| 4.1.3.8 Ensure changes to system administration scope (sudoers) is collected - sudoers | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.3.10 Ensure use of privileged commands is collected | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.3.19 Ensure audit all uses of the chsh command. | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.3.38 Ensure audit of the su command | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.3.40 Ensure audit all uses of the newgrp command | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| AIX7-00-002001 - AIX must produce audit records containing information to establish what the date, time, and type of events that occurred. | DISA STIG AIX 7.x v3r1 | Unix | AUDIT AND ACCOUNTABILITY |
| AS24-W2-000090 - The Apache web server must produce log records containing sufficient information to establish what type of events occurred. | DISA STIG Apache Server 2.4 Windows Site v2r1 | Windows | AUDIT AND ACCOUNTABILITY |
| BIND-9X-001030 - The print-severity variable for the configuration of BIND 9.x server logs must be configured to produce audit records containing information to establish what type of events occurred. | DISA BIND 9.x STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| ESXI-65-000030 - The ESXi host must produce audit records containing information to establish what type of events occurred. | DISA STIG VMware vSphere ESXi 6.5 v2r4 | VMware | AUDIT AND ACCOUNTABILITY |
| F5BI-AF-000039 - The BIG-IP AFM module must be configured to produce audit records containing information to establish what type of events occurred. | DISA F5 BIG-IP Advanced Firewall Manager STIG v2r1 | F5 | AUDIT AND ACCOUNTABILITY |
| JBOS-AS-000110 - JBoss must be configured to produce log records containing information to establish what type of events occurred. | DISA JBoss EAP 6.3 STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| O121-C2-007400 - The DBMS must produce audit records containing sufficient information to establish what type of events occurred. | DISA STIG Oracle 12c v3r2 Database | OracleDB | AUDIT AND ACCOUNTABILITY |
| OH12-1X-000050 - OHS must have a log level severity defined to produce sufficient log records to establish what type of events occurred. | DISA STIG Oracle HTTP Server 12.1.3 v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| OH12-1X-000052 - OHS must have a SSL log format defined for log records generated to capture sufficient information to establish what type of events occurred. | DISA STIG Oracle HTTP Server 12.1.3 v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| OH12-1X-000053 - OHS must have a log file defined for each site/virtual host to capture sufficient information to establish what type of events occurred. | DISA STIG Oracle HTTP Server 12.1.3 v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000339 - The FTP daemon must be configured for logging or verbose mode - 'log_ftp_protocol' | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000339 - The FTP daemon must be configured for logging or verbose mode - 'xferlog_std_format' | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL07-00-030680 - The Oracle Linux operating system must audit all uses of the su command. | DISA Oracle Linux 7 STIG v3r1 | Unix | AUDIT AND ACCOUNTABILITY |
| OL07-00-030690 - The Oracle Linux operating system must audit all uses of the sudo command. | DISA Oracle Linux 7 STIG v3r1 | Unix | AUDIT AND ACCOUNTABILITY |
| OL07-00-030700 - The Oracle Linux operating system must audit all uses of the sudoers file and all files in the /etc/sudoers.d/ directory. | DISA Oracle Linux 7 STIG v3r1 | Unix | AUDIT AND ACCOUNTABILITY |
| OL07-00-030710 - The Oracle Linux operating system must audit all uses of the newgrp command. | DISA Oracle Linux 7 STIG v3r1 | Unix | AUDIT AND ACCOUNTABILITY |
| OL07-00-030720 - The Oracle Linux operating system must audit all uses of the chsh command. | DISA Oracle Linux 7 STIG v3r1 | Unix | AUDIT AND ACCOUNTABILITY |
| PGS9-00-010400 - PostgreSQL must produce audit records containing sufficient information to establish what type of events occurred. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PHTN-30-000010 - The Photon operating system must configure auditd to log to disk. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-67-000010 - The Photon operating system must configure auditd to log to disk. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | AUDIT AND ACCOUNTABILITY |
