| 1.1.2.13 Set 'Audit Policy: System: Security State Change' to 'Success and Failure' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.1.2.28 Set 'Audit Policy: Object Access: Kernel Object' to 'No Auditing' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.1.2.30 Set 'Audit Policy: Object Access: Application Generated' to 'No Auditing' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.1.2.51 Set 'Audit Policy: Detailed Tracking: Process Creation' to 'Success' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.1.2.54 Set 'Audit Policy: Object Access: File System' to 'No Auditing' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.7 Audit docker daemon | CIS Docker 1.11.0 v1.0.0 L1 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 1.8 Audit Docker files and directories - /var/lib/docker | CIS Docker 1.11.0 v1.0.0 L1 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 1.9 Audit Docker files and directories - /etc/docker | CIS Docker 1.12.0 v1.0.0 L1 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 1.10 Audit Docker files and directories - /etc/default/docker | CIS Docker 1.13.0 v1.0.0 L1 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 1.11 Audit Docker files and directories - /etc/docker/daemon.json | CIS Docker 1.13.0 v1.0.0 L1 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 1.12 Audit Docker files and directories - /etc/default/docker | CIS Docker 1.12.0 v1.0.0 L1 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 1.13 Audit Docker files and directories - /usr/bin/docker-runc | CIS Docker 1.13.0 v1.0.0 L1 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 1.14 Audit Docker files and directories - /usr/bin/docker-containerd | CIS Docker 1.12.0 v1.0.0 L1 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 1.15 Audit Docker files and directories - /usr/bin/docker-runc | CIS Docker 1.11.0 v1.0.0 L1 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 2.2.5 Set 'logging trap informational' | CIS Cisco IOS 12 L1 v4.0.0 | Cisco | AUDIT AND ACCOUNTABILITY |
| 3.1.6 Set diagnostic logging to capture errors and warnings | CIS IBM DB2 v10 v1.1.0 Linux OS Level 1 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.1.6 Set diagnostic logging to capture errors and warnings | CIS IBM DB2 v10 v1.1.0 Windows OS Level 1 | Windows | AUDIT AND ACCOUNTABILITY |
| 3.1.12 Set administrative notification level | CIS IBM DB2 v10 v1.1.0 Linux OS Level 2 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.2 Configure Security Auditing Flags - 'audit successful/failed file attribute modification events' | CIS Apple macOS 10.12 L2 v1.2.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.2 Configure Security Auditing Flags per local organizational requirements - 'audit all failed events across all audit classes' | CIS Apple macOS 10.13 L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.2 Enable security auditing | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.3 Configure Security Auditing Flags - 'audit all failed events across all audit classes' | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.3 Configure Security Auditing Flags - 'audit all failed events across all audit classes' | CIS Apple OSX 10.11 El Capitan L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.3 Configure Security Auditing Flags - 'audit successful/failed file attribute modification events' | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.3 Configure Security Auditing Flags - 'audit successful/failed file deletion events' | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.3 Configure Security Auditing Flags - 'audit successful/failed login/logout events' | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.13 Ensure file deletion events by users are collected | CIS CentOS Linux 8 Server L2 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.14 Ensure file deletion events by users are collected - auditctl b64 | CIS Amazon Linux v2.1.0 L2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.3.2 Configure a File Channel 'default local_debug' | CIS ISC BIND 9.0/9.5 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.3.2 Configure a File Channel 'general local_debug' | CIS ISC BIND 9.0/9.5 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.3.2 Configure a File Channel 'security' | CIS ISC BIND 9.0/9.5 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.3.2 Configure a File Channel 'xfer-in' | CIS ISC BIND 9.0/9.5 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2 Ensure AWS Elastic Load Balancer logging is enabled | CIS Amazon Web Services Three-tier Web Architecture L1 1.0.0 | amazon_aws | AUDIT AND ACCOUNTABILITY |
| 5.2 Ensure that audit filters are configured properly | CIS MongoDB L1 Unix Audit v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.4 Ensure that new entries are appended to the end of the log file | CIS MongoDB L2 Unix Audit v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 7.2 Specify file handler in logging.properties (check if java.util.logging.ConsoleHandler exists inin default) | CIS Apache Tomcat 7 L1 v1.1.0 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| 7.2 Specify file handler in logging.properties (check if org.apache.juli.FileHandler exists in default) | CIS Apache Tomcat 7 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 8.1.4 Record Events That Modify Date and Time Information - 32 bit clock_settime | CIS Debian Linux 7 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 8.1.6 Record Events That Modify the System's Network Environment - /etc/issue | CIS Debian Linux 7 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 8.1.6 Record Events That Modify the System's Network Environment - 64 bit system-locale | CIS Debian Linux 7 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 8.1.9 Collect Session Initiation Information - /var/log/btmp | CIS Debian Linux 7 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 8.1.9 Collect Session Initiation Information - /var/run/utmp | CIS Debian Linux 7 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 8.1.13 Collect Successful File System Mounts - 32 bit mount | CIS Debian Linux 7 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 8.1.16 Collect System Administrator Actions (sudolog) | CIS Debian Linux 7 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 17.3.1 Ensure 'Audit Process Creation' is set to include 'Success' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 17.6.1 Ensure 'Audit Detailed File Share' is set to include 'Failure' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 17.6.3 Ensure 'Audit Other Object Access Events' is set to 'Success and Failure' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 17.7.4 Ensure 'Audit MPSSVC Rule-Level Policy Change' is set to 'Success and Failure' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Auditing and logging - severity | ArubaOS Switch 16.x Hardening Guide v1.0.0 | ArubaOS | AUDIT AND ACCOUNTABILITY |
| IBM i : Auditing Control (QAUDCTL) - '!= *NONE' | IBM System i Security Reference for V7R2 | AS/400 | AUDIT AND ACCOUNTABILITY |
