| AMLS-NM-000370 - The Arista Multilayer Switch must generate audit records showing starting and ending time for administrator access to the system - trap logging | DISA STIG Arista MLS DCS-7000 Series NDM v1r4 | Arista | AUDIT AND ACCOUNTABILITY |
| AMLS-NM-000380 - The Arista Multilayer Switch must generate audit records when concurrent logons from different workstations occur - show logging | DISA STIG Arista MLS DCS-7000 Series NDM v1r4 | Arista | AUDIT AND ACCOUNTABILITY |
| AOSX-13-000200 - The macOS system must generate audit records for DoD-defined events such as successful/unsuccessful logon attempts, successful/unsuccessful direct access attempts, starting and ending time for user access, and concurrent logons to the same account from different sources. | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-11-001020 - The macOS system must audit the enforcement actions used to restrict access associated with changes to the system - fd | DISA STIG Apple macOS 11 v1r8 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| APPL-11-001020 - The macOS system must audit the enforcement actions used to restrict access associated with changes to the system - fm | DISA STIG Apple macOS 11 v1r5 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| APPL-12-001002 - The macOS system must monitor remote access methods and generate audit records when successful/unsuccessful attempts to access/modify privileges occur. | DISA STIG Apple macOS 12 v1r9 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| APPL-13-001002 - The macOS system must monitor remote access methods and generate audit records when successful/unsuccessful attempts to access/modify privileges occur. | DISA STIG Apple macOS 13 v1r4 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| APPL-13-001020 - The macOS system must audit the enforcement actions used to restrict access associated with changes to the system. | DISA STIG Apple macOS 13 v1r4 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| CISC-ND-001250 - The Cisco router must be configured to generate log records when administrator privileges are deleted. | DISA STIG Cisco IOS XE Router NDM v3r1 | Cisco | AUDIT AND ACCOUNTABILITY |
| CISC-ND-001260 - The Cisco router must be configured to generate audit records when successful/unsuccessful logon attempts occur. | DISA STIG Cisco IOS XE Router NDM v3r1 | Cisco | AUDIT AND ACCOUNTABILITY |
| CISC-ND-001270 - The Cisco router must be configured to generate log records for privileged activities. | DISA STIG Cisco IOS XE Router NDM v3r1 | Cisco | AUDIT AND ACCOUNTABILITY |
| DB2X-00-000800 - DB2 must generate audit records when privileges/permissions are retrieved - database policies | DISA STIG IBM DB2 v10.5 LUW v2r1 Database | IBM_DB2DB | AUDIT AND ACCOUNTABILITY |
| DB2X-00-000800 - DB2 must generate audit records when privileges/permissions are retrieved - table SYSIBM.SYSLIBRARYAUTH | DISA STIG IBM DB2 v10.5 LUW v2r1 Database | IBM_DB2DB | AUDIT AND ACCOUNTABILITY |
| DB2X-00-000800 - DB2 must generate audit records when privileges/permissions are retrieved - table SYSIBM.SYSSECURITYLABELACCESS | DISA STIG IBM DB2 v10.5 LUW v2r1 Database | IBM_DB2DB | AUDIT AND ACCOUNTABILITY |
| DB2X-00-000900 - DB2 must generate audit records when unsuccessful attempts to retrieve privileges/permissions occur - SYSIBM.SYSSCHEMAAUTH | DISA STIG IBM DB2 v10.5 LUW v2r1 Database | IBM_DB2DB | AUDIT AND ACCOUNTABILITY |
| JBOS-AS-000720 - JBoss must be configured to generate log records for all account creations, modifications, disabling, and termination events. | DISA RedHat JBoss EAP 6.3 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| JUNI-ND-001280 - The Juniper router must be configured to generate log records when concurrent logons from different workstations occur. | DISA STIG Juniper Router NDM v3r1 | Juniper | AUDIT AND ACCOUNTABILITY |
| JUSX-DM-000042 - The Juniper SRX Services Gateway must generate log records when administrator privileges are deleted. | DISA Juniper SRX Services Gateway NDM v3r2 | Juniper | AUDIT AND ACCOUNTABILITY |
| PANW-NM-000024 - The Palo Alto Networks security platform must generate audit records when successful/unsuccessful attempts to access privileges occur - Configuration Logs 'CRITICAL' | DISA STIG Palo Alto NDM v3r1 | Palo_Alto | AUDIT AND ACCOUNTABILITY |
| PANW-NM-000024 - The Palo Alto Networks security platform must generate audit records when successful/unsuccessful attempts to access privileges occur - Configuration Logs 'HIGH' | DISA STIG Palo Alto NDM v3r1 | Palo_Alto | AUDIT AND ACCOUNTABILITY |
| PANW-NM-000024 - The Palo Alto Networks security platform must generate audit records when successful/unsuccessful attempts to access privileges occur - System Logs 'LOW' | DISA STIG Palo Alto NDM v3r1 | Palo_Alto | AUDIT AND ACCOUNTABILITY |
