| 4.1.3.11 Ensure unsuccessful unauthorized file access attempts are collected - ftruncate EPERM 32 bit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.3.11 Ensure unsuccessful unauthorized file access attempts are collected - openat EACCES 32 bit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.3.11 Ensure unsuccessful unauthorized file access attempts are collected - openat EPERM 32 bit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.3.11 Ensure unsuccessful unauthorized file access attempts are collected - truncate EACCES 32 bit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.3.14 Ensure events that modify user/group information are collected - group | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.3.14 Ensure events that modify user/group information are collected - gshadow | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.3.14 Ensure events that modify user/group information are collected - opasswd | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.3.14 Ensure events that modify user/group information are collected - passwd | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.3.14 Ensure events that modify user/group information are collected - shadow | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| Big Sur - Configure System to Audit All Deletions of Object Attributes | NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Big Sur - Configure System to Audit All Failed Change of Object Attributes | NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Big Sur - Configure System to Audit All Failed Change of Object Attributes | NIST macOS Big Sur v1.4.0 - 800-53r5 High | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Big Sur - Configure System to Audit All Failed Read Actions on the System | NIST macOS Big Sur v1.4.0 - 800-53r4 High | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Big Sur - Configure System to Audit All Failed Read Actions on the System | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Big Sur - Configure System to Audit All Failed Read Actions on the System | NIST macOS Big Sur v1.4.0 - CNSSI 1253 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Catalina - Configure System to Audit All Failed Change of Object Attributes | NIST macOS Catalina v1.5.0 - 800-171 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Catalina - Configure System to Audit All Failed Change of Object Attributes | NIST macOS Catalina v1.5.0 - CNSSI 1253 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Catalina - Configure System to Audit All Failed Read Actions on the System | NIST macOS Catalina v1.5.0 - 800-171 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Catalina - Configure System to Audit All Failed Read Actions on the System | NIST macOS Catalina v1.5.0 - 800-53r4 High | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Catalina - Configure System to Audit All Failed Read Actions on the System | NIST macOS Catalina v1.5.0 - All Profiles | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Catalina - Configure System to Audit All Failed Write Actions on the System | NIST macOS Catalina v1.5.0 - 800-53r4 High | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Catalina - Configure System to Audit All Failed Write Actions on the System | NIST macOS Catalina v1.5.0 - 800-53r4 Low | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Catalina - Configure System to Audit All Failed Write Actions on the System | NIST macOS Catalina v1.5.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| EP11-00-001200 - The EDB Postgres Advanced Server must generate audit records for DoD-defined auditable events. | EDB PostgreSQL Advanced Server v11 DB Audit v2r4 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| OL07-00-030870 - The Oracle Linux operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd. | DISA Oracle Linux 7 STIG v2r14 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| OL08-00-030260 - OL 8 must generate audit records for any uses of the 'chcon' command. | DISA Oracle Linux 8 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654025 - RHEL 9 must audit all uses of the setxattr, fsetxattr, lsetxattr, removexattr, fremovexattr, and lremovexattr system calls. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654050 - RHEL 9 must audit all uses of the semanage command. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654095 - RHEL 9 must audit all uses of the crontab command. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654125 - RHEL 9 must audit all uses of the postdrop command. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654130 - RHEL 9 must audit all uses of the postqueue command. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654140 - RHEL 9 must audit all uses of the ssh-keysign command. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654180 - RHEL 9 must audit all uses of the mount command. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-12-020280 - The SUSE operating system must generate audit records for all uses of the chfn command. | DISA SLES 12 STIG v2r13 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-12-020460 - The SUSE operating system must generate audit records for all uses of the chmod, fchmod, and fchmodat system calls. | DISA SLES 12 STIG v2r13 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-12-020620 - The SUSE operating system must generate audit records for all uses of the chacl command. | DISA SLES 12 STIG v2r13 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-12-020690 - The SUSE operating system must generate audit records for all uses of the chage command. | DISA SLES 12 STIG v2r13 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-12-020710 - The SUSE operating system must generate audit records for all uses of the crontab command. | DISA SLES 12 STIG v2r13 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-15-030030 - The SUSE operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/security/opasswd. | DISA SLES 15 STIG v2r2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| UBTU-18-010244 - The Ubuntu operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| UBTU-18-010245 - The Ubuntu operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/group. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| UBTU-18-010247 - The Ubuntu operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/shadow. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN16-AU-000120 - Windows Server 2016 must be configured to audit Account Management - Security Group Management successes. | DISA Windows Server 2016 STIG v2r9 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN16-AU-000140 - Windows Server 2016 must be configured to audit Account Management - User Account Management successes. | DISA Windows Server 2016 STIG v2r9 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN16-AU-000150 - Windows Server 2016 must be configured to audit Account Management - User Account Management failures. | DISA Windows Server 2016 STIG v2r9 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN16-DC-000230 - Windows Server 2016 must be configured to audit Account Management - Computer Account Management successes. | DISA Windows Server 2016 STIG v2r9 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN19-AU-000100 - Windows Server 2019 must be configured to audit Account Management - Security Group Management successes. | DISA Windows Server 2019 STIG v3r2 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN19-AU-000110 - Windows Server 2019 must be configured to audit Account Management - User Account Management successes. | DISA Windows Server 2019 STIG v3r2 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN19-AU-000120 - Windows Server 2019 must be configured to audit Account Management - User Account Management failures. | DISA Windows Server 2019 STIG v3r2 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN19-DC-000230 - Windows Server 2019 must be configured to audit Account Management - Computer Account Management successes. | DISA Windows Server 2019 STIG v3r2 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
