| 1.4.6 System: Retain old events | CIS Windows 2008 Enterprise v1.2.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.4.6 System: Retain old events | CIS Windows 2008 SSLF v1.2.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 2.7.1.1 Increase the Retention Time for system.log and secure.log (secure.log check) | CIS Apple OSX 10.5 Leopard L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.1.1 Retain system.log for 90 or more days | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.1.1 Retain system.log for 90 or more days | CIS Apple OSX 10.10 Yosemite L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.1.1 Retain system.log for 90 or more days | CIS Apple OSX 10.11 El Capitan L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.1.2 Retain appfirewall.log for 90 or more days | CIS Apple OSX 10.11 El Capitan L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.1.2 Retain appfirewall.log for 90 or more days | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.1.3 Retain authd.log for 90 or more days | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.1.3 Retain authd.log for 90 or more days | CIS Apple OSX 10.10 Yosemite L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.1.3 Retain authd.log for 90 or more days | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.1.3 Retain authd.log for 90 or more days | CIS Apple OSX 10.11 El Capitan L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.1.3 Retain authd.log for 90 or more days | CIS Apple OSX 10.11 El Capitan L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.1.4 Retain authd.log for 90 or more days | CIS Apple OSX 10.9 Mavericks L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.3 Retain install.log for 365 or more days | CIS Apple macOS 10.13 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.5 Retain install.log for 365 or more days | CIS Apple macOS 10.13 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.5 Retain install.log for 365 or more days | CIS Apple OSX 10.10 Yosemite L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.5 Retain install.log for 365 or more days | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.5 Retain install.log for 365 or more days | CIS Apple OSX 10.11 El Capitan L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.2 Set Failed Archive Retry Delay (ARCHRETRYDELAY) | CIS IBM DB2 11 v1.1.0 Windows OS Level 1 | Windows | AUDIT AND ACCOUNTABILITY |
| 4.3 - HTTP logging parameters are not set - Rotation Time | TNS Oracle WebLogic Server 11 Linux Best Practices | Unix | AUDIT AND ACCOUNTABILITY |
| 4.3 - HTTP logging parameters are not set - Rotation Type | TNS Oracle WebLogic Server 11 Linux Best Practices | Unix | AUDIT AND ACCOUNTABILITY |
| 4.3 - HTTP logging parameters are not set - Rotation Type | TNS Oracle WebLogic Server 11 Windows Best Practices | Windows | AUDIT AND ACCOUNTABILITY |
| 4.5 Enable Login Records - Check if loginlog in /etc/logadm.conf is appropiately set | CIS Solaris 10 v5.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Enable Login Records - Check if loginlog in /etc/logadm.conf is appropiately set | CIS Solaris 10 L1 v5.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 8.4 Configure logrotate | CIS Debian Linux 7 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 8.4 Configure logrotate - /var/log/localmessages | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 8.4 Configure logrotate - /var/log/mail | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 8.4 Configure logrotate - /var/log/mail.info | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 8.4 Configure logrotate - /var/log/mail.warn | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 8.4 Configure logrotate - /var/log/news/news.crit | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 8.4 Configure logrotate - /var/log/news/news.err | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 8.4 Configure logrotate - /var/log/news/news.notice | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 8.4 Configure logrotate - /var/log/warn | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 8.6.1 Avoid using nonpersistent disks | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | AUDIT AND ACCOUNTABILITY |
| 8.6.1 Ensure nonpersistent disks are limited | CIS VMware ESXi 6.7 v1.1.0 Level 2 | VMware | AUDIT AND ACCOUNTABILITY |
| 8.6.1 Ensure nonpersistent disks are limited | CIS VMware ESXi 6.5 v1.0.0 Level 2 | VMware | AUDIT AND ACCOUNTABILITY |
| 18.9.26.1.1 Ensure 'Application: Control Event Log behavior when the log file reaches its maximum size' is set to 'Disabled' | CIS Windows 7 Workstation Level 1 v3.1.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 18.9.26.1.1 Ensure 'Application: Control Event Log behavior when the log file reaches its maximum size' is set to 'Disabled' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 18.9.26.2.1 Ensure 'Security: Control Event Log behavior when the log file reaches its maximum size' is set to 'Disabled' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 18.9.26.2.1 Ensure 'Security: Control Event Log behavior when the log file reaches its maximum size' is set to 'Disabled' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.1.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 18.9.26.3.1 Ensure 'Setup: Control Event Log behavior when the log file reaches its maximum size' is set to 'Disabled' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.1.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 18.9.26.3.1 Ensure 'Setup: Control Event Log behavior when the log file reaches its maximum size' is set to 'Disabled' | CIS Windows 7 Workstation Level 1 v3.1.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 18.9.26.3.1 Ensure 'Setup: Control Event Log behavior when the log file reaches its maximum size' is set to 'Disabled' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 18.9.26.4.1 Ensure 'System: Control Event Log behavior when the log file reaches its maximum size' is set to 'Disabled' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.1.0 | Windows | AUDIT AND ACCOUNTABILITY |
| FireEye - Local logging retention configuration | TNS FireEye | FireEye | AUDIT AND ACCOUNTABILITY |
| PCI 10.7 - Audit log retention policies - 'cron audit rotation has been implemented' | PCI DSS 2.0/3.0 - AIX | Unix | AUDIT AND ACCOUNTABILITY |
| PCI 10.7 Retain audit trail history for at least one year - '/var/adm/loginlog set in logadm.conf' | PCI DSS 2.0/3.0 - Solaris 10 | Unix | AUDIT AND ACCOUNTABILITY |
| PCI 10.7 Retain audit trail history for at least one year - '/var/log/authlog set in logadm.conf' | PCI DSS 2.0/3.0 - Solaris 10 | Unix | AUDIT AND ACCOUNTABILITY |
| PCI 10.7 Retain audit trail history for at least one year - 'rotation schedule' | PCI DSS 2.0/3.0 - Red Hat Linux | Unix | AUDIT AND ACCOUNTABILITY |
