| ALMA-09-046330 - AlmaLinux OS 9 must generate audit records for any use of the "reboot" command. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r6 | Unix | AUDIT AND ACCOUNTABILITY |
| CASA-ND-001210 - The Cisco ASA must be configured to generate audit records when successful/unsuccessful attempts to delete administrator privileges occur. | DISA STIG Cisco ASA NDM v2r4 | Cisco | AUDIT AND ACCOUNTABILITY |
| CASA-VN-000720 - The Cisco ASA VPN remote access server must be configured to generate log records when successful and/or unsuccessful VPN connection attempts occur. | DISA STIG Cisco ASA VPN v2r2 | Cisco | AUDIT AND ACCOUNTABILITY |
| FNFG-FW-000165 - The FortiGate firewall must generate traffic log records when attempts are made to send packets between security zones that are not authorized to communicate. | DISA Fortigate Firewall STIG v1r4 | FortiGate | AUDIT AND ACCOUNTABILITY |
| PHTN-30-000068 - The Photon operating system must generate audit records when successful/unsuccessful logon attempts occur. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-30-000070 - The Photon operating system auditd service must generate audit records for all account creations, modifications, disabling, and termination events. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-40-000173 - The Photon operating system must generate audit records when successful/unsuccessful logon attempts occur. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-40-000175 - The Photon operating system must be configured to audit the loading and unloading of dynamic kernel modules. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-654190 - Successful/unsuccessful uses of the poweroff command in RHEL 9 must generate an audit record. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-654195 - Successful/unsuccessful uses of the reboot command in RHEL 9 must generate an audit record. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-10-500620 - RHEL 10 must generate audit records for successful and unsuccessful uses of the "init" command. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-10-500630 - RHEL 10 must generate audit records for successful and unsuccessful uses of the "poweroff" command. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| SLEM-05-654230 - SLEM 5 must generate audit records for the "/run/utmp file". | DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-22-654015 - Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful uses of the chacl command. | DISA Canonical Ubuntu 22.04 LTS STIG v2r8 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-22-654025 - Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful uses of the chcon command. | DISA Canonical Ubuntu 22.04 LTS STIG v2r8 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-22-654041 - Ubuntu 22.04 LTS must audit any script or executable called by cron as root or by any privileged user. | DISA Canonical Ubuntu 22.04 LTS STIG v2r8 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-22-654070 - Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful uses of the newgrp command. | DISA Canonical Ubuntu 22.04 LTS STIG v2r8 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-22-654100 - Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful uses of the su command. | DISA Canonical Ubuntu 22.04 LTS STIG v2r8 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-22-654160 - Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful uses of the chown, fchown, fchownat, and lchown system calls. | DISA Canonical Ubuntu 22.04 LTS STIG v2r8 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-22-654195 - Ubuntu 22.04 LTS must generate audit records for the /var/log/btmp file. | DISA Canonical Ubuntu 22.04 LTS STIG v2r8 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-22-654225 - Ubuntu 22.04 LTS must generate audit records when successful/unsuccessful attempts to modify the /etc/sudoers.d directory occur. | DISA Canonical Ubuntu 22.04 LTS STIG v2r8 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-24-900070 - Ubuntu 24.04 LTS must generate audit records for successful/unsuccessful uses of the su command. | DISA Canonical Ubuntu 24.04 LTS STIG v1r5 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-24-900110 - Ubuntu 24.04 LTS must generate audit records for successful/unsuccessful uses of the ssh-agent command. | DISA Canonical Ubuntu 24.04 LTS STIG v1r5 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-24-900160 - Ubuntu 24.04 LTS must generate audit records for successful/unsuccessful uses of the creat, open, openat, open_by_handle_at, truncate, and ftruncate system calls. | DISA Canonical Ubuntu 24.04 LTS STIG v1r5 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-24-900270 - Ubuntu 24.04 LTS must generate audit records for successful/unsuccessful uses of the passwd command. | DISA Canonical