| 4.1.3.25 Ensure audit of kmod command | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.29 Ensure audit pam_timestamp_check command | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.30 Ensure audit of the finit_module syscall - 32 bit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.30 Ensure audit of the finit_module syscall - 64 bit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.31 Ensure audit of the create_module syscall - 32 bit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.31 Ensure audit of the create_module syscall - 64 bit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure login and logout events are collected - '/var/log/tallylog' | CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure login and logout events are collected - '/var/log/tallylog' | CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.9 Ensure session initiation information is collected - '/var/run/utmp' | CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.9 Ensure session initiation information is collected - '/var/run/utmp' | CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.9 Ensure session initiation information is collected - 'auditctl utmp' | CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.9 Ensure session initiation information is collected - 'auditctl wtmp' | CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.9 Ensure session initiation information is collected - 'auditctl wtmp' | CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.9 Ensure session initiation information is collected - auditctl btmp | CIS Amazon Linux v2.1.0 L2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.9 Ensure session initiation information is collected - auditctl utmp | CIS Amazon Linux v2.1.0 L2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.9 Ensure session initiation information is collected - btmp | CIS Amazon Linux v2.1.0 L2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.9 Ensure session initiation information is collected - wtmp | CIS Amazon Linux v2.1.0 L2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.008 - Auditing must be configured as required. - 'Account Management -> Computer Account Management' | DISA Windows Vista STIG v6r41 | Windows | AUDIT AND ACCOUNTABILITY |
| 4.008 - Auditing must be configured as required. - 'Account Management -> Other Account Management Events' | DISA Windows Vista STIG v6r41 | Windows | AUDIT AND ACCOUNTABILITY |
| 4.008 - Auditing must be configured as required. - 'Account Management -> Security Group Management' | DISA Windows Vista STIG v6r41 | Windows | AUDIT AND ACCOUNTABILITY |
| 6.12 Ensure all HTTP Header Logging options are enabled - Log Container Page | CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0 | Palo_Alto | AUDIT AND ACCOUNTABILITY |
| DG0029-ORACLE11 - Required auditing parameters for database auditing should be set - 'audit_trail != none' | DISA STIG Oracle 11 Instance v9r1 Database | OracleDB | AUDIT AND ACCOUNTABILITY |
| DG0141-ORACLE11 - Attempts to bypass access controls should be audited. | DISA STIG Oracle 11 Instance v9r1 Database | OracleDB | AUDIT AND ACCOUNTABILITY |
| DO0190-ORACLE11 - The audit table should be owned by SYS or SYSTEM - 'Audit table owner = SYS or SYSTEM' | DISA STIG Oracle 11 Instance v9r1 Database | OracleDB | AUDIT AND ACCOUNTABILITY |
| DO3610-ORACLE11 - Required object auditing should be configured - 'all_def_audit_opts count <> 0' | DISA STIG Oracle 11 Instance v9r1 Database | OracleDB | AUDIT AND ACCOUNTABILITY |
| DO3610-ORACLE11 - Required object auditing should be configured - 'Auditing for update and delete is enabled' | DISA STIG Oracle 11 Instance v9r1 Database | OracleDB | AUDIT AND ACCOUNTABILITY |
| Ensure login and logout events are collected - auditctl faillog | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY |
| Ensure login and logout events are collected - auditctl lastlog | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY |
| Ensure login and logout events are collected - auditctl tallylog | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY |
| Ensure login and logout events are collected - faillog | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY |
| Ensure session initiation information is collected - auditctl btmp | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY |
| Ensure session initiation information is collected - auditctl utmp | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY |
| Ensure session initiation information is collected - btmp | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY |
| Ensure session initiation information is collected - utmp | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY |
| Ensure session initiation information is collected - wtmp | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY |
| GEN006600 - The system's access control program must log each system access attempt - 'mail.*' | DISA STIG AIX 5.3 v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| WA00605 A22 - Error logging must be enabled. | DISA STIG Apache Site 2.2 Unix v1r11 | Unix | AUDIT AND ACCOUNTABILITY |
| WA00605 A22 - Error logging must be enabled. | DISA STIG Apache Site 2.2 Unix v1r11 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| WA00605 W22 - Error logging must be enabled. | DISA STIG Apache Site 2.2 Windows v1r13 | Windows | AUDIT AND ACCOUNTABILITY |
| WA00612 A22 - The sites error logs must log the correct format. | DISA STIG Apache Site 2.2 Unix v1r11 | Unix | AUDIT AND ACCOUNTABILITY |
| WA00615 A22 - System logging must be enabled. | DISA STIG Apache Site 2.2 Unix v1r11 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| WA00615 A22 - System logging must be enabled. | DISA STIG Apache Site 2.2 Unix v1r11 | Unix | AUDIT AND ACCOUNTABILITY |
| WA00615 W22 - System logging must be enabled. - 'CustomLog' | DISA STIG Apache Site 2.2 Windows v1r13 | Windows | AUDIT AND ACCOUNTABILITY |
| WA00615 W22 - System logging must be enabled. - 'ErrorLog' | DISA STIG Apache Site 2.2 Windows v1r13 | Windows | AUDIT AND ACCOUNTABILITY |
| WA00620 A22 - The LogLevel directive must be enabled. | DISA STIG Apache Site 2.2 Unix v1r11 | Unix | AUDIT AND ACCOUNTABILITY |
| WA00620 A22 - The LogLevel directive must be enabled. | DISA STIG Apache Site 2.2 Unix v1r11 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| WA00620 W22 - The LogLevel directive must be enabled. | DISA STIG Apache Site 2.2 Windows v1r13 | Windows | AUDIT AND ACCOUNTABILITY |
| WG205 W22 - The web document (home) directory must be in a separate partition from the web server's system files. - 'CustomLog' | DISA STIG Apache Site 2.2 Windows v1r13 | Windows | AUDIT AND ACCOUNTABILITY |
| WG205 W22 - The web document (home) directory must be in a separate partition from the web server's system files. - 'ErrorLog' | DISA STIG Apache Site 2.2 Windows v1r13 | Windows | AUDIT AND ACCOUNTABILITY |
| WG242 A22 - Log file data must contain required data elements. | DISA STIG Apache Site 2.2 Unix v1r11 | Unix | AUDIT AND ACCOUNTABILITY |
