| 1.1.1 Enable 'aaa new-model' | CIS Cisco IOS 12 L1 v4.0.0 | Cisco | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION |
| 1.1.1.1 Syslog logging should be configured | CIS Palo Alto Firewall 11 v1.1.0 L1 | Palo_Alto | AUDIT AND ACCOUNTABILITY |
| 1.1.1.1 Syslog logging should be configured - user-id | CIS Palo Alto Firewall 9 v1.1.0 L1 | Palo_Alto | AUDIT AND ACCOUNTABILITY |
| 1.1.1.2 SNMPv3 traps should be configured | CIS Palo Alto Firewall 11 v1.1.0 L2 | Palo_Alto | AUDIT AND ACCOUNTABILITY |
| 1.1.1.2 SNMPv3 traps should be configured | CIS Palo Alto Firewall 10 v1.2.0 L2 | Palo_Alto | AUDIT AND ACCOUNTABILITY |
| 1.1.1.2 SNMPv3 traps should be configured - configuration | CIS Palo Alto Firewall 9 v1.1.0 L2 | Palo_Alto | AUDIT AND ACCOUNTABILITY |
| 1.1.1.2 SNMPv3 traps should be configured - host | CIS Palo Alto Firewall 9 v1.1.0 L2 | Palo_Alto | AUDIT AND ACCOUNTABILITY |
| 1.1.1.2 SNMPv3 traps should be configured - user-id | CIS Palo Alto Firewall 9 v1.1.0 L2 | Palo_Alto | AUDIT AND ACCOUNTABILITY |
| 1.1.3 Ensure 'Enable Log on High DP Load' is enabled | CIS Palo Alto Firewall 10 v1.2.0 L1 | Palo_Alto | AUDIT AND ACCOUNTABILITY |
| 1.1.9 Set 'aaa accounting network' | CIS Cisco IOS XE 16.x v2.1.0 L2 | Cisco | AUDIT AND ACCOUNTABILITY |
| 1.2.21 Ensure that the audit logs are forwarded off the cluster for retention | CIS RedHat OpenShift Container Platform v1.6.0 L1 | OpenShift | AUDIT AND ACCOUNTABILITY |
| 1.4.2.1 Ensure 'TACACS+/RADIUS' is configured correctly - protocol | CIS Cisco Firewall ASA 9 L1 v4.1.0 | Cisco | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION |
| 1.10.3 Ensure 'syslog hosts' is configured correctly | CIS Cisco ASA 9.x Firewall L1 v1.1.0 | Cisco | AUDIT AND ACCOUNTABILITY |
| 1.10.4 Ensure 'logging with the device ID' is configured correctly | CIS Cisco ASA 9.x Firewall L1 v1.1.0 | Cisco | AUDIT AND ACCOUNTABILITY |
| 2.2.28 Ensure 'Generate security audits' is set to 'LOCAL SERVICE, NETWORK SERVICE' - LOCAL SERVICE, NETWORK SERVICE | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS | Windows | AUDIT AND ACCOUNTABILITY |
| 2.4 Ensure Log Metric Filter and Alerts Exist for Project Ownership Assignments/Changes | CIS Google Cloud Platform v3.0.0 L1 | GCP | AUDIT AND ACCOUNTABILITY |
| 2.6 Turn off TRACE | CIS Apache Tomcat 10 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.1.10 Ensure the correct syslog facility is selected | CIS PostgreSQL 13 DB v1.2.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.10 Ensure the correct syslog facility is selected | CIS PostgreSQL 14 DB v 1.2.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.10 Ensure the correct syslog facility is selected | CIS PostgreSQL 16 DB v1.0.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.2.1 Ensure that a minimal audit policy is created | CIS RedHat OpenShift Container Platform v1.6.0 L1 | OpenShift | AUDIT AND ACCOUNTABILITY |
| 4.1.2 Ensure auditd service is enabled | CIS Debian 8 Workstation L2 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.2 Ensure auditd service is enabled | CIS Debian 8 Server L2 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.2.1 Ensure syslog-ng service is enabled | CIS Debian 8 Server L1 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.2.1 Ensure syslog-ng service is enabled | CIS Debian 8 Workstation L1 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.3 Ensure 'Turn on connectivity logging' is set to 'True' | CIS Microsoft Exchange Server 2019 L1 Mailbox v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 4.5 Ensure 'Message tracking logging' is set to 'True' | CIS Microsoft Exchange Server 2019 L1 Mailbox v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 5.2.1.2 Ensure auditing for processes that start prior to auditd is enabled | CIS Oracle Linux 7 v4.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.1.2 Ensure auditing for processes that start prior to auditd is enabled | CIS Oracle Linux 8 Server L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3 Ensure server parameter 'connection_throttle.enable' is set to 'ON' for PostgreSQL flexible server | CIS Microsoft Azure Foundations v3.0.0 L1 | microsoft_azure | AUDIT AND ACCOUNTABILITY |
