| ALMA-09-047650 - AlmaLinux OS 9 must generate audit records for any use of the "mount" command. | DISA CloudLinux AlmaLinux OS 9 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-047760 - AlmaLinux OS 9 must generate audit records for any use of the "umount" command. | DISA CloudLinux AlmaLinux OS 9 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-047870 - Successful/unsuccessful uses of the umount2 system call in AlmaLinux OS 9 must generate an audit record. | DISA CloudLinux AlmaLinux OS 9 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-048310 - AlmaLinux OS 9 must generate audit records for any use of the "chage" command. | DISA CloudLinux AlmaLinux OS 9 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-048420 - AlmaLinux OS 9 must generate audit records for any use of the "chcon" command. | DISA CloudLinux AlmaLinux OS 9 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-049300 - AlmaLinux OS 9 must audit all uses of the kmod command. | DISA CloudLinux AlmaLinux OS 9 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-049410 - AlmaLinux OS 9 must generate audit records for any use of the "newgrp" command. | DISA CloudLinux AlmaLinux OS 9 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-049850 - AlmaLinux OS 9 must generate audit records for any use of the "su" command. | DISA CloudLinux AlmaLinux OS 9 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-050180 - AlmaLinux OS 9 must generate audit records for any use of the "setfacl" command. | DISA CloudLinux AlmaLinux OS 9 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-050290 - AlmaLinux OS 9 must generate audit records for any use of the "setfiles" command. | DISA CloudLinux AlmaLinux OS 9 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-050400 - AlmaLinux OS 9 must generate audit records for any use of the "setsebool" command. | DISA CloudLinux AlmaLinux OS 9 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-050510 - AlmaLinux OS 9 must generate audit records for any use of the "ssh-agent" command. | DISA CloudLinux AlmaLinux OS 9 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-050950 - AlmaLinux OS 9 must generate audit records for any use of the "unix_chkpwd" command. | DISA CloudLinux AlmaLinux OS 9 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-051060 - AlmaLinux OS 9 must generate audit records for any use of the "unix_update" command. | DISA CloudLinux AlmaLinux OS 9 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-051170 - AlmaLinux OS 9 must generate audit records for any use of the "userhelper" command. | DISA CloudLinux AlmaLinux OS 9 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030190 - OL 8 must generate audit records for any use of the 'su' command. | DISA Oracle Linux 8 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030200 - The OL 8 audit system must be configured to audit any use of the 'setxattr', 'fsetxattr', 'lsetxattr', 'removexattr', 'fremovexattr', and 'lremovexattr' system calls. | DISA Oracle Linux 8 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030280 - OL 8 must generate audit records for any use of the 'ssh-agent' command. | DISA Oracle Linux 8 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030300 - OL 8 must generate audit records for any use of the 'mount' command. | DISA Oracle Linux 8 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030311 - OL 8 must generate audit records for any use of the 'postdrop' command. | DISA Oracle Linux 8 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030420 - OL 8 must generate audit records for any use of the 'truncate', 'ftruncate', 'creat', 'open', 'openat', and 'open_by_handle_at' system calls. | DISA Oracle Linux 8 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030480 - OL 8 must generate audit records for any use of the 'chown', 'fchown', 'fchownat', and 'lchown' system calls. | DISA Oracle Linux 8 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030560 - OL 8 must generate audit records for any use of the 'usermod' command. | DISA Oracle Linux 8 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030570 - OL 8 must generate audit records for any use of the 'chacl' command. | DISA Oracle Linux 8 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030590 - OL 8 must generate audit records for any attempted modifications to the 'faillock' log file. | DISA Oracle Linux 8 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030600 - OL 8 must generate audit records for any attempted modifications to the 'lastlog' file. | DISA Oracle Linux 8 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030601 - OL 8 must enable auditing of processes that start prior to the audit daemon. | DISA Oracle Linux 8 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654025 - RHEL 9 must audit all uses of the setxattr, fsetxattr, lsetxattr, removexattr, fremovexattr, and lremovexattr system calls. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654030 - RHEL 9 must audit all uses of umount system calls. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654035 - RHEL 9 must audit all uses of the chacl command. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654055 - RHEL 9 must audit all uses of the setfiles command. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654135 - RHEL 9 must audit all uses of the ssh-agent command. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654175 - RHEL 9 must audit all uses of the usermod command. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654210 - Successful/unsuccessful uses of the umount2 system call in RHEL 9 must generate an audit record. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654255 - RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /var/log/lastlog. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-12-020250 - The SUSE operating system must generate audit records for all uses of the su command. | DISA SLES 12 STIG v3r1 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-12-020320 - The SUSE operating system must generate audit records for all uses of the ssh-keysign command. | DISA SLES 12 STIG v3r1 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-12-020360 - The SUSE operating system must generate audit records for all uses of the kmod command. | DISA SLES 12 STIG v3r1 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-12-020370 - The SUSE operating system must generate audit records for all uses of the setxattr, fsetxattr, lsetxattr, removexattr, fremovexattr, and lremovexattr syscalls. | DISA SLES 12 STIG v3r1 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-12-020550 - The SUSE operating system must generate audit records for all uses of the passwd command. | DISA SLES 12 STIG v3r1 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-12-020610 - The SUSE operating system must generate audit records for all uses of the setfacl command. | DISA SLES 12 STIG v3r1 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-12-020620 - The SUSE operating system must generate audit records for all uses of the chacl command. | DISA SLES 12 STIG v3r1 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-12-020650 - The SUSE operating system must generate audit records for all modifications to the tallylog file must generate an audit record. | DISA SLES 12 STIG v3r1 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-12-020660 - The SUSE operating system must generate audit records for all modifications to the lastlog file. | DISA SLES 12 STIG v3r1 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-15-030060 - The SUSE operating system must generate audit records for all uses of the ssh-keysign command. | DISA SLES 15 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-15-030130 - The SUSE operating system must generate audit records for all uses of the crontab command. | DISA SLES 15 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-15-030140 - The SUSE operating system must audit all uses of the sudoers file and all files in the /etc/sudoers.d/ directory. | DISA SLES 15 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-15-030190 - The SUSE operating system must generate audit records for all uses of the setxattr, fsetxattr, lsetxattr, removexattr, fremovexattr, and lremovexattr system calls. | DISA SLES 15 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-15-030500 - The SUSE operating system must generate audit records for all uses of the usermod command. | DISA SLES 15 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-15-030560 - The SUSE operating system must generate audit records for all uses of the sudo command. | DISA SLES 15 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
