Detections
Analytics

800-53|AU-12a.

Title

AUDIT GENERATION

Description

Provides audit record generation capability for the auditable events defined in AU-2 a. at [Assignment: organization-defined information system components];

Reference Item Details

Category: AUDIT AND ACCOUNTABILITY

Family: AUDIT AND ACCOUNTABILITY

Baseline Impact: LOW,MODERATE,HIGH

Audit Items

View all Reference Audit Items

NamePluginAudit Name
3.3 Set 'Disable Configuring History' to 'Enabled'WindowsCIS IE 10 v1.1.0
3.125 - Audit policy using subcategories is enabled.WindowsDISA Windows Vista STIG v6r41
8.1.2 Install and Enable auditd ServiceUnixCIS Debian Linux 7 L2 v1.0.0
8.1.2 Install and Enable auditd ServiceUnixCIS Ubuntu 12.04 LTS Benchmark L2 v1.1.0
AOSX-13-000240 - The macOS system must enable System Integrity Protection.UnixDISA STIG Apple Mac OSX 10.13 v2r5
AOSX-14-005001 - The macOS system must enable System Integrity Protection.UnixDISA STIG Apple Mac OSX 10.14 v2r6
AOSX-15-005001 - The macOS system must enable System Integrity Protection.UnixDISA STIG Apple Mac OSX 10.15 v1r10
APPL-11-005001 - The macOS system must enable System Integrity Protection.UnixDISA STIG Apple macOS 11 v1r8
APPL-11-005001 - The macOS system must enable System Integrity Protection.UnixDISA STIG Apple macOS 11 v1r5
APPL-12-005001 - The macOS system must enable System Integrity Protection.UnixDISA STIG Apple macOS 12 v1r9
APPL-13-005001 - The macOS system must enable System Integrity Protection.UnixDISA STIG Apple macOS 13 v1r4
APPL-14-005001 - The macOS system must ensure System Integrity Protection is enabled.UnixDISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-15-005001 - The macOS system must ensure System Integrity Protection is enabled.UnixDISA Apple macOS 15 (Sequoia) STIG v1r1
AS24-W1-000070 - The Apache web server must generate, at a minimum, log records for system startup and shutdown, system access, and system authentication events.WindowsDISA STIG Apache Server 2.4 Windows Server v3r1
AS24-W1-000070 - The Apache web server must generate, at a minimum, log records for system startup and shutdown, system access, and system authentication events.WindowsDISA STIG Apache Server 2.4 Windows Server v2r3
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Low
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Moderate
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - CNSSI 1253
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - 800-171
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - 800-53r4 High
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Low
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - 800-53r5 High
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Moderate
Catalina - Ensure System Integrity Protection is EnabledUnixNIST macOS Catalina v1.5.0 - 800-53r5 Low
Catalina - Ensure System Integrity Protection is EnabledUnixNIST macOS Catalina v1.5.0 - CNSSI 1253
Catalina - Ensure System Integrity Protection is EnabledUnixNIST macOS Catalina v1.5.0 - 800-171
Catalina - Ensure System Integrity Protection is EnabledUnixNIST macOS Catalina v1.5.0 - 800-53r4 Moderate
Catalina - Ensure System Integrity Protection is EnabledUnixNIST macOS Catalina v1.5.0 - 800-53r4 High
Catalina - Ensure System Integrity Protection is EnabledUnixNIST macOS Catalina v1.5.0 - All Profiles
Catalina - Ensure System Integrity Protection is EnabledUnixNIST macOS Catalina v1.5.0 - 800-53r4 Low
Catalina - Ensure System Integrity Protection is EnabledUnixNIST macOS Catalina v1.5.0 - 800-53r5 High
Catalina - Ensure System Integrity Protection is EnabledUnixNIST macOS Catalina v1.5.0 - 800-53r5 Moderate
DTBI300 - Configuring History setting must be set to 40 days - HistoryWindowsDISA STIG Microsoft Internet Explorer 9 v1r15
DTBI300-IE11 - Configuring History setting must be set to 40 days.WindowsDISA STIG IE 11 v2r5
DTBI760-IE11 - Browser must retain history on exit.WindowsDISA STIG IE 11 v2r5
DTBI770 - Deleting web sites that the user has visited must be disallowed.WindowsDISA STIG Microsoft Internet Explorer 9 v1r15
DTBI770-IE11 - Deleting websites that the user has visited must be disallowed.WindowsDISA STIG IE 11 v2r5
EPAS-00-001000 - The EDB Postgres Advanced Server must provide audit record generation capability for DOD-defined auditable events within all EDB Postgres Advanced Server/database components.PostgreSQLDBEnterpriseDB PostgreSQL Advanced Server DB v2r1
EX13-CA-000045 - Exchange Email Diagnostic log level must be set to lowest level.WindowsDISA Microsoft Exchange 2013 Client Access Server STIG v2r2
EX13-CA-000050 - Exchange must have Audit record parameters set.WindowsDISA Microsoft Exchange 2013 Client Access Server STIG v2r2
EX13-EG-000030 - The Exchange email Diagnostic log level must be set to the lowest level.WindowsDISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6
EX13-EG-000035 - Exchange Connectivity logging must be enabled.WindowsDISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6
EX13-MB-000020 - Exchange Connectivity logging must be enabled.WindowsDISA Microsoft Exchange 2013 Mailbox Server STIG v2r3
EX13-MB-000025 - The Exchange Email Diagnostic log level must be set to the lowest level.WindowsDISA Microsoft Exchange 2013 Mailbox Server STIG v2r3
EX13-MB-000030 - Exchange Audit record parameters must be set.WindowsDISA Microsoft Exchange 2013 Mailbox Server STIG v2r3
EX16-ED-000060 - The Exchange email Diagnostic log level must be set to the lowest level.WindowsDISA Microsoft Exchange 2016 Edge Transport Server STIG v2r5
EX16-ED-000070 - Exchange Connectivity logging must be enabled.WindowsDISA Microsoft Exchange 2016 Edge Transport Server STIG v2r5
EX16-MB-000040 - Exchange Connectivity logging must be enabled.WindowsDISA Microsoft Exchange 2016 Mailbox Server STIG v2r6
EX16-MB-000050 - The Exchange Email Diagnostic log level must be set to the lowest level.WindowsDISA Microsoft Exchange 2016 Mailbox Server STIG v2r6