| 4.1.3.12 Ensure discretionary access control permission modification events are collected - chmod 64 bit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.12 Ensure discretionary access control permission modification events are collected - fchmod 32 bit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.12 Ensure discretionary access control permission modification events are collected - fchmod 64 bit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.12 Ensure discretionary access control permission modification events are collected - fchmodat 64 bit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.12 Ensure discretionary access control permission modification events are collected - fremovexattr 32 bit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.12 Ensure discretionary access control permission modification events are collected - fremovexattr 64 bit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.12 Ensure discretionary access control permission modification events are collected - fsetxattr 32 bit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.12 Ensure discretionary access control permission modification events are collected - fsetxattr 64 bit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.12 Ensure discretionary access control permission modification events are collected - lremovexattr 32 bit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.12 Ensure discretionary access control permission modification events are collected - lsetxattr 32 bit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.12 Ensure discretionary access control permission modification events are collected - removexattr 32 bit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.12 Ensure discretionary access control permission modification events are collected - removexattr 64 bit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.12 Ensure discretionary access control permission modification events are collected - setxattr 32 bit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY |
| ALMA-09-047980 - AlmaLinux OS 9 must enable auditing of processes that start prior to the audit daemon. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| AOSX-13-000120 - The macOS system must generate audit records for all account creations, modifications, disabling, and termination events; privileged activities or other system-level access; all kernel module load, unload, and restart actions; all program initiations; and organizationally defined events for all non-local maintenance and diagnostic sessions. | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| AOSX-15-001001 - The macOS system must generate audit records for all account creations, modifications, disabling, and termination events; privileged activities or other system-level access; all kernel module load, unload, and restart actions; all program initiations; and organizationally defined events for all non-local maintenance and diagnostic sessions. | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| APPL-14-001020 The macOS system must be configured to audit all deletions of object attributes. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| APPL-14-001021 The macOS system must be configured to audit all changes of object attributes. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| APPL-15-001001 - The macOS system must be configured to audit all administrative action events. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ARST-ND-000790 - The Arista network device must be configured to capture all DOD auditable events. | DISA STIG Arista MLS EOS 4.2x NDM v2r1 | Arista | AUDIT AND ACCOUNTABILITY |
| RHEL-09-212055 - RHEL 9 must enable auditing of processes that start prior to the audit daemon. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| TCAT-AS-000050 - AccessLogValve must be configured for each application context. | DISA STIG Apache Tomcat Application Server 9 v3r2 Middleware | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| UBTU-16-020380 - Successful/unsuccessful uses of the mount command must generate an audit record - b64 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020470 - The audit system must be configured to audit any usage of the lsetxattr system call - user b32 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020480 - The audit system must be configured to audit any usage of the fsetxattr system call - root b32 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020510 - The audit system must be configured to audit any usage of the fremovexattr system call - root b64 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020520 - Successful/unsuccessful uses of the chown command must generate an audit record - b32 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020520 - Successful/unsuccessful uses of the chown command must generate an audit record - b64 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020540 - Successful/unsuccessful uses of the fchownat command must generate an audit record - b32 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020550 - Successful/unsuccessful uses of the lchown command must generate an audit record - b64 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020560 - Successful/unsuccessful uses of the chmod command must generate an audit record - b32 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020580 - Successful/unsuccessful uses of the fchmodat command must generate an audit record - b64 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020590 - Successful/unsuccessful uses of the open command must generate an audit record - EACCES b32 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020590 - Successful/unsuccessful uses of the open command must generate an audit record - EACCES b64 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020590 - Successful/unsuccessful uses of the open command must generate an audit record - EPERM b32 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020600 - Successful/unsuccessful uses of the truncate command must generate an audit record - EACCES b32 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020600 - Successful/unsuccessful uses of the truncate command must generate an audit record - EPERM b32 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020600 - Successful/unsuccessful uses of the truncate command must generate an audit record - EPERM b64 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020610 - Successful/unsuccessful uses of the ftruncate command must generate an audit record - EPERM b32 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020620 - Successful/unsuccessful uses of the creat command must generate an audit record - EACCES b32 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020620 - Successful/unsuccessful uses of the creat command must generate an audit record - EACCES b64 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020620 - Successful/unsuccessful uses of the creat command must generate an audit record - EPERM b64 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020630 - Successful/unsuccessful uses of the openat command must generate an audit record - EACCES b64 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020630 - Successful/unsuccessful uses of the openat command must generate an audit record - EPERM b32 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020640 - Successful/unsuccessful uses of the open_by_handle_at command must generate an audit record - EPERM b32 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020700 - Successful/unsuccessful uses of the apparmor_parser command must generate an audit record. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020720 - Successful/unsuccessful uses of the chacl command must generate an audit record. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020730 - Successful/unsuccessful modifications to the tallylog file must generate an audit record. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020810 - Successful/unsuccessful uses of the crontab command must generate an audit record. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020850 - Successful/unsuccessful uses of the delete_module command must generate an audit record - b32 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
