800-53|AU-3(1)

Title

ADDITIONAL AUDIT INFORMATION

Description

The information system generates audit records containing the following additional information: [Assignment: organization-defined additional, more detailed information].

Supplemental

Detailed information that organizations may consider in audit records includes, for example, full text recording of privileged commands or the individual identities of group account users. Organizations consider limiting the additional audit information to only that information explicitly needed for specific audit requirements. This facilitates the use of audit trails and audit logs by not including information that could potentially be misleading or could make it more difficult to locate information of interest.

Reference Item Details

Category: AUDIT AND ACCOUNTABILITY

Parent Title: CONTENT OF AUDIT RECORDS

Family: AUDIT AND ACCOUNTABILITY

Baseline Impact: MODERATE,HIGH

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.1.4 Ensure auditing is configured for Docker files and directories - /run/containerdUnixCIS Docker v1.8.0 L1 OS Linux
1.1.5 Ensure auditing is configured for Docker files and directories - /var/lib/dockerUnixCIS Docker v1.8.0 L1 OS Linux
1.1.6 Ensure auditing is configured for Docker files and directories - /etc/dockerUnixCIS Docker v1.8.0 L1 OS Linux
1.1.6 Set 'aaa accounting' to log all privileged use commands using 'commands 15'CiscoCIS Cisco IOS XE 17.x v2.2.1 L1
1.1.7 Ensure auditing is configured for Docker files and directories - docker.serviceUnixCIS Docker v1.8.0 L2 OS Linux
1.1.8 Ensure auditing is configured for Docker files and directories - containerd.sockUnixCIS Docker v1.8.0 L2 OS Linux
1.1.8 Set 'aaa accounting exec'CiscoCIS Cisco IOS XE 17.x v2.2.1 L1
1.1.9 Ensure auditing is configured for Docker files and directories - docker.sockUnixCIS Docker v1.8.0 L2 OS Linux
1.1.9 Set 'aaa accounting network'CiscoCIS Cisco IOS XE 17.x v2.2.1 L1
1.1.10 Ensure auditing is configured for Docker files and directories - /etc/default/dockerUnixCIS Docker v1.8.0 L2 OS Linux
1.1.10 Set 'aaa accounting system'CiscoCIS Cisco IOS XE 17.x v2.2.1 L1
1.1.11 Ensure auditing is configured for Docker files and directories - /etc/docker/daemon.jsonUnixCIS Docker v1.8.0 L2 OS Linux
1.1.12 Ensure auditing is configured for Docker files and directories - /etc/containerd/config.tomlUnixCIS Docker v1.8.0 L2 OS Linux
1.1.13 Ensure auditing is configured for Docker files and directories - /etc/sysconfig/dockerUnixCIS Docker v1.8.0 L2 OS Linux
1.1.14 Ensure auditing is configured for Docker files and directories - /usr/bin/containerdUnixCIS Docker v1.8.0 L2 OS Linux
1.1.15 Ensure auditing is configured for Docker files and directories - /usr/bin/containerd-shimUnixCIS Docker v1.8.0 L2 OS Linux
1.1.16 Ensure auditing is configured for Docker files and directories - /usr/bin/containerd-shim-runc-v1UnixCIS Docker v1.8.0 L2 OS Linux
1.1.17 Ensure auditing is configured for Docker files and directories - /usr/bin/containerd-shim-runc-v2UnixCIS Docker v1.8.0 L2 OS Linux
1.1.18 Ensure auditing is configured for Docker files and directories - /usr/bin/runcUnixCIS Docker v1.8.0 L2 OS Linux
1.10 PHTN-40-000019UnixCIS VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v1.0.0 CAT II
1.10.6 Ensure 'logging with timestamps' is enabledCiscoCIS Cisco ASA 9.x Firewall L1 v1.1.0
1.10.7 Ensure 'logging buffer size' is greater than or equal to '524288' bytes (512kb)CiscoCIS Cisco ASA 9.x Firewall L1 v1.1.0
1.10.8 Ensure 'logging buffered severity level' is greater than or equal to '3'CiscoCIS Cisco ASA 9.x Firewall L1 v1.1.0
1.10.9 Ensure 'logging trap severity level' is greater than or equal to '5'CiscoCIS Cisco ASA 9.x Firewall L1 v1.1.0
1.11 CISC-ND-000330CiscoCIS Cisco NX OS Switch NDM STIG v1.1.0 CAT II
1.11 MADB-10-001600MySQLDBCIS MariaDB Enterprise 10.x STIG v1.1.0 CAT II MySQLDB
1.11 O19C-00-005600OracleDBCIS Oracle Database 19c STIG v1.1.0 CAT II OracleDB
1.11.2 Configure syslog-client to log using TLSArubaOSCIS HPE Aruba Networking CX Switch v1.0.1 Optional Security Recommendations
1.100 AZLX-23-002145UnixCIS Amazon Linux 2023 STIG v1.0.0 CAT II
1.100 OL09-00-000540UnixCIS Oracle Linux 9 STIG v1.0.0 CAT II
1.101 AZLX-23-002150UnixCIS Amazon Linux 2023 STIG v1.0.0 CAT II
1.101 OL09-00-000545UnixCIS Oracle Linux 9 STIG v1.0.0 CAT II
1.102 AZLX-23-002155UnixCIS Amazon Linux 2023 STIG v1.0.0 CAT II
1.102 OL09-00-000550UnixCIS Oracle Linux 9 STIG v1.0.0 CAT II
1.103 OL09-00-000555UnixCIS Oracle Linux 9 STIG v1.0.0 CAT II
1.103 WN16-CC-000100WindowsCIS Microsoft Windows Server 2016 STIG v4.0.0 MS CAT II
1.103 WN16-CC-000100WindowsCIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II
1.103 WN19-CC-000090WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.103 WN19-CC-000090WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.103 WN22-CC-000090WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 MS CAT II
1.103 WN22-CC-000090WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II
1.104 AZLX-23-002165UnixCIS Amazon Linux 2023 STIG v1.0.0 CAT II
1.104 OL09-00-000560UnixCIS Oracle Linux 9 STIG v1.0.0 CAT II
1.105 OL09-00-000565UnixCIS Oracle Linux 9 STIG v1.0.0 CAT II
1.106 OL09-00-000570UnixCIS Oracle Linux 9 STIG v1.0.0 CAT II
1.107 OL09-00-000575UnixCIS Oracle Linux 9 STIG v1.0.0 CAT II
1.108 OL09-00-000580UnixCIS Oracle Linux 9 STIG v1.0.0 CAT II
1.108 SLES-15-030050UnixCIS SUSE Linux Enterprise Server 15 STIG v1.0.0 CAT II
1.109 OL09-00-000585UnixCIS Oracle Linux 9 STIG v1.0.0 CAT II
1.110 OL09-00-000590UnixCIS Oracle Linux 9 STIG v1.0.0 CAT II