| 5.2.3.16 Ensure successful and unsuccessful attempts to use the setfacl command are recorded | CIS Oracle Linux 7 v4.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.17 Ensure successful and unsuccessful attempts to use the chacl command are recorded | CIS Oracle Linux 8 Server L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.18 Ensure successful and unsuccessful attempts to use the usermod command are recorded | CIS Oracle Linux 7 v4.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.6 [LEGACY] Ensure server parameter 'log_connections' is set to 'ON' for PostgreSQL single server | CIS Microsoft Azure Foundations v3.0.0 L1 | microsoft_azure | AUDIT AND ACCOUNTABILITY |
| 5.3 Ensure 'Login Auditing' is set to 'failed logins' | CIS SQL Server 2016 Database L1 AWS RDS v1.4.0 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| 5.3 Ensure 'Login Auditing' is set to 'failed logins' | CIS SQL Server 2016 Database L1 DB v1.4.0 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| 5.3 Ensure 'Login Auditing' is set to 'failed logins' | CIS SQL Server 2022 Database L1 DB v1.1.0 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| 5.3 Ensure 'Login Auditing' is set to 'failed logins' | CIS Microsoft SQL Server 2019 v1.4.0 L1 AWS RDS | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| 5.3 Ensure 'Login Auditing' is set to 'failed logins' | CIS SQL Server 2022 Database L1 AWS RDS v1.1.0 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| 6.1.1 Configuring syslog - local logging - /var/adm/syslog | CIS IBM AIX 7.1 L1 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 6.1.1 Configuring syslog - local logging - auth.info in /etc/syslog.conf | CIS IBM AIX 7.1 L1 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 6.1.2 Ensure sudo logging is active | CIS IBM AIX 7 v1.0.0 L2 | Unix | AUDIT AND ACCOUNTABILITY |
| 6.4 Ensure Audit Logging Is Enabled | CIS MariaDB 10.6 Database L2 v1.1.0 | MySQLDB | AUDIT AND ACCOUNTABILITY |
| 6.4 Ensure that audit logging for 'MCP, tmsh and GUI' is set to enabled | CIS F5 Networks v1.0.0 L1 | F5 | AUDIT AND ACCOUNTABILITY |
| 6.5 Ensure Audit Logging Is Enabled - audit_log_filter | CIS MySQL 5.7 Community Database L2 v2.0.0 | MySQLDB | AUDIT AND ACCOUNTABILITY |
| 6.25 Ensure that 'DNS Policies' is configured on Anti-Spyware profiles if 'DNS Security' license is available | CIS Palo Alto Firewall 10 v1.2.0 L1 | Palo_Alto | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
| 6.25 Ensure that 'DNS Policies' is configured on Anti-Spyware profiles if 'DNS Security' license is available | CIS Palo Alto Firewall 11 v1.1.0 L1 | Palo_Alto | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
| 20.6 Ensure 'Active Directory Group Policy objects are configured with proper audit settings' (STIG DC only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | AUDIT AND ACCOUNTABILITY |
| 20.6 Ensure 'Active Directory Group Policy objects are configured with proper audit settings' (STIG DC only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC | Windows | AUDIT AND ACCOUNTABILITY |
| Ensure 'TACACS+/RADIUS' is configured correctly - protocol | Tenable Cisco Firepower Best Practices Audit | Cisco | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION |
