| 4.1.3.9 Ensure file deletion events by users are collected - rename 32 bit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.3.9 Ensure file deletion events by users are collected - rename 64 bit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.3.9 Ensure file deletion events by users are collected - renameat 32 bit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.3.9 Ensure file deletion events by users are collected - renameat 64 bit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.3.15 Ensure all uses of the passwd command are audited. | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.3.16 Ensure auditing of the unix_chkpwd command | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.3.17 Ensure audit of the gpasswd command | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.3.18 Ensure audit all uses of chage | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.3.20 Ensure audit the umount command | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.3.21 Ensure audit of postdrop command | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.3.22 Ensure audit of postqueue command. | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.3.23 Ensure audit ssh-keysign command. | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.3.24 Ensure audit of crontab command | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.3.26 Ensure audit of the rmdir syscall - 32 bit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.3.26 Ensure audit of the rmdir syscall - 64 bit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.3.27 Ensure audit of unlink syscall - 32 bit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.3.27 Ensure audit of unlink syscall - 64 bit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.3.28 Ensure audit unlinkat syscall - 32 bit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.3.28 Ensure audit unlinkat syscall - 64 bit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.3.33 Ensure audit of semanage command | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.3.34 Ensure audit of the setsebool command. | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.3.35 Ensure audit of the chcon command | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.3.36 Ensure audit of the userhelper command | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.3.37 Ensure audit of the mount command and syscall | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.3.37 Ensure audit of the mount command and syscall - 32 bit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.3.37 Ensure audit of the mount command and syscall - 64 bit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.3.39 Ensure audit of setfiles command | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| APPL-14-001002 - The macOS system must be configured to audit all log on and log out events. | DISA Apple macOS 14 (Sonoma) STIG v2r1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| APPL-14-001044 - The macOS system must configure the system to audit all authorization and authentication events. | DISA Apple macOS 14 (Sonoma) STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| APPL-15-001002 - The macOS system must be configured to audit all login and logout events. | DISA Apple macOS 15 (Sequoia) STIG v1r1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| APPL-15-001044 - The macOS system must be configured to audit all authorization and authentication events. | DISA Apple macOS 15 (Sequoia) STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL07-00-030560 - The Oracle Linux operating system must audit all uses of the semanage command. | DISA Oracle Linux 7 STIG v2r14 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL07-00-030570 - The Oracle Linux operating system must audit all uses of the setsebool command. | DISA Oracle Linux 7 STIG v2r14 | Unix | MAINTENANCE |
| OL07-00-030580 - The Oracle Linux operating system must audit all uses of the chcon command. | DISA Oracle Linux 7 STIG v2r14 | Unix | MAINTENANCE |
| OL07-00-030590 - The Oracle Linux operating system must audit all uses of the setfiles command. | DISA Oracle Linux 7 STIG v2r14 | Unix | MAINTENANCE |
| OL07-00-030610 - The Oracle Linux operating system must generate audit records for all unsuccessful account access events. | DISA Oracle Linux 7 STIG v2r14 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL07-00-030620 - The Oracle Linux operating system must generate audit records for all successful account access events. | DISA Oracle Linux 7 STIG v2r14 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| PHTN-30-000020 - The Photon operating system must generate audit records when successful/unsuccessful attempts to access privileges occur. | DISA STIG VMware vSphere 7.0 Photon OS v1r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| PHTN-67-000012 - The Photon operating system must be configured to audit the execution of privileged functions - gid 32 | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| PHTN-67-000012 - The Photon operating system must be configured to audit the execution of privileged functions - gid 64 | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| PHTN-67-000012 - The Photon operating system must be configured to audit the execution of privileged functions - uid 32 | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| PHTN-67-000012 - The Photon operating system must be configured to audit the execution of privileged functions - uid 64 | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-07-030560 - The Red Hat Enterprise Linux operating system must audit all uses of the semanage command. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-07-030580 - The Red Hat Enterprise Linux operating system must audit all uses of the chcon command. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-07-030590 - The Red Hat Enterprise Linux operating system must audit all uses of the setfiles command. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-07-030910 - The Red Hat Enterprise Linux operating system must audit all uses of the unlink, unlinkat, rename, renameat, and rmdir syscalls. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654250 - RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /var/log/faillock. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654260 - RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /var/log/tallylog. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-20-010244 - The Ubuntu operating system must generate audit records for privileged activities, nonlocal maintenance, diagnostic sessions and other system-level access. | DISA STIG Ubuntu 20.04 LTS v2r1 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-22-654235 - Ubuntu 22.04 LTS must generate audit records for privileged activities, nonlocal maintenance, diagnostic sessions and other system-level access. | DISA STIG Canonical Ubuntu 22.04 LTS v2r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
