| 1.1.2.9 Set 'Audit Policy: Object Access: Detailed File Share' to 'No Auditing' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.1.2.20 Set 'Audit Policy: Privilege Use: Other Privilege Use Events' to 'No Auditing' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.1.2.23 Set 'Audit Policy: Policy Change: Authorization Policy Change' to 'No Auditing' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.1.2.39 Set 'Audit Policy: DS Access: Detailed Directory Service Replication' to 'No Auditing' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.1.2.40 Set 'Audit Policy: Object Access: Other Object Access Events' to 'No Auditing' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.1.2.41 Set 'Audit Policy: Object Access: Filtering Platform Connection' to 'No Auditing' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.5 Audit docker daemon | CIS Docker 1.13.0 v1.0.0 L1 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 1.7 Audit docker daemon | CIS Docker 1.12.0 v1.0.0 L1 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 1.7.9 - Miscellaneous Enhancements - AIX Auditing - 'validate /etc/security/audit/config - <user> = general,SRC,cron,tcpip' | CIS AIX 5.3/6.1 L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 1.8 Audit docker daemon | CIS Docker 1.6 v1.0.0 L1 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 1.8 Audit Docker files and directories - /var/lib/docker | CIS Docker 1.12.0 v1.0.0 L1 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 1.9 Audit Docker files and directories - /etc/docker | CIS Docker 1.11.0 v1.0.0 L1 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 1.9 Audit Docker files and directories - /var/lib/docker | CIS Docker 1.6 v1.0.0 L1 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 1.12 Audit Docker files and directories - /usr/bin/docker-containerd | CIS Docker 1.13.0 v1.0.0 L1 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 1.13 Audit Docker files and directories - /etc/docker/daemon.json | CIS Docker 1.12.0 v1.0.0 L1 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 1.13 Audit Docker files and directories - /var/run/docker.sock | CIS Docker 1.6 v1.0.0 L1 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 1.16 Audit Docker files and directories - /etc/sysconfig/docker-registry | CIS Docker 1.6 v1.0.0 L1 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 2.2.1 Set 'logging on' | CIS Cisco IOS 12 L1 v4.0.0 | Cisco | AUDIT AND ACCOUNTABILITY |
| 3.1.12 Set administrative notification level | CIS IBM DB2 v10 v1.1.0 Windows OS Level 1 | Windows | AUDIT AND ACCOUNTABILITY |
| 3.3 Configure Security Auditing Flags - 'audit successful/failed administrative events' | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.2.13 Ensure audit of kmod command | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.2.19 Ensure audit of semanage command | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.2.22 Ensure audit of setfiles command | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.2.25 Ensure audit of the mount command and syscall | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.13 Ensure file deletion events by users are collected | CIS CentOS Linux 8 Workstation L2 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.14 Ensure file deletion events by users are collected | CIS Amazon Linux v2.1.0 L2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.3.1 Configure a syslog channel 'default local_syslog' | CIS ISC BIND 9.0/9.5 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.3.2 Configure a File Channel 'config' | CIS ISC BIND 9.0/9.5 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.3.2 Configure a File Channel 'secure.log' | CIS ISC BIND 9.0/9.5 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.3 Ensure AWS Cloudfront Logging is enabled | CIS Amazon Web Services Three-tier Web Architecture L1 1.0.0 | amazon_aws | AUDIT AND ACCOUNTABILITY |
| 5.4 Ensure Cloudwatch Log Group is created for Web Tier | CIS Amazon Web Services Three-tier Web Architecture L1 1.0.0 | amazon_aws | AUDIT AND ACCOUNTABILITY |
| 7.2 Specify file handler in logging.properties (check if java.util.logging.ConsoleHandler logging is enabled in default) | CIS Apache Tomcat 7 L1 v1.1.0 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| 7.2 Specify file handler in logging.properties (check if java.util.logging.ConsoleHandler logging is enabled in web application) | CIS Apache Tomcat 7 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 7.2 Specify file handler in logging.properties (check if org.apache.juli.FileHandler exists in default) | CIS Apache Tomcat 7 L1 v1.1.0 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| 7.2 Specify file handler in logging.properties (check if org.apache.juli.FileHandler exists in web application) | CIS Apache Tomcat 7 L1 v1.1.0 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| 7.2 Specify file handler in logging.properties (check if org.apache.juli.FileHandler logging is enabled in default) | CIS Apache Tomcat 7 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 7.2 Specify file handler in logging.properties (check if org.apache.juli.FileHandler logging is enabled in web application) | CIS Apache Tomcat 7 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 7.2 Specify file handler in logging.properties (check if org.apache.juli.FileHandler logging is enabled in web application) | CIS Apache Tomcat 7 L1 v1.1.0 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| 7.2.4 Log Suspicious Packets - net.ipv4.conf.default.log_martians | CIS Debian Linux 7 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 7.5 Ensure pattern in context.xml is correct | CIS Apache Tomcat 7 L1 v1.1.0 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| 8.1.4 Record Events That Modify Date and Time Information - 64 bit adjtimex | CIS Debian Linux 7 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 8.1.5 Record Events That Modify User/Group Information - /etc/security/opasswd | CIS Debian Linux 7 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 8.1.5 Record Events That Modify User/Group Information - /etc/shadow | CIS Debian Linux 7 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 8.1.6 Record Events That Modify the System's Network Environment - /etc/network | CIS Debian Linux 7 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 8.1.7 Record Events That Modify the System's Mandatory Access Controls | CIS Debian Linux 7 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 8.1.10 Collect Discretionary Access Control Permission Modification Events - 32 bit chmod | CIS Debian Linux 7 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 8.1.10 Collect Discretionary Access Control Permission Modification Events - 32 bit chown | CIS Debian Linux 7 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 8.1.13 Collect Successful File System Mounts - 64 bit mount | CIS Debian Linux 7 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 17.3.1 Ensure 'Audit Process Creation' is set to include 'Success' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 17.7.4 Ensure 'Audit MPSSVC Rule-Level Policy Change' is set to 'Success and Failure' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | AUDIT AND ACCOUNTABILITY |
