| OL08-00-030200 - The OL 8 audit system must be configured to audit any use of the 'setxattr', 'fsetxattr', 'lsetxattr', 'removexattr', 'fremovexattr', and 'lremovexattr' system calls. | DISA Oracle Linux 8 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030250 - OL 8 must generate audit records for any use of the 'chage' command. | DISA Oracle Linux 8 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030301 - OL 8 must generate audit records for any use of the 'umount' command. | DISA Oracle Linux 8 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030310 - OL 8 must generate audit records for any use of the 'unix_update' command. | DISA Oracle Linux 8 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030311 - OL 8 must generate audit records for any use of the 'postdrop' command. | DISA Oracle Linux 8 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030312 - OL 8 must generate audit records for any use of the 'postqueue' command. | DISA Oracle Linux 8 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030360 - OL 8 must generate audit records for any use of the 'init_module' and 'finit_module' system calls. | DISA Oracle Linux 8 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030361 - OL 8 must generate audit records for any use of the 'rename', 'unlink', 'rmdir', 'renameat', and 'unlinkat' system calls. | DISA Oracle Linux 8 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030370 - OL 8 must generate audit records for any use of the 'gpasswd' command. | DISA Oracle Linux 8 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030400 - OL 8 must generate audit records for any use of the 'crontab' command. | DISA Oracle Linux 8 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030480 - OL 8 must generate audit records for any use of the 'chown', 'fchown', 'fchownat', and 'lchown' system calls. | DISA Oracle Linux 8 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030550 - OL 8 must generate audit records for any use of the 'sudo' command. | DISA Oracle Linux 8 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030600 - OL 8 must generate audit records for any attempted modifications to the 'lastlog' file. | DISA Oracle Linux 8 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030602 - OL 8 must allocate an 'audit_backlog_limit' of sufficient size to capture processes that start prior to the audit daemon. | DISA Oracle Linux 8 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654015 - RHEL 9 must audit all uses of the chmod, fchmod, and fchmodat system calls. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654020 - RHEL 9 must audit all uses of the chown, fchown, fchownat, and lchown system calls. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654035 - RHEL 9 must audit all uses of the chacl command. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654040 - RHEL 9 must audit all uses of the setfacl command. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654060 - RHEL 9 must audit all uses of the setsebool command. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654075 - RHEL 9 must audit all uses of the delete_module system call. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654080 - RHEL 9 must audit all uses of the init_module and finit_module system calls. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654085 - RHEL 9 must audit all uses of the chage command. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654090 - RHEL 9 must audit all uses of the chsh command. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654105 - RHEL 9 must audit all uses of the kmod command. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654110 - RHEL 9 must audit all uses of the newgrp command. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654120 - RHEL 9 must audit all uses of the passwd command. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654155 - RHEL 9 must audit all uses of the sudoedit command. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654160 - RHEL 9 must audit all uses of the unix_chkpwd command. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654165 - RHEL 9 must audit all uses of the unix_update command. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654170 - RHEL 9 must audit all uses of the userhelper command. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654175 - RHEL 9 must audit all uses of the usermod command. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-12-020250 - The SUSE operating system must generate audit records for all uses of the su command. | DISA SLES 12 STIG v2r13 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-12-020260 - The SUSE operating system must generate audit records for all uses of the sudo command. | DISA SLES 12 STIG v2r13 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-12-020290 - The SUSE operating system must generate audit records for all uses of the mount command. | DISA SLES 12 STIG v2r13 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-12-020300 - The SUSE operating system must generate audit records for all uses of the umount command. | DISA SLES 12 STIG v2r13 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-12-020310 - The SUSE operating system must generate audit records for all uses of the ssh-agent command. | DISA SLES 12 STIG v2r13 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-12-020320 - The SUSE operating system must generate audit records for all uses of the ssh-keysign command. | DISA SLES 12 STIG v2r13 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-12-020370 - The SUSE operating system must generate audit records for all uses of the setxattr, fsetxattr, lsetxattr, removexattr, fremovexattr, and lremovexattr syscalls. | DISA SLES 12 STIG v2r13 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-12-020420 - The SUSE operating system must generate audit records for all uses of the chown, fchown, fchownat, and lchown syscalls. | DISA SLES 12 STIG v2r13 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-12-020490 - The SUSE operating system must generate audit records for all uses of the creat, open, openat, open_by_handle_at, truncate, and ftruncate syscalls. | DISA SLES 12 STIG v2r13 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-12-020560 - The SUSE operating system must generate audit records for all uses of the gpasswd command. | DISA SLES 12 STIG v2r13 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-12-020580 - The SUSE operating system must generate audit records for a uses of the chsh command. | DISA SLES 12 STIG v2r13 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-12-020630 - Successful/unsuccessful attempts to modify categories of information (e.g., classification levels) must generate audit records. | DISA SLES 12 STIG v2r13 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-12-020650 - The SUSE operating system must generate audit records for all modifications to the tallylog file must generate an audit record. | DISA SLES 12 STIG v2r13 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-12-020660 - The SUSE operating system must generate audit records for all modifications to the lastlog file. | DISA SLES 12 STIG v2r13 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-12-020670 - The SUSE operating system must generate audit records for all uses of the passmass command. | DISA SLES 12 STIG v2r13 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-12-020680 - The SUSE operating system must generate audit records for all uses of the unix_chkpwd command. | DISA SLES 12 STIG v2r13 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-12-020700 - The SUSE operating system must generate audit records for all uses of the usermod command. | DISA SLES 12 STIG v2r13 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-12-020730 - The SUSE operating system must generate audit records for all uses of the delete_module command. | DISA SLES 12 STIG v2r13 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-12-020760 - The SUSE operating system must generate audit records for all modifications to the faillog file. | DISA SLES 12 STIG v2r13 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
