| 1.59 WN22-AU-000030 | CIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II | Windows | AUDIT AND ACCOUNTABILITY |
| 1.60 WN22-AU-000040 | CIS Microsoft Windows Server 2022 STIG v3.0.0 MS CAT II | Windows | AUDIT AND ACCOUNTABILITY |
| 1.61 WN22-AU-000050 | CIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II | Windows | AUDIT AND ACCOUNTABILITY |
| 1.128 UBTU-22-653055 | CIS Ubuntu Linux 22.04 LTS STIG v1.0.0 CAT II | Unix | AUDIT AND ACCOUNTABILITY |
| 1.186 UBTU-24-901350 | CIS Ubuntu Linux 24.04 LTS STIG v1.0.0 CAT II | Unix | AUDIT AND ACCOUNTABILITY |
| 1.214 OL08-00-030070 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | AUDIT AND ACCOUNTABILITY |
| 1.215 OL08-00-030080 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | AUDIT AND ACCOUNTABILITY |
| 1.217 OL08-00-030100 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | AUDIT AND ACCOUNTABILITY |
| 1.218 OL08-00-030110 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | AUDIT AND ACCOUNTABILITY |
| 1.221 OL08-00-030122 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | AUDIT AND ACCOUNTABILITY |
| 1.445 RHEL-09-654275 | CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-11-001017 - The macOS system must be configured with audit log folders set to mode 700 or less permissive. | DISA STIG Apple macOS 11 v1r5 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-11-001017 - The macOS system must be configured with audit log folders set to mode 700 or less permissive. | DISA STIG Apple macOS 11 v1r8 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-12-001017 - The macOS system must be configured with audit log folders set to mode 700 or less permissive. | DISA STIG Apple macOS 12 v1r9 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-13-001017 - The macOS system must be configured with audit log folders set to mode 700 or less permissive. | DISA STIG Apple macOS 13 v1r5 | Unix | AUDIT AND ACCOUNTABILITY |
| APPNET0055 - CAS and policy configuration files must be backed up. | DISA Microsoft DotNet Framework 4.0 STIG v2r7 | Windows | AUDIT AND ACCOUNTABILITY |
| CISC-ND-000390 - The Cisco switch must be configured to protect audit information from unauthorized deletion. | DISA Cisco IOS XE Switch NDM STIG v3r6 | Cisco | AUDIT AND ACCOUNTABILITY |
| CISC-ND-000390 - The Cisco switch must be configured to protect audit information from unauthorized deletion. | DISA Cisco IOS Switch NDM STIG v3r7 | Cisco | AUDIT AND ACCOUNTABILITY |
| EP11-00-002800 - The audit information produced by the EDB Postgres Advanced Server must be protected from unauthorized deletion. | EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r4 | Windows | AUDIT AND ACCOUNTABILITY |
| EX13-CA-000080 - Exchange must have audit data protected against unauthorized deletion. | DISA Microsoft Exchange 2013 Client Access Server STIG v2r2 | Windows | AUDIT AND ACCOUNTABILITY |
| EX13-MB-000075 - Exchange must protect audit data against unauthorized deletion. | DISA Microsoft Exchange 2013 Mailbox Server STIG v2r3 | Windows | AUDIT AND ACCOUNTABILITY |
| EX16-MB-000150 - Exchange must protect audit data against unauthorized deletion. | DISA Microsoft Exchange 2016 Mailbox Server STIG v2r6 | Windows | AUDIT AND ACCOUNTABILITY |
| F5BI-DM-000077 - The BIG-IP appliance must be configured to protect audit information from unauthorized deletion. | DISA F5 BIG-IP Device Management STIG v2r4 | F5 | AUDIT AND ACCOUNTABILITY |
| F5BI-LT-000059 - The BIG-IP Core implementation must be configured to protect audit information from unauthorized deletion. | DISA F5 BIG-IP Local Traffic Manager STIG v2r4 | F5 | AUDIT AND ACCOUNTABILITY |
| IIST-SV-000115 - The log information from the IIS 10.0 web server must be protected from unauthorized modification or deletion. | DISA IIS 10.0 Server v2r10 | Windows | AUDIT AND ACCOUNTABILITY |
| MD4X-00-000200 - The audit information produced by MongoDB must be protected from unauthorized access. | DISA STIG MongoDB Enterprise Advanced 4.x v1r4 OS | Unix | AUDIT AND ACCOUNTABILITY |
| O19C-00-006600 - The audit information produced by the Oracle Database must be protected from unauthorized access, modification, or deletion. | DISA Oracle Database 19c STIG v1r3 OracleDB | OracleDB | AUDIT AND ACCOUNTABILITY |
