| 1.7 Ensure logging data is monitored | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | AUDIT AND ACCOUNTABILITY |
| 2.13 Ensure centralized and remote logging is configured | CIS Docker v1.7.0 L2 Docker - Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.3 Ensure journald is configured to send logs to rsyslog | CIS CentOS Linux 8 Workstation L1 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.3 Ensure journald is configured to send logs to rsyslog | CIS Debian Family Workstation L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.2.5 Ensure journald is not configured to send logs to rsyslog | CIS CentOS Linux 8 Workstation L1 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.2.5 Ensure remote syslog-ng messages are only accepted on designated log hosts | CIS Debian 8 Server L1 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.2.5 Ensure remote syslog-ng messages are only accepted on designated log hosts | CIS Debian 8 Workstation L1 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.4 Ensure permissions on all logfiles are configured | CIS Debian 9 Workstation L1 v1.0.1 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| 4.2.4 Ensure permissions on all logfiles are configured | CIS Debian 9 Server L1 v1.0.1 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| 4.8 (L1) Host must store one week of audit records | CIS VMware ESXi 8.0 v1.1.0 L1 | VMware | AUDIT AND ACCOUNTABILITY |
| 4.10 Ensure security group changes are monitored | CIS Amazon Web Services Foundations L2 3.0.0 | amazon_aws | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION |
| 5.1.1.3 Ensure journald is configured to send logs to rsyslog | CIS Oracle Linux 7 v4.0.0 L1 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.1.3 Ensure journald is configured to send logs to rsyslog | CIS Amazon Linux 2 v3.0.0 L1 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.1.3 Ensure journald is configured to send logs to rsyslog | CIS AlmaLinux OS 8 Workstation L1 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.1.3 Ensure journald is configured to send logs to rsyslog | CIS Oracle Linux 8 Server L1 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.1.3 Ensure journald is configured to send logs to rsyslog | CIS Oracle Linux 8 Workstation L1 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.1.3 Ensure journald is configured to send logs to rsyslog | CIS Amazon Linux 2023 Server L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.1.3 Ensure journald is configured to send logs to rsyslog | CIS Red Hat EL8 Server L1 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.1.3 Ensure journald is configured to send logs to rsyslog | CIS AlmaLinux OS 8 Server L1 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.1.5 Ensure journald is not configured to send logs to rsyslog | CIS Ubuntu Linux 18.04 LTS v2.2.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.1.5 Ensure journald is not configured to send logs to rsyslog | CIS Debian 10 Server L1 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.1.5 Ensure journald is not configured to send logs to rsyslog | CIS Debian 10 Workstation L1 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.1.5 Ensure journald is not configured to send logs to rsyslog | CIS Ubuntu Linux 20.04 LTS Server L1 v2.0.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.1.5 Ensure journald is not configured to send logs to rsyslog | CIS Ubuntu Linux 20.04 LTS Workstation L1 v2.0.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.2.3 Ensure journald is configured to send logs to rsyslog | CIS Debian 10 Server L1 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.2.3 Ensure journald is configured to send logs to rsyslog | CIS Debian 10 Workstation L1 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.2.3 Ensure journald is configured to send logs to rsyslog | CIS Ubuntu Linux 18.04 LTS v2.2.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.2.3 Ensure journald is configured to send logs to rsyslog | CIS Ubuntu Linux 20.04 LTS Workstation L1 v2.0.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.2.5 Ensure journald is not configured to send logs to rsyslog | CIS AlmaLinux OS 8 Workstation L1 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.2.5 Ensure journald is not configured to send logs to rsyslog | CIS Oracle Linux 8 Server L1 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.2.5 Ensure journald is not configured to send logs to rsyslog | CIS Red Hat EL8 Server L1 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.2.5 Ensure journald is not configured to send logs to rsyslog | CIS Red Hat EL8 Workstation L1 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.2.5 Ensure journald is not configured to send logs to rsyslog | CIS Oracle Linux 8 Workstation L1 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.2.5 Ensure journald is not configured to send logs to rsyslog | CIS AlmaLinux OS 8 Server L1 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.2.5 Ensure journald is not configured to send logs to rsyslog | CIS Rocky Linux 8 Workstation L1 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.3.3 Ensure journald is configured to send logs to rsyslog | CIS AlmaLinux OS 9 v2.0.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.3.3 Ensure journald is configured to send logs to rsyslog | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.3.3 Ensure journald is configured to send logs to rsyslog | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.3.3 Ensure journald is configured to send logs to rsyslog | CIS Rocky Linux 9 v2.0.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.3.3 Ensure journald is configured to send logs to rsyslog | CIS Rocky Linux 9 v2.0.0 L1 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.3.3 Ensure journald is configured to send logs to rsyslog | CIS Oracle Linux 9 v2.0.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.3.4 Ensure journald is configured to send logs to rsyslog | CIS SUSE Linux Enterprise 15 v2.0.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 7.3.1 Centralized Logging and Reporting | CIS Fortigate 7.0.x v1.3.0 L2 | FortiGate | AUDIT AND ACCOUNTABILITY |
| GOOG-12-002800 - Google Android 12 must be configured to enable audit logging. | AirWatch - DISA Google Android 12 COBO v1r2 | MDM | AUDIT AND ACCOUNTABILITY |
| GOOG-13-002800 - Google Android 13 must be configured to enable audit logging. | AirWatch - DISA Google Android 13 COPE v2r1 | MDM | AUDIT AND ACCOUNTABILITY |
| GOOG-13-002800 - Google Android 13 must be configured to enable audit logging. | AirWatch - DISA Google Android 13 COBO v2r1 | MDM | AUDIT AND ACCOUNTABILITY |
| GOOG-14-002800 - Google Android 14 must be configured to enable audit logging. | AirWatch - DISA Google Android 14 COBO v2r1 | MDM | AUDIT AND ACCOUNTABILITY |
| GOOG-14-002800 - Google Android 14 must be configured to enable audit logging. | AirWatch - DISA Google Android 14 COPE v2r1 | MDM | AUDIT AND ACCOUNTABILITY |
| RHEL-09-653095 - RHEL 9 must periodically flush audit records to disk to prevent the loss of audit records. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| SHPT-00-000405 - To support audit review, analysis, and reporting, SharePoint must integrate audit review, analysis, and reporting processes to support organizational processes for investigation and response to suspicious activities. | DISA STIG SharePoint 2010 v1r9 | Windows | AUDIT AND ACCOUNTABILITY |