| PPS9-00-001600 - The EDB Postgres Advanced Server must produce audit records containing sufficient information to establish what type of events occurred. | EDB PostgreSQL Advanced Server DB Audit v2r3 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000154 - The operating system must produce audit records containing sufficient information to establish what type of events occurred - CHKCONFIG. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000339 - The FTP daemon must be configured for logging or verbose mode - 'log_ftp_protocol = yes'. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000339 - The FTP daemon must be configured for logging or verbose mode - 'xferlog_enable = yes'. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| SLES-12-020411 - The SUSE operating system must generate audit records for all uses of the unlink, unlinkat, rename, renameat and rmdir syscalls. | DISA SLES 12 STIG v3r1 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-15-030100 - The SUSE operating system must generate audit records for a uses of the chsh command. | DISA SLES 15 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-15-030340 - The SUSE operating system must generate audit records for all uses of the chfn command. | DISA SLES 15 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-15-030350 - The SUSE operating system must generate audit records for all uses of the mount system call. | DISA SLES 15 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-15-030400 - The SUSE operating system must generate audit records for all uses of the modprobe command. | DISA SLES 15 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-15-030420 - The SUSE operating system must generate audit records for all uses of the chmod command. | DISA SLES 15 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-15-030440 - The SUSE operating system must generate audit records for all uses of the chacl command. | DISA SLES 15 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-15-030450 - The SUSE operating system must generate audit records for all uses of the chcon command. | DISA SLES 15 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-15-030460 - The SUSE operating system must generate audit records for all uses of the rm command. | DISA SLES 15 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-15-030470 - The SUSE operating system must generate audit records for all modifications to the tallylog file must generate an audit record. | DISA SLES 15 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-15-030490 - The SUSE operating system must generate audit records for all uses of the passmass command. | DISA SLES 15 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-15-030510 - The SUSE operating system must generate audit records for all uses of the pam_timestamp_check command. | DISA SLES 15 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| WBLC-02-000073 - Oracle WebLogic must produce process events and severity levels to establish what type of HTTPD-related events and severity levels occurred. | Oracle WebLogic Server 12c Linux v2r1 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| WBLC-02-000074 - Oracle WebLogic must produce audit records containing sufficient information to establish what type of JVM-related events and severity levels occurred. | Oracle WebLogic Server 12c Linux v2r1 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| WBLC-02-000074 - Oracle WebLogic must produce audit records containing sufficient information to establish what type of JVM-related events and severity levels occurred. | Oracle WebLogic Server 12c Windows v2r1 | Windows | AUDIT AND ACCOUNTABILITY |
| WBLC-02-000075 - Oracle WebLogic must produce process events and security levels to establish what type of Oracle WebLogic process events and severity levels occurred. | Oracle WebLogic Server 12c Windows v2r1 | Windows | AUDIT AND ACCOUNTABILITY |
| WN10-AU-000560 - Windows 10 must be configured to audit other Logon/Logoff Events Successes. | DISA Windows 10 STIG v3r2 | Windows | AUDIT AND ACCOUNTABILITY |
| WN10-AU-000565 - Windows 10 must be configured to audit other Logon/Logoff Events Failures. | DISA Windows 10 STIG v3r2 | Windows | AUDIT AND ACCOUNTABILITY |
| WN10-AU-000570 - Windows 10 must be configured to audit Detailed File Share Failures. | DISA Windows 10 STIG v3r2 | Windows | AUDIT AND ACCOUNTABILITY |
| WN10-AU-000575 - Windows 10 must be configured to audit MPSSVC Rule-Level Policy Change Successes. | DISA Windows 10 STIG v3r2 | Windows | AUDIT AND ACCOUNTABILITY |
| WN10-AU-000580 - Windows 10 must be configured to audit MPSSVC Rule-Level Policy Change Failures. | DISA Windows 10 STIG v3r2 | Windows | AUDIT AND ACCOUNTABILITY |