| O121-C2-009500 - The system must protect audit information from unauthorized deletion. | DISA Oracle Database 12c STIG v3r5 OracleDB | OracleDB | AUDIT AND ACCOUNTABILITY |
| OH12-1X-000076 - The log information from OHS must be protected from unauthorized deletion - permissions | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| OL08-00-030070 - OL 8 audit logs must have a mode of "0600" or less permissive to prevent unauthorized read access. | DISA Oracle Linux 8 STIG v2r8 | Unix | AUDIT AND ACCOUNTABILITY |
| OL08-00-030121 - The OL 8 audit system must protect auditing rules from unauthorized change. | DISA Oracle Linux 8 STIG v2r8 | Unix | AUDIT AND ACCOUNTABILITY |
| OL08-00-030122 - The OL 8 audit system must protect logon UIDs from unauthorized change. | DISA Oracle Linux 8 STIG v2r8 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-40-000026 - The Photon operating system must protect audit logs from unauthorized access. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| PPS9-00-002800 - The audit information produced by the EDB Postgres Advanced Server must be protected from unauthorized deletion. | EDB PostgreSQL Advanced Server OS Linux Audit v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000385 - Audit log directories must have mode 0755 or less permissive. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| SLEM-05-653050 - SLEM 5 must protect audit rules from unauthorized modification. | DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY |
| SQL2-00-013800 - SQL Server must protect audit information from unauthorized deletion. | DISA STIG SQL Server 2012 Database OS Audit v1r20 | Windows | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| TCAT-AS-000380 - Jar files in the $CATALINA_HOME/bin/ folder must have their permissions set to 640. | DISA STIG Apache Tomcat Application Server 9 v3r3 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-18-010309 - The Ubuntu operating system must allow only authorized accounts to own the audit log directory. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-18-010310 - The Ubuntu operating system must ensure only authorized groups can own the audit log directory and its underlying files. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-22-653050 - Ubuntu 22.04 LTS must be configured to permit only authorized users ownership of the audit log files. | DISA Canonical Ubuntu 22.04 LTS STIG v2r8 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-22-653055 - Ubuntu 22.04 LTS must permit only authorized groups ownership of the audit log files. | DISA Canonical Ubuntu 22.04 LTS STIG v2r8 | Unix | AUDIT AND ACCOUNTABILITY |
| VCLD-67-000011 - VAMI log files must only be accessible by privileged users - access.log | DISA STIG VMware vSphere 6.7 VAMI-lighttpd v1r3 | Unix | AUDIT AND ACCOUNTABILITY |
| VCLD-80-000019 The vCenter VAMI service log files must only be accessible by privileged users. | DISA VMware vSphere 8.0 vCenter Appliance Management Interface (VAMI) STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| VCPF-70-000007 - Performance Charts log files must only be modifiable by privileged users. | DISA STIG VMware vSphere 7.0 Perfcharts Tomcat v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| VCST-80-000025 The vCenter STS service logs folder permissions must be set correctly. | DISA VMware vSphere 8.0 vCenter Appliance Secure Token Service (STS) STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| VCUI-80-000025 The vCenter UI service must protect logs from unauthorized access. | DISA VMware vSphere 8.0 vCenter Appliance User Interface (UI) STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| WN22-AU-000030 - Windows Server 2022 permissions for the Application event log must prevent access by nonprivileged accounts. | DISA Microsoft Windows Server 2022 STIG v2r8 | Windows | AUDIT AND ACCOUNTABILITY |
| WN25-AU-000030 - Windows Server 2025 permissions for the Application event log must prevent access by nonprivileged accounts. | DISA Microsoft Windows Server 2025 STIG v1r1 | Windows | AUDIT AND ACCOUNTABILITY |
| WN25-AU-000040 - Windows Server 2025 permissions for the Security event log must prevent access by nonprivileged accounts. | DISA Microsoft Windows Server 2025 STIG v1r1 | Windows | AUDIT AND ACCOUNTABILITY |
