| AMLS-NM-000370 - The Arista Multilayer Switch must generate audit records showing starting and ending time for administrator access to the system - trap logging | DISA STIG Arista MLS DCS-7000 Series NDM v1r4 | Arista | AUDIT AND ACCOUNTABILITY |
| AMLS-NM-000380 - The Arista Multilayer Switch must generate audit records when concurrent logons from different workstations occur - show logging | DISA STIG Arista MLS DCS-7000 Series NDM v1r4 | Arista | AUDIT AND ACCOUNTABILITY |
| AOSX-13-000200 - The macOS system must generate audit records for DoD-defined events such as successful/unsuccessful logon attempts, successful/unsuccessful direct access attempts, starting and ending time for user access, and concurrent logons to the same account from different sources. | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-11-001020 - The macOS system must audit the enforcement actions used to restrict access associated with changes to the system - fd | DISA STIG Apple macOS 11 v1r8 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| APPL-11-001020 - The macOS system must audit the enforcement actions used to restrict access associated with changes to the system - fm | DISA STIG Apple macOS 11 v1r5 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| APPL-12-001002 - The macOS system must monitor remote access methods and generate audit records when successful/unsuccessful attempts to access/modify privileges occur. | DISA STIG Apple macOS 12 v1r9 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| CISC-ND-001250 - The Cisco switch must be configured to generate log records when administrator privileges are deleted. | DISA STIG Cisco IOS XE Switch NDM v3r2 | Cisco | AUDIT AND ACCOUNTABILITY |
| CISC-ND-001250 - The Cisco switch must be configured to generate log records when administrator privileges are deleted. | DISA STIG Cisco IOS Switch NDM v3r2 | Cisco | AUDIT AND ACCOUNTABILITY |
| CISC-ND-001260 - The Cisco switch must be configured to generate audit records when successful/unsuccessful logon attempts occur. | DISA STIG Cisco IOS Switch NDM v3r2 | Cisco | AUDIT AND ACCOUNTABILITY |
| CISC-ND-001270 - The Cisco router must be configured to generate log records for privileged activities. | DISA STIG Cisco IOS XE Router NDM v3r2 | Cisco | AUDIT AND ACCOUNTABILITY |
| JUSX-DM-000043 - The Juniper SRX Services Gateway must generate log records when logon events occur. | DISA Juniper SRX Services Gateway NDM v3r2 | Juniper | AUDIT AND ACCOUNTABILITY |
| PGS9-00-004900 - PostgreSQL must generate audit records when privileges/permissions are added. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PGS9-00-005000 - PostgreSQL must generate audit records when unsuccessful attempts to delete categorized information (e.g., classification levels/security levels) occur. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PGS9-00-005200 - PostgreSQL must generate audit records when security objects are deleted. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PGS9-00-005700 - PostgreSQL must generate audit records when unsuccessful accesses to objects occur. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PGS9-00-005900 - PostgreSQL must generate audit records when unsuccessful attempts to access categorized information (e.g., classification levels/security levels) occur. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PGS9-00-006200 - PostgreSQL must generate audit records when concurrent logons/connections by the same user from different workstations occur. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PGS9-00-006300 - PostgreSQL must generate audit records when unsuccessful attempts to delete security objects occur. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PGS9-00-012500 - Audit records must be generated when categorized information (e.g., classification levels/security levels) is deleted. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PGS9-00-012600 - PostgreSQL must generate audit records when successful accesses to objects occur. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000202 - The audit system must be configured to audit the loading and unloading of dynamic kernel modules - init_module 64 bit | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-07-030810 - The Red Hat Enterprise Linux operating system must audit all uses of the pam_timestamp_check command. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-07-030820 - The Red Hat Enterprise Linux operating system must audit all uses of the init_module and finit_module syscalls. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-18-010201 - The Ubuntu operating system must generate audit records for the use and modification of the tallylog file. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-18-010237 - The Ubuntu operating system must generate audit records for privileged activities or other system-level access. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-18-010238 - The Ubuntu operating system must generate audit records for the /var/log/wtmp file. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-18-010316 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the chfn command. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-18-010321 - The Ubuntu operating system must generate audit records for any usage of the setxattr, fsetxattr, lsetxattr, removexattr, fremovexattr, and lremovexattr system calls. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-18-010341 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the sudoedit command. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-18-010343 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the newgrp command. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-18-010344 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the chcon command. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-18-010345 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the apparmor_parser command. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-18-010375 - The Ubuntu operating system must generate audit records upon successful/unsuccessful use of unlink, unlinkat, rename, renameat, and rmdir system calls. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | AUDIT AND ACCOUNTABILITY |
| WN10-AU-000060 - The system must be configured to audit Logon/Logoff - Group Membership successes. | DISA Microsoft Windows 10 STIG v3r4 | Windows | AUDIT AND ACCOUNTABILITY |
| WN10-AU-000080 - The system must be configured to audit Logon/Logoff - Special Logon successes. | DISA Microsoft Windows 10 STIG v3r4 | Windows | AUDIT AND ACCOUNTABILITY |
| WN10-AU-000085 - The system must be configured to audit Object Access - Removable Storage failures. | DISA Microsoft Windows 10 STIG v3r4 | Windows | AUDIT AND ACCOUNTABILITY |
| WN10-AU-000120 - The system must be configured to audit System - IPSec Driver failures. | DISA Microsoft Windows 10 STIG v3r4 | Windows | AUDIT AND ACCOUNTABILITY |
| WN10-AU-000130 - The system must be configured to audit System - Other System Events successes. | DISA Microsoft Windows 10 STIG v3r4 | Windows | AUDIT AND ACCOUNTABILITY |
| WN12-AU-000002 - The system must be configured to audit Account Logon - Credential Validation failures. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | AUDIT AND ACCOUNTABILITY |
| WN12-AU-000002 - The system must be configured to audit Account Logon - Credential Validation failures. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | AUDIT AND ACCOUNTABILITY |
| WN12-AU-000053 - The system must be configured to audit Logon/Logoff - Special Logon successes. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | AUDIT AND ACCOUNTABILITY |
| WN12-AU-000082 - The system must be configured to audit Object Access - Removable Storage failures. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | AUDIT AND ACCOUNTABILITY |
| WN12-AU-000089 - The system must be configured to audit Policy Change - Authorization Policy Change successes. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | AUDIT AND ACCOUNTABILITY |
| WN12-AU-000103 - The system must be configured to audit System - IPsec Driver successes. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | AUDIT AND ACCOUNTABILITY |
| WN16-AU-000070 - Windows Server 2016 must be configured to audit Account Logon - Credential Validation successes. | DISA Microsoft Windows Server 2016 STIG v2r10 | Windows | AUDIT AND ACCOUNTABILITY |
| WN16-AU-000080 - Windows Server 2016 must be configured to audit Account Logon - Credential Validation failures. | DISA Microsoft Windows Server 2016 STIG v2r10 | Windows | AUDIT AND ACCOUNTABILITY |
| WN16-AU-000286 - Windows 2016 must be configured to audit Object Access - Other Object Access Events failures. | DISA Microsoft Windows Server 2016 STIG v2r10 | Windows | AUDIT AND ACCOUNTABILITY |
| WN19-AU-000070 - Windows Server 2019 must be configured to audit Account Logon - Credential Validation successes. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | AUDIT AND ACCOUNTABILITY |
| WN19-AU-000220 - Windows Server 2019 must be configured to audit Object Access - Other Object Access Events successes. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | AUDIT AND ACCOUNTABILITY |
| WN19-AU-000250 - Windows Server 2019 must be configured to audit Object Access - Removable Storage failures. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | AUDIT AND ACCOUNTABILITY |
