| 3.1 Ensure Security Auditing Is Enabled | CIS Apple macOS 12.0 Monterey Cloud-tailored v1.0.0 L1 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.1 Ensure Security Auditing Is Enabled | CIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L1 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.1 Ensure Security Auditing Is Enabled | CIS Apple macOS 12.0 Monterey v3.1.0 L1 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.1 Ensure Security Auditing Is Enabled | CIS Apple macOS 14.0 Sonoma Cloud-tailored v1.0.0 L1 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.1 Ensure Security Auditing Is Enabled | CIS Apple macOS 10.15 Catalina v3.0.0 L1 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.1 Ensure Security Auditing Is Enabled | CIS Apple macOS 11.0 Big Sur v4.0.0 L1 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.1 Ensure Security Auditing Is Enabled | CIS Apple macOS 10.14 v2.0.0 L1 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.3 Ensure session initiation information is collected - auditctl btmp | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.3 Ensure session initiation information is collected - auditctl btmp | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.3 Ensure session initiation information is collected - auditctl utmp | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.3 Ensure session initiation information is collected - auditctl utmp | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.3 Ensure session initiation information is collected - auditctl wtmp | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.3 Ensure session initiation information is collected - auditctl wtmp | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.3 Ensure session initiation information is collected - btmp | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.3 Ensure session initiation information is collected - btmp | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.3 Ensure session initiation information is collected - utmp | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.3 Ensure session initiation information is collected - utmp | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.3 Ensure session initiation information is collected - wtmp | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.3 Ensure session initiation information is collected - wtmp | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.13 Ensure login and logout events are collected - /var/log/lastlog | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.13 Ensure login and logout events are collected - /var/log/lastlog | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.13 Ensure login and logout events are collected - /var/run/faillock | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.13 Ensure login and logout events are collected - /var/run/faillock | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.13 Ensure login and logout events are collected - auditctl /var/log/lastlog | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.13 Ensure login and logout events are collected - auditctl /var/log/lastlog | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.13 Ensure login and logout events are collected - auditctl /var/run/faillock | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.13 Ensure login and logout events are collected - auditctl /var/run/faillock | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.7 Ensure login and logout events are collected - auditctl /var/run/faillock/ | CIS Red Hat 6 Workstation L2 v3.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.7 Ensure login and logout events are collected - auditctl lastlog | CIS Debian Family Workstation L2 v1.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.7 Ensure login and logout events are collected - auditctl tallylog | CIS Debian Family Server L2 v1.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.7 Ensure login and logout events are collected - rules.d /var/log/lastlog | CIS Oracle Linux 6 Workstation L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected | CIS SUSE Linux Enterprise 12 v3.2.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected | CIS SUSE Linux Enterprise 12 v3.2.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected | CIS SUSE Linux Enterprise 15 Server L2 v1.1.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected | CIS SUSE Linux Enterprise 15 Workstation L2 v1.1.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - /var/log/btmp | CIS Debian Family Workstation L2 v1.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - auditctl /var/log/btmp | CIS Debian Family Workstation L2 v1.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - auditctl /var/log/btmp | CIS Oracle Linux 6 Server L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - auditctl /var/log/wtmp | CIS Debian Family Workstation L2 v1.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - auditctl /var/log/wtmp | CIS CentOS 6 Workstation L2 v3.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - auditctl /var/log/wtmp | CIS Oracle Linux 6 Server L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - auditctl /var/log/wtmp | CIS Oracle Linux 6 Workstation L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - auditctl /var/run/utmp | CIS Debian Family Server L2 v1.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - auditctl /var/run/utmp | CIS CentOS 6 Server L2 v3.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - auditctl /var/run/utmp | CIS Red Hat 6 Server L2 v3.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - auditctl btmp | CIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - rules.d /var/log/btmp | CIS Red Hat 6 Workstation L2 v3.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - rules.d /var/run/utmp | CIS CentOS 6 Server L2 v3.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - rules.d /var/run/utmp | CIS Oracle Linux 6 Server L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - wtmp | CIS Fedora 19 Family Linux Workstation L2 v1.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
