| 1.6 Audit Docker files and directories - /var/lib/docker | CIS Docker 1.13.0 v1.0.0 L1 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 1.7.9 - Miscellaneous Enhancements - AIX Auditing - 'validate /etc/security/audit/config - bin1 = /audit/bin1' | CIS AIX 5.3/6.1 L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 1.8 Audit Docker files and directories - docker.service | CIS Docker 1.13.0 v1.0.0 L1 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 1.10 Audit Docker files and directories - docker.service | CIS Docker 1.12.0 v1.0.0 L1 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 1.10.1 Ensure 'logging' is enabled | CIS Cisco Firewall v8.x L1 v4.2.0 | Cisco | AUDIT AND ACCOUNTABILITY |
| 1.11 Audit Docker files and directories - docker-registry.service | CIS Docker 1.6 v1.0.0 L1 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 1.12 Audit Docker files and directories - /etc/default/docker | CIS Docker 1.11.0 v1.0.0 L1 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 1.14 Audit Docker files and directories - /usr/bin/docker-containerd | CIS Docker 1.11.0 v1.0.0 L1 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 1.15 Audit Docker files and directories - /usr/bin/docker-runc | CIS Docker 1.12.0 v1.0.0 L1 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 2.2.3 Ensure SNMP traps is enabled - configurationSave | CIS Check Point Firewall L1 v1.1.0 | CheckPoint | AUDIT AND ACCOUNTABILITY |
| 2.2.4 Ensure SNMP traps receivers is set | CIS Check Point Firewall L1 v1.1.0 | CheckPoint | AUDIT AND ACCOUNTABILITY |
| 2.6.1 Ensure mgmtauditlogs is set to on | CIS Check Point Firewall L1 v1.1.0 | CheckPoint | AUDIT AND ACCOUNTABILITY |
| 2.6.2 Ensure auditlog is set to permanent | CIS Check Point Firewall L1 v1.1.0 | CheckPoint | AUDIT AND ACCOUNTABILITY |
| 3.1.12 Set administrative notification level | CIS IBM DB2 v10 v1.1.0 Windows OS Level 2 | Windows | AUDIT AND ACCOUNTABILITY |
| 3.1.15 Set administrative notification level | CIS IBM DB2 9 Benchmark v3.0.1 Level 2 DB | IBM_DB2DB | AUDIT AND ACCOUNTABILITY |
| 3.3 Configure Security Auditing Flags - 'audit all failed events across all audit classes' | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.3 Configure Security Auditing Flags - 'audit successful/failed file attribute modification events' | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.3 Configure Security Auditing Flags - 'audit successful/failed login/logout events' | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.4 Enable remote logging for Desktops on trusted networks | CIS Apple OSX 10.9 L2 v1.3.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.2.1 Ensure all uses of the passwd command are audited. | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.2.3 Ensure audit of the gpasswd command | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.2.6 Ensure audit all uses of the chsh command. | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.2.8 Ensure audit of postdrop command | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.2.10 Ensure audit ssh-keysign command. | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.2.16 Ensure audit unlinkat syscall - 32 bit | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.2.18 Ensure audit of the finit_module syscall - 64 bit | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.2.25 Ensure audit of the mount command and syscall - 32 bit | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.3.2 Configure a File Channel 'debug.log' | CIS ISC BIND 9.0/9.5 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.3.2 Configure a File Channel 'network' | CIS ISC BIND 9.0/9.5 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.3.2 Configure a File Channel 'xfer-out' | CIS ISC BIND 9.0/9.5 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 7.2 Specify file handler in logging.properties (check if java.util.logging.ConsoleHandler exists in web application) | CIS Apache Tomcat 7 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 7.2 Specify file handler in logging.properties (check if java.util.logging.ConsoleHandler exists in web application) | CIS Apache Tomcat 7 L1 v1.1.0 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| 7.2 Specify file handler in logging.properties (check if java.util.logging.ConsoleHandler exists inin default) | CIS Apache Tomcat 7 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 7.2 Specify file handler in logging.properties (check if org.apache.juli.FileHandler exists in web application) | CIS Apache Tomcat 7 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 7.2 Specify file handler in logging.properties (check if org.apache.juli.FileHandler logging is enabled in default) | CIS Apache Tomcat 7 L1 v1.1.0 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| 7.2.4 Log Suspicious Packets - net.ipv4.conf.all.log_martians | CIS Debian Linux 7 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 7.5 Ensure pattern in context.xml is correct | CIS Apache Tomcat 7 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 8.1.4 Record Events That Modify Date and Time Information - 32 bit adjtimex | CIS Debian Linux 7 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 8.1.5 Record Events That Modify User/Group Information - /etc/passwd | CIS Debian Linux 7 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 8.1.6 Record Events That Modify the System's Network Environment - 32 bit system-locale | CIS Debian Linux 7 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 8.1.10 Collect Discretionary Access Control Permission Modification Events - 64 bit chown | CIS Debian Linux 7 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 8.1.11 Collect Unsuccessful Unauthorized Access Attempts to Files - 64 bit EACCES | CIS Debian Linux 7 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 8.1.14 Collect File Deletion Events by User - 32 bit unlink | CIS Debian Linux 7 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 8.1.17 Collect Kernel Module Loading and Unloading - /sbin/insmod | CIS Debian Linux 7 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 8.2 AIX Auditing | CIS IBM AIX 7.2 L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| Ensure 'logging trap severity ' is greater than or equal to '5' | Tenable Cisco Firepower Threat Defense Best Practices Audit | Cisco_Firepower | AUDIT AND ACCOUNTABILITY |
| Ensure 'SNMP traps' is enabled - authentication | Tenable Cisco Firepower Threat Defense Best Practices Audit | Cisco_Firepower | AUDIT AND ACCOUNTABILITY |
| Syslog - Console Destination - Admin State | Tenable Cisco ACI | Cisco_ACI | AUDIT AND ACCOUNTABILITY |
| Syslog - Console Destination - Severity | Tenable Cisco ACI | Cisco_ACI | AUDIT AND ACCOUNTABILITY |
| Syslog Remote Destination - Severity | Tenable Cisco ACI | Cisco_ACI | AUDIT AND ACCOUNTABILITY |