Ubuntu 24.04 LTS STIG v1r5 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-24-900290 - Ubuntu 24.04 LTS must generate audit records for successful/unsuccessful uses of the gpasswd command. | DISA Canonical Ubuntu 24.04 LTS STIG v1r5 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-24-900300 - Ubuntu 24.04 LTS must generate audit records for successful/unsuccessful uses of the chage command. | DISA Canonical Ubuntu 24.04 LTS STIG v1r5 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-24-900520 - Ubuntu 24.04 LTS must generate audit records when successful/unsuccessful attempts to modify the /etc/sudoers.d directory occur. | DISA Canonical Ubuntu 24.04 LTS STIG v1r5 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-24-900540 - Ubuntu 24.04 LTS must generate audit records for any successful/unsuccessful use of unlink, unlinkat, rename, renameat, and rmdir system calls. | DISA Canonical Ubuntu 24.04 LTS STIG v1r5 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-24-900590 - Ubuntu 24.04 LTS must generate audit records for the /var/log/wtmp file. | DISA Canonical Ubuntu 24.04 LTS STIG v1r5 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-24-900730 - Ubuntu 24.04 LTS must generate audit records when successful/unsuccessful attempts to use modprobe command. | DISA Canonical Ubuntu 24.04 LTS STIG v1r5 | Unix | AUDIT AND ACCOUNTABILITY |
| WN11-AU-000060 - The system must be configured to audit Logon/Logoff - Group Membership successes. | DISA Microsoft Windows 11 STIG v2r7 | Windows | AUDIT AND ACCOUNTABILITY |
| WN11-AU-000070 - The system must be configured to audit Logon/Logoff - Logon failures. | DISA Microsoft Windows 11 STIG v2r7 | Windows | AUDIT AND ACCOUNTABILITY |
| WN11-AU-000587 - Windows 11 must be configured to audit sensitive privilege use successes. | DISA Microsoft Windows 11 STIG v2r7 | Windows | AUDIT AND ACCOUNTABILITY |
| WN11-AU-000589 - Windows 11 must be configured to audit registry failures. | DISA Microsoft Windows 11 STIG v2r7 | Windows | AUDIT AND ACCOUNTABILITY |
| WN11-EP-000310 - Windows 11 Kernel (Direct Memory Access) DMA Protection must be enabled. | DISA Microsoft Windows 11 STIG v2r7 | Windows | AUDIT AND ACCOUNTABILITY |
| WN19-AU-000585 - Windows Server 2019 must be configured to audit registry failures. | DISA Microsoft Windows Server 2019 STIG v3r8 | Windows | AUDIT AND ACCOUNTABILITY |
| WN19-AU-000588 - Windows Server 2019 must be configured to audit sensitive privilege use failures. | DISA Microsoft Windows Server 2019 STIG v3r8 | Windows | AUDIT AND ACCOUNTABILITY |
| WN22-AU-000070 - Windows Server 2022 must be configured to audit Account Logon - Credential Validation successes. | DISA Microsoft Windows Server 2022 STIG v2r8 | Windows | AUDIT AND ACCOUNTABILITY |
| WN22-AU-000130 - Windows Server 2022 must be configured to audit Detailed Tracking - Plug and Play Events successes. | DISA Microsoft Windows Server 2022 STIG v2r8 | Windows | AUDIT AND ACCOUNTABILITY |
| WN22-AU-000180 - Windows Server 2022 must be configured to audit logoff successes. | DISA Microsoft Windows Server 2022 STIG v2r8 | Windows | AUDIT AND ACCOUNTABILITY |
| WN22-AU-000210 - Windows Server 2022 must be configured to audit Logon/Logoff - Special Logon successes. | DISA Microsoft Windows Server 2022 STIG v2r8 | Windows | AUDIT AND ACCOUNTABILITY |
| WN22-AU-000240 - Windows Server 2022 must be configured to audit Object Access - Removable Storage successes. | DISA Microsoft Windows Server 2022 STIG v2r8 | Windows | AUDIT AND ACCOUNTABILITY |
| WN22-AU-000250 - Windows Server 2022 must be configured to audit Object Access - Removable Storage failures. | DISA Microsoft Windows Server 2022 STIG v2r8 | Windows | AUDIT AND ACCOUNTABILITY |
| WN22-AU-000588 - Windows Server 2022 must be configured to audit sensitive privilege use failures. | DISA Microsoft Windows Server 2022 STIG v2r8 | Windows | AUDIT AND ACCOUNTABILITY |
| WN25-AU-000130 - Windows Server 2025 must be configured to audit Detailed Tracking - Plug and Play Events successes. | DISA Microsoft Windows Server 2025 STIG v1r1 | Windows | AUDIT AND ACCOUNTABILITY |
| WN25-AU-000170 - Windows Server 2025 must be configured to audit Logon/Logoff - Group Membership successes. | DISA Microsoft Windows Server 2025 STIG v1r1 | Windows | AUDIT AND ACCOUNTABILITY |
| WN25-AU-000240 - Windows Server 2025 must be configured to audit Object Access - Removable Storage successes. | DISA Microsoft Windows Server 2025 STIG v1r1 | Windows | AUDIT AND ACCOUNTABILITY |
| WN25-AU-000582 - Windows Server 2025 must be configured to audit file system successes. | DISA Microsoft Windows Server 2025 STIG v1r1 | Windows | AUDIT AND ACCOUNTABILITY |
| WN25-AU-000585 - Windows Server 2025 must be configured to audit registry failures. | DISA Microsoft Windows Server 2025 STIG v1r1 | Windows | AUDIT AND ACCOUNTABILITY |
