| APPL-15-000190 - The macOS system must configure sudo to log events. | DISA Apple macOS 15 (Sequoia) STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| CASA-ND-001250 - The Cisco ASA must be configured to generate audit records when concurrent logons from different workstations occur - logging buffered | DISA STIG Cisco ASA NDM v2r1 | Cisco | AUDIT AND ACCOUNTABILITY |
| CD12-00-005100 - PostgreSQL must generate audit records when successful logons or connections occur. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| CD12-00-005800 - PostgreSQL must generate audit records for all privileged activities or other system-level access. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| CD12-00-006100 - PostgreSQL must generate audit records when privileges/permissions are deleted. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| CD12-00-006400 - PostgreSQL must generate audit records when privileges/permissions are modified. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| CD12-00-006700 - PostgreSQL must generate audit records when categories of information (e.g., classification levels/security levels) is modified. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| EPAS-00-010300 - Audit records must be generated when unsuccessful attempts to access categorized information (e.g., classification levels/security levels) occur. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| EPAS-00-012200 - The EDB Postgres Advanced Server must generate audit records showing starting and ending time for user access to the database(s). | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| FGFW-ND-000075 - The FortiGate device must generate audit records when successful/unsuccessful logon attempts occur | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | AUDIT AND ACCOUNTABILITY |
| FGFW-ND-000080 - The FortiGate device must generate audit records for privileged activities or other system-level access | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | AUDIT AND ACCOUNTABILITY |
| MADB-10-009800 - MariaDB must generate audit records when privileges/permissions are added. | DISA MariaDB Enterprise 10.x v2r1 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MADB-10-010200 - MariaDB must generate audit records when security objects are modified. | DISA MariaDB Enterprise 10.x v2r1 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MADB-10-010400 - MariaDB must generate audit records when categories of information (e.g., classification levels/security levels) are modified. | DISA MariaDB Enterprise 10.x v2r1 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MADB-10-010800 - MariaDB must generate audit records when security objects are deleted. | DISA MariaDB Enterprise 10.x v2r1 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MADB-10-010900 - MariaDB must generate audit records when unsuccessful attempts to delete security objects occur. | DISA MariaDB Enterprise 10.x v2r1 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MADB-10-012000 - MariaDB must generate audit records for all direct access to the database(s). | DISA MariaDB Enterprise 10.x v2r1 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| PHTN-30-000068 - The Photon operating system must generate audit records when successful/unsuccessful logon attempts occur. | DISA STIG VMware vSphere 7.0 Photon OS v1r3 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-40-000175 The Photon operating system must be configured to audit the loading and unloading of dynamic kernel modules. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-67-000020 - The Photon operating system must generate audit records when successful/unsuccessful attempts to access privileges occur - 64 | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-67-000071 - The Photon operating system must generate audit records when the sudo command is used. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-67-000072 - The Photon operating system must generate audit records when successful/unsuccessful logon attempts occur - lastlog | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-654185 - Successful/unsuccessful uses of the init command in RHEL 9 must generate an audit record. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-654200 - Successful/unsuccessful uses of the shutdown command in RHEL 9 must generate an audit record. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| SQL2-00-011400 - SQL Server must generate audit records for the DoD-selected list of auditable events - 'Event ID 15' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-011400 - SQL Server must generate audit records for the DoD-selected list of auditable events - 'Event ID 20' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-011400 - SQL Server must generate audit records for the DoD-selected list of auditable events - 'Event ID 105' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-011400 - SQL Server must generate audit records for the DoD-selected list of auditable events - 'Event ID 109' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-011400 - SQL Server must generate audit records for the DoD-selected list of auditable events - 'Event ID 115' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-011400 - SQL Server must generate audit records for the DoD-selected list of auditable events - 'Event ID 132' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-011400 - SQL Server must generate audit records for the DoD-selected list of auditable events - 'Event ID 134' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-011400 - SQL Server must generate audit records for the DoD-selected list of auditable events - 'Event ID 135' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-011400 - SQL Server must generate audit records for the DoD-selected list of auditable events - 'Event ID 176' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-011400 - SQL Server must generate audit records for the DoD-selected list of auditable events - 'Event ID 177' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SYMP-AG-000120 - Symantec ProxySG providing user access control intermediary services must generate audit records when successful/unsuccessful logon attempts occur - enabled | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | AUDIT AND ACCOUNTABILITY |
| UBTU-20-010170 - The Ubuntu operating system must generate audit records for the use and modification of faillog file. | DISA STIG Ubuntu 20.04 LTS v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-20-010172 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the passwd command. | DISA STIG Ubuntu 20.04 LTS v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-20-010173 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the unix_update command. | DISA STIG Ubuntu 20.04 LTS v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-20-010278 - The Ubuntu operating system must generate audit records for the /var/run/utmp file. | DISA STIG Ubuntu 20.04 LTS v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-20-010279 - The Ubuntu operating system must generate audit records for the /var/log/btmp file. | DISA STIG Ubuntu 20.04 LTS v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-20-010297 - The Ubuntu operating system must generate audit records when successful/unsuccessful attempts to use the kmod command. | DISA STIG Ubuntu 20.04 LTS v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-22-654080 - Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful uses of the passwd command. | DISA STIG Canonical Ubuntu 22.04 LTS v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-22-654100 - Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful uses of the su command. | DISA STIG Canonical Ubuntu 22.04 LTS v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-22-654110 - Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful uses of the sudoedit command. | DISA STIG Canonical Ubuntu 22.04 LTS v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-22-654180 - Ubuntu 22.04 LTS must generate audit records for any use of the setxattr, fsetxattr, lsetxattr, removexattr, fremovexattr, and lremovexattr system calls. | DISA STIG Canonical Ubuntu 22.04 LTS v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-22-654185 - Ubuntu 22.04 LTS must generate audit records for any successful/unsuccessful use of unlink, unlinkat, rename, renameat, and rmdir system calls. | DISA STIG Canonical Ubuntu 22.04 LTS v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| WN11-AU-000005 - The system must be configured to audit Account Logon - Credential Validation failures. | DISA Windows 11 STIG v2r2 | Windows | AUDIT AND ACCOUNTABILITY |
| WN11-AU-000081 - Windows 11 must be configured to audit Object Access - File Share failures. | DISA Windows 11 STIG v2r2 | Windows | AUDIT AND ACCOUNTABILITY |
| WN11-AU-000107 - The system must be configured to audit Policy Change - Authorization Policy Change successes. | DISA Windows 11 STIG v2r2 | Windows | AUDIT AND ACCOUNTABILITY |
| WN11-AU-000135 - The system must be configured to audit System - Other System Events failures. | DISA Windows 11 STIG v2r2 | Windows | AUDIT AND ACCOUNTABILITY |