| PGS9-00-004600 - PostgreSQL must generate audit records when unsuccessful logons or connection attempts occur. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PGS9-00-004800 - PostgreSQL must generate audit records when unsuccessful attempts to modify security objects occur. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PGS9-00-006700 - PostgreSQL must generate audit records when categorized information (e.g., classification levels/security levels) is modified. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PHTN-40-000003 The Photon operating system must audit all account creations. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| RHEL-06-000194 - The audit system must be configured to audit all discretionary access control permission modifications using lsetxattr - auid>=500 64 bit | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000195 - The audit system must be configured to audit all discretionary access control permission modifications using removexattr - auid>=500 32 bit | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000195 - The audit system must be configured to audit all discretionary access control permission modifications using removexattr - auid>=500 64 bit | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000196 - The audit system must be configured to audit all discretionary access control permission modifications using setxattr - auid=0 32 bit | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000196 - The audit system must be configured to audit all discretionary access control permission modifications using setxattr - auid=0 64 bit | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000200 - The audit system must be configured to audit user deletions of files and programs - renameat 32 bit | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000200 - The audit system must be configured to audit user deletions of files and programs - unlink 64 bit | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000200 - The audit system must be configured to audit user deletions of files and programs - unlinkat 64 bit | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000202 - The audit system must be configured to audit the loading and unloading of dynamic kernel modules - init_module 32 bit | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| TCAT-AS-001590 - Changes to $CATALINA_HOME/bin/ folder must be logged. | DISA STIG Apache Tomcat Application Server 9 v3r1 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-18-010316 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the chfn command. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-18-010320 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the ssh-keysign command. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-18-010342 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the chsh command. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-18-010346 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the setfacl command. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-18-010375 - The Ubuntu operating system must generate audit records upon successful/unsuccessful use of unlink, unlinkat, rename, renameat, and rmdir system calls. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-18-010392 - The Ubuntu operating system must generate audit records when successful/unsuccessful attempts to use the fdisk command. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | AUDIT AND ACCOUNTABILITY |
| WBLC-01-000030 - Oracle WebLogic must provide access logging that ensures users who are granted a privileged role (or roles) have their privileged activity logged. | Oracle WebLogic Server 12c Linux v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| WBLC-02-000069 - Oracle WebLogic must generate audit records for the DoD-selected list of auditable events - HTTP Access Log | Oracle WebLogic Server 12c Linux v2r1 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| WN10-AU-000054 - The system must be configured to audit Logon/Logoff - Account Lockout failures. | DISA Windows 10 STIG v3r2 | Windows | AUDIT AND ACCOUNTABILITY |
| WN10-AU-000060 - The system must be configured to audit Logon/Logoff - Group Membership successes. | DISA Windows 10 STIG v3r2 | Windows | AUDIT AND ACCOUNTABILITY |
| WN10-AU-000080 - The system must be configured to audit Logon/Logoff - Special Logon successes. | DISA Windows 10 STIG v3r2 | Windows | AUDIT AND ACCOUNTABILITY |
| WN10-AU-000083 - Windows 10 must be configured to audit Object Access - Other Object Access Events successes. | DISA Windows 10 STIG v3r2 | Windows | AUDIT AND ACCOUNTABILITY |
| WN10-AU-000107 - The system must be configured to audit Policy Change - Authorization Policy Change successes. | DISA Windows 10 STIG v3r2 | Windows | AUDIT AND ACCOUNTABILITY |
| WN12-AU-000081 - The system must be configured to audit Object Access - Removable Storage successes. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | AUDIT AND ACCOUNTABILITY |
| WN12-AU-000104 - The system must be configured to audit System - IPsec Driver failures. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | AUDIT AND ACCOUNTABILITY |
