| AOSX-09-000336 - Audit log folders must have mode 700 or less permissive. | DISA STIG Apple Mac OSX 10.9 v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-11-001017 - The macOS system must be configured with audit log folders set to mode 700 or less permissive. | DISA STIG Apple macOS 11 v1r1 | Unix | |
| APPL-11-001017 - The macOS system must be configured with audit log folders set to mode 700 or less permissive. | DISA STIG Apple macOS 11 v1r3 | Unix | |
| APPL-11-001017 - The macOS system must be configured with audit log folders set to mode 700 or less permissive. | DISA STIG Apple macOS 11 v1r6 | Unix | |
| APPL-12-001017 - The macOS system must be configured with audit log folders set to mode 700 or less permissive. | DISA STIG Apple macOS 12 v1r7 | Unix | |
| APPL-13-001017 - The macOS system must be configured with audit log folders set to mode 700 or less permissive. | DISA STIG Apple macOS 13 v1r1 | Unix | |
| Big Sur - Configure Audit Log Folders to Mode 700 or Less Permissive | NIST macOS Big Sur v1.4.0 - 800-171 | Unix | AUDIT AND ACCOUNTABILITY |
| Catalina - Configure Audit Log Folders to Mode 700 or Less Permissive | NIST macOS Catalina v1.5.0 - 800-53r4 Low | Unix | AUDIT AND ACCOUNTABILITY |
| Catalina - Configure Audit Log Folders to Mode 700 or Less Permissive | NIST macOS Catalina v1.5.0 - All Profiles | Unix | AUDIT AND ACCOUNTABILITY |
| Catalina - Configure Audit Log Folders to Mode 700 or Less Permissive | NIST macOS Catalina v1.5.0 - CNSSI 1253 | Unix | AUDIT AND ACCOUNTABILITY |
| EX19-ED-000045 Exchange audit data must be protected against unauthorized access for modification. | DISA Microsoft Exchange 2019 Edge Server STIG v2r1 | Windows | AUDIT AND ACCOUNTABILITY |
| FNFG-FW-000055 - The FortiGate firewall must protect the traffic log from unauthorized modification of local log records. | DISA Fortigate Firewall STIG v1r3 | FortiGate | AUDIT AND ACCOUNTABILITY |
| GEN002700 - System audit logs must have mode 0640 or less permissive. | DISA STIG for Oracle Linux 5 v1r14 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002700 - System audit logs must have mode 0640 or less permissive. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002710 - All system audit files must not have extended ACLs. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | AUDIT AND ACCOUNTABILITY |
| IISW-SV-000115 - The log information from the IIS 8.5 web server must be protected from unauthorized modification or deletion. | DISA IIS 8.5 Server v1r9 | Windows | |
| JUNI-ND-000380 - The Juniper router must be configured to protect audit information from unauthorized modification. | DISA STIG Juniper Router NDM v1r5 | Juniper | ACCESS CONTROL |
| OH12-1X-000075 - The log information from OHS must be protected from unauthorized modification - user/group | DISA STIG Oracle HTTP Server 12.1.3 v1r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL08-00-030070 - OL 8 audit logs must have a mode of '0600' or less permissive to prevent unauthorized read access - 0600 or less permissive to prevent unauthorized read access. | DISA Oracle Linux 8 STIG v1r2 | Unix | |
| OL08-00-030080 - OL 8 audit logs must be owned by root to prevent unauthorized read access. | DISA Oracle Linux 8 STIG v1r6 | Unix | |
| OL08-00-030080 - OL 8 audit logs must be owned by root to prevent unauthorized read access. | DISA Oracle Linux 8 STIG v1r10 | Unix | |
| OL08-00-030080 - OL 8 audit logs must be owned by root to prevent unauthorized read access. | DISA Oracle Linux 8 STIG v1r2 | Unix | |
| OL08-00-030090 - OL 8 audit logs must be group-owned by root to prevent unauthorized read access. | DISA Oracle Linux 8 STIG v1r1 | Unix | |
| OL08-00-030090 - OL 8 audit logs must be group-owned by root to prevent unauthorized read access. | DISA Oracle Linux 8 STIG v1r6 | Unix | |
| OL08-00-030090 - OL 8 audit logs must be group-owned by root to prevent unauthorized read access. | DISA Oracle Linux 8 STIG v1r4 | Unix | |
