| 1.2.1 Ensure dm-verity is enabled | CIS Google Container-Optimized OS v1.2.0 L1 Server | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 1.6.1 Ensure Syslog Logging is configured | CIS Cisco NX-OS L2 v1.1.0 | Cisco | AUDIT AND ACCOUNTABILITY |
| 1.6.4 Configure Logging Timestamps | CIS Cisco NX-OS L1 v1.1.0 | Cisco | AUDIT AND ACCOUNTABILITY |
| 2.2.1 Ensure 'AUDIT_SYS_OPERATIONS' Is Set to 'TRUE' | CIS Oracle Server 19c DB Traditional Auditing v1.2.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 3.2.4 Ensure suspicious packets are logged - files net.ipv4.conf.all.log_martians = 1 | CIS Debian 8 Workstation L1 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.2.4 Ensure suspicious packets are logged - files net.ipv4.conf.all.log_martians = 1 | CIS Debian 8 Server L1 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.2.4 Ensure suspicious packets are logged - files net.ipv4.conf.default.log_martians = 1 | CIS Debian 8 Workstation L1 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.2.4 Ensure suspicious packets are logged - files net.ipv4.conf.default.log_martians = 1 | CIS Debian 8 Server L1 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.2.4 Ensure suspicious packets are logged - net.ipv4.conf.all.log_martians = 1 | CIS Debian 8 Server L1 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.2.4 Ensure suspicious packets are logged - net.ipv4.conf.all.log_martians = 1 | CIS Debian 8 Workstation L1 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.2.4 Ensure suspicious packets are logged - net.ipv4.conf.default.log_martians = 1 | CIS Debian 8 Server L1 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.2.4 Ensure suspicious packets are logged - net.ipv4.conf.default.log_martians = 1 | CIS Debian 8 Workstation L1 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.7 Ensure kernel module loading and unloading is collected - auditctl init_module | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.7 Ensure kernel module loading and unloading is collected - auditctl insmod | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.7 Ensure kernel module loading and unloading is collected - auditctl modprobe | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.7 Ensure kernel module loading and unloading is collected - auditctl rmmod | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.7 Ensure kernel module loading and unloading is collected - init_module | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.7 Ensure kernel module loading and unloading is collected - insmod | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.7 Ensure kernel module loading and unloading is collected - modprobe | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.7 Ensure kernel module loading and unloading is collected - rmmod | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.9 Ensure file deletion events by users are collected | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.9 Ensure file deletion events by users are collected - 64-bit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.9 Ensure file deletion events by users are collected - auditctl | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.9 Ensure file deletion events by users are collected - auditctl (64-bit) | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.20 Ensure audit the umount command | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.3.21 Ensure audit of postdrop command | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.3.22 Ensure audit of postqueue command. | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.3.37 Ensure audit of the mount command and syscall | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.3.37 Ensure audit of the mount command and syscall - 32 bit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.3.37 Ensure audit of the mount command and syscall - 64 bit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.8 Ensure login and logout events are collected - auditctl faillog | CIS Debian 8 Workstation L2 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure login and logout events are collected - auditctl lastlog | CIS Debian 8 Server L2 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure login and logout events are collected - auditctl tallylog | CIS Debian 8 Workstation L2 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure login and logout events are collected - faillog | CIS Debian 8 Workstation L2 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure login and logout events are collected - lastlog | CIS Debian 8 Server L2 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure login and logout events are collected - tallylog | CIS Debian 8 Server L2 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure login and logout events are collected - tallylog | CIS Debian 8 Workstation L2 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.9 Ensure session initiation information is collected - /var/log/wtmp | CIS Debian 8 Server L2 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.9 Ensure session initiation information is collected - /var/run/utmp | CIS Debian 8 Workstation L2 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.9 Ensure session initiation information is collected - /var/run/utmp | CIS Debian 8 Server L2 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.9 Ensure session initiation information is collected - auditctl /var/log/wtmp | CIS Debian 8 Workstation L2 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.9 Ensure session initiation information is collected - auditctl /var/run/utmp | CIS Debian 8 Server L2 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.9 Ensure session initiation information is collected - auditctl /var/run/utmp | CIS Debian 8 Workstation L2 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.5 Ensure SSH LogLevel is appropriate | CIS Debian 8 Workstation L1 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.5 Ensure SSH LogLevel is appropriate | CIS Debian 8 Server L1 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 6.1.12 Ensure the 'GRANT ANY PRIVILEGE' Audit Option Is Enabled | CIS Oracle Server 19c DB Traditional Auditing v1.2.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 6.2.8 Ensure That 'cloudsql.enable_pgaudit' Database Flag for each Cloud Sql Postgresql Instance Is Set to 'on' For Centralized Logging | CIS Google Cloud Platform v3.0.0 L1 | GCP | AUDIT AND ACCOUNTABILITY |
| 6.4 Ensure that Azure Monitor Resource Logging is Enabled for All Services that Support it | CIS Microsoft Azure Foundations v3.0.0 L1 | microsoft_azure | AUDIT AND ACCOUNTABILITY |
| 6.6 Ensure ALL Events are Audited - audit_log_filter | CIS MySQL 5.7 Enterprise Database L2 v2.0.0 | MySQLDB | AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION |
| 6.6 Ensure ALL Events are Audited - audit_log_user | CIS MySQL 5.7 Enterprise Database L2 v2.0.0 | MySQLDB | AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION |
