best Practices Audit | Cisco_Firepower | AUDIT AND ACCOUNTABILITY |
| Ensure 'logging' is enabled | Tenable Cisco Firepower Best Practices Audit | Cisco | AUDIT AND ACCOUNTABILITY |
| Ensure file deletion events by users are collected - auditctl b32 unlink | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY |
| Ensure file deletion events by users are collected - b32 unlink | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY |
| Ensure file deletion events by users are collected - b64 unlink | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY |
| FireEye - Local logging level includes all errors and warnings | TNS FireEye | FireEye | AUDIT AND ACCOUNTABILITY |
| FireEye - Local logging level is not overridden except by defaults | TNS FireEye | FireEye | AUDIT AND ACCOUNTABILITY |
| Fortigate - External Logging - 'syslog2' | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | AUDIT AND ACCOUNTABILITY |
| Fortigate - Fortianalyzer Logs - severity 'information' | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | AUDIT AND ACCOUNTABILITY |
| Fortigate - Local Logging - severity 'information' | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | AUDIT AND ACCOUNTABILITY |
| Include Logout in Session Records | Tenable Cisco ACI | Cisco_ACI | AUDIT AND ACCOUNTABILITY |
| Include Refresh in Session Records | Tenable Cisco ACI | Cisco_ACI | AUDIT AND ACCOUNTABILITY |
| WatchGuard : IPS Logging Threat Level Critical - Enabled | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | AUDIT AND ACCOUNTABILITY |