| OL08-00-030100 - The OL 8 audit log directory must be owned by root to prevent unauthorized read access. | DISA Oracle Linux 8 STIG v1r4 | Unix | |
| OL08-00-030100 - The OL 8 audit log directory must be owned by root to prevent unauthorized read access. | DISA Oracle Linux 8 STIG v1r6 | Unix | |
| OL08-00-030110 - The OL 8 audit log directory must be group-owned by root to prevent unauthorized read access. | DISA Oracle Linux 8 STIG v1r2 | Unix | |
| OL08-00-030110 - The OL 8 audit log directory must be group-owned by root to prevent unauthorized read access. | DISA Oracle Linux 8 STIG v1r4 | Unix | |
| OL08-00-030120 - The OL 8 audit log directory must have a mode of 0700 or less permissive to prevent unauthorized read access. | DISA Oracle Linux 8 STIG v1r6 | Unix | |
| OL08-00-030120 - The OL 8 audit log directory must have a mode of 0700 or less permissive to prevent unauthorized read access. | DISA Oracle Linux 8 STIG v1r7 | Unix | |
| OL08-00-030121 - The OL 8 audit system must protect auditing rules from unauthorized change. | DISA Oracle Linux 8 STIG v1r1 | Unix | |
| OL08-00-030121 - The OL 8 audit system must protect auditing rules from unauthorized change. | DISA Oracle Linux 8 STIG v1r2 | Unix | |
| OL08-00-030121 - The OL 8 audit system must protect auditing rules from unauthorized change. | DISA Oracle Linux 8 STIG v1r8 | Unix | |
| OL08-00-030121 - The OL 8 audit system must protect auditing rules from unauthorized change. | DISA Oracle Linux 8 STIG v1r9 | Unix | |
| OL08-00-030122 - The OL 8 audit system must protect logon UIDs from unauthorized change. | DISA Oracle Linux 8 STIG v1r6 | Unix | |
| RHEL-09-654275 - RHEL 9 audit system must protect auditing rules from unauthorized change. | DISA Red Hat Enterprise Linux 9 STIG v1r1 | Unix | |
| SLES-15-030600 - The SUSE operating system must protect audit rules from unauthorized modification - /etc/permissions.local /etc/audit/audit.rules | DISA SLES 15 STIG v1r6 | Unix | |
| SLES-15-030600 - The SUSE operating system must protect audit rules from unauthorized modification - /etc/permissions.local /etc/audit/rules.d/audit.rules | DISA SLES 15 STIG v1r6 | Unix | |
| SLES-15-030600 - The SUSE operating system must protect audit rules from unauthorized modification - /var/log/audit/audit.log | DISA SLES 15 STIG v1r6 | Unix | |
| SLES-15-030600 - The SUSE operating system must protect audit rules from unauthorized modification - /var/log/audit/audit.log | DISA SLES 15 STIG v1r9 | Unix | |
| SLES-15-030600 - The SUSE operating system must protect audit rules from unauthorized modification. | DISA SLES 15 STIG v1r12 | Unix | |
| UBTU-22-653050 - Ubuntu 22.04 LTS must be configured to permit only authorized users ownership of the audit log files. | DISA STIG Canonical Ubuntu 22.04 LTS v1r1 | Unix | |
| VCLD-67-000011 - VAMI log files must only be accessible by privileged users - error.log | DISA STIG VMware vSphere 6.7 VAMI-lighttpd v1r1 | Unix | |
| VCUI-67-000007 - vSphere UI log files must only be accessible by privileged users. | DISA STIG VMware vSphere 6.7 UI Tomcat v1r2 | Unix | |
| WBSP-AS-000750 - The WebSphere Application Server must protect log information from unauthorized modification. | DISA IBM WebSphere Traditional 9 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| WBSP-AS-000750 - The WebSphere Application Server must protect log information from unauthorized modification. | DISA IBM WebSphere Traditional 9 Windows STIG v1r1 | Windows | AUDIT AND ACCOUNTABILITY |
| WN22-AU-000030 - Windows Server 2022 permissions for the Application event log must prevent access by nonprivileged accounts. | DISA Windows Server 2022 STIG v1r1 | Windows | |
| WN22-AU-000050 - Windows Server 2022 permissions for the System event log must prevent access by nonprivileged accounts. | DISA Windows Server 2022 STIG v1r3 | Windows | |
| WN22-AU-000050 - Windows Server 2022 permissions for the System event log must prevent access by nonprivileged accounts. | DISA Windows Server 2022 STIG v1r4 | Windows | |
