| UBTU-20-010136 |
V1R12 |
The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the su command. |
|
| UBTU-20-010137 |
V1R12 |
The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the chfn command. |
|
| UBTU-20-010138 |
V1R12 |
The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the mount command. |
|
| UBTU-20-010139 |
V1R12 |
The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the umount command. |
|
| UBTU-20-010140 |
V1R12 |
The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the ssh-agent command. |
|
| UBTU-20-010141 |
V1R12 |
The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the ssh-keysign command. |
|
| UBTU-20-010142 |
V1R12 |
The Ubuntu operating system must generate audit records for any use of the setxattr, fsetxattr, lsetxattr, removexattr, fremovexattr, and lremovexattr system calls. |
|
| UBTU-20-010148 |
V1R12 |
The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the chown, fchown, fchownat, and lchown system calls. |
|
| UBTU-20-010152 |
V1R12 |
The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the chmod, fchmod, and fchmodat system calls. |
|
| UBTU-20-010155 |
V1R12 |
The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the creat, open, openat, open_by_handle_at, truncate, and ftruncate system calls. |
|
| UBTU-20-010161 |
V1R12 |
The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the sudo command. |
|
| UBTU-20-010162 |
V1R12 |
The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the sudoedit command. |
|
| UBTU-20-010163 |
V1R12 |
The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the chsh command. |
|
| UBTU-20-010164 |
V1R12 |
The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the newgrp command. |
|
| UBTU-20-010165 |
V1R12 |
The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the chcon command. |
|
| UBTU-20-010166 |
V1R12 |
The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the apparmor_parser command. |
|
| UBTU-20-010167 |
V1R12 |
The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the setfacl command. |
|
| UBTU-20-010168 |
V1R12 |
The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the chacl command. |
|
| UBTU-20-010169 |
V1R12 |
The Ubuntu operating system must generate audit records for the use and modification of the tallylog file. |
|
| UBTU-20-010170 |
V1R12 |
The Ubuntu operating system must generate audit records for the use and modification of faillog file. |
|
| UBTU-20-010171 |
V1R12 |
The Ubuntu operating system must generate audit records for the use and modification of the lastlog file. |
|
| UBTU-20-010172 |
V1R12 |
The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the passwd command. |
|
| UBTU-20-010173 |
V1R12 |
The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the unix_update command. |
|
| UBTU-20-010174 |
V1R12 |
The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the gpasswd command. |
|
| UBTU-20-010175 |
V1R12 |
The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the chage command. |
|
| UBTU-20-010176 |
V1R12 |
The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the usermod command. |
|
| UBTU-20-010177 |
V1R12 |
The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the crontab command. |
|
| UBTU-20-010178 |
V1R12 |
The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the pam_timestamp_check command. |
|
| UBTU-20-010179 |
V1R12 |
The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the init_module and finit_module syscalls. |
|
| UBTU-20-010181 |
V1R12 |
The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the delete_module syscall. |
|
| WN11-AU-000050 |
V2R2 |
The system must be configured to audit Detailed Tracking - Process Creation successes. |
|
| UBTU-22-654010 |
V2R2 |
Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful uses of the apparmor_parser command. |
|
| UBTU-22-654015 |
V2R2 |
Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful uses of the chacl command. |
|
| UBTU-22-654020 |
V2R2 |
Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful uses of the chage command. |
|
| UBTU-22-654025 |
V2R2 |
Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful uses of the chcon command. |
|
| UBTU-22-654030 |
V2R2 |
Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful uses of the chfn command. |
|
| UBTU-22-654035 |
V2R2 |
Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful uses of the chsh command. |
|
| UBTU-22-654040 |
V2R2 |
Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful uses of the crontab command. |
|
| UBTU-22-654050 |
V2R2 |
Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful uses of the gpasswd command. |
|
| UBTU-22-654065 |
V2R2 |
Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful uses of the mount command. |
|
| UBTU-22-654070 |
V2R2 |
Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful uses of the newgrp command. |
|
| UBTU-22-654075 |
V2R2 |
Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful uses of the pam_timestamp_check command. |
|
| UBTU-22-654080 |
V2R2 |
Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful uses of the passwd command. |
|
| UBTU-22-654085 |
V2R2 |
Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful uses of the setfacl command. |
|
| UBTU-22-654090 |
V2R2 |
Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful uses of the ssh-agent command. |
|
| UBTU-22-654095 |
V2R2 |
Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful uses of the ssh-keysign command. |
|
| UBTU-22-654100 |
V2R2 |
Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful uses of the su command. |
|
| UBTU-22-654105 |
V2R2 |
Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful uses of the sudo command. |
|
| UBTU-22-654110 |
V2R2 |
Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful uses of the sudoedit command. |
|
| UBTU-22-654115 |
V2R2 |
Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful uses of the umount command. |
|
| UBTU-22-654120 |
V2R2 |
Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful uses of the unix_update command. |
|
| UBTU-22-654125 |
V2R2 |
Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful uses of the usermod command. |
|
| UBTU-22-654155 |
V2R2 |
Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful uses of the chmod, fchmod, and fchmodat system calls. |
|
| UBTU-22-654160 |
V2R2 |
Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful uses of the chown, fchown, fchownat, and lchown system calls. |
|
| UBTU-22-654165 |
V2R2 |
Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful uses of the creat, open, openat, open_by_handle_at, truncate, and ftruncate system calls. |
|
| UBTU-22-654170 |
V2R2 |
Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful uses of the delete_module system call. |
|
| UBTU-22-654175 |
V2R2 |
Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful uses of the init_module and finit_module system calls. |
|
| UBTU-22-654180 |
V2R2 |
Ubuntu 22.04 LTS must generate audit records for any use of the setxattr, fsetxattr, lsetxattr, removexattr, fremovexattr, and lremovexattr system calls. |
|
| UBTU-22-654210 |
V2R2 |
Ubuntu 22.04 LTS must generate audit records for the use and modification of faillog file. |
|
| UBTU-22-654215 |
V2R2 |
Ubuntu 22.04 LTS must generate audit records for the use and modification of the lastlog file. |
|
| RHEL-07-030370 |
V3R6 |
The Red Hat Enterprise Linux operating system must audit all uses of the chown, fchown, fchownat, and lchown syscalls. |
|
| RHEL-07-030510 |
V3R6 |
The Red Hat Enterprise Linux operating system must audit all uses of the creat, open, openat, open_by_handle_at, truncate, and ftruncate syscalls. |
|
| UBTU-18-010201 |
V2R11 |
The Ubuntu operating system must generate audit records for the use and modification of the tallylog file. |
|
| UBTU-18-010202 |
V2R11 |
The Ubuntu operating system must generate audit records for the use and modification of faillog file. |
|
| UBTU-18-010203 |
V2R11 |
The Ubuntu operating system must generate audit records for the use and modification of the lastlog file. |
|
| UBTU-18-010315 |
V2R11 |
The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the su command. |
|
| UBTU-18-010316 |
V2R11 |
The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the chfn command. |
|
| UBTU-18-010317 |
V2R11 |
The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the mount command. |
|
| UBTU-18-010318 |
V2R11 |
The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the umount command. |
|
| UBTU-18-010319 |
V2R11 |
The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the ssh-agent command. |
|
| UBTU-18-010320 |
V2R11 |
The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the ssh-keysign command. |
|
| UBTU-18-010321 |
V2R11 |
The Ubuntu operating system must generate audit records for any usage of the setxattr, fsetxattr, lsetxattr, removexattr, fremovexattr, and lremovexattr system calls. |
|
| UBTU-18-010327 |
V2R11 |
The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the chown, fchown, fchownat, and lchown system calls. |
|
| UBTU-18-010331 |
V2R11 |
The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the chmod, fchmod, and fchmodat system calls. |
|
| UBTU-18-010334 |
V2R11 |
The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the creat, open, openat, open_by_handle_at, truncate, and ftruncate system calls. |
|
| UBTU-18-010340 |
V2R11 |
The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the sudo command. |
|
| UBTU-18-010341 |
V2R11 |
The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the sudoedit command. |
|
| UBTU-18-010342 |
V2R11 |
The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the chsh command. |
|
| UBTU-18-010343 |
V2R11 |
The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the newgrp command. |
|
| UBTU-18-010344 |
V2R11 |
The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the chcon command. |
|
| UBTU-18-010345 |
V2R11 |
The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the apparmor_parser command. |
|
| UBTU-18-010346 |
V2R11 |
The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the setfacl command. |
|
| UBTU-18-010347 |
V2R11 |
The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the chacl command. |
|
| UBTU-18-010348 |
V2R11 |
The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the passwd command. |
|
| UBTU-18-010349 |
V2R11 |
The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the unix_update command. |
|
| UBTU-18-010350 |
V2R11 |
The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the gpasswd command. |
|
| UBTU-18-010351 |
V2R11 |
The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the chage command. |
|
| UBTU-18-010352 |
V2R11 |
The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the usermod command. |
|
| UBTU-18-010353 |
V2R11 |
The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the crontab command. |
|
| UBTU-18-010354 |
V2R11 |
The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the pam_timestamp_check command. |
|
| UBTU-18-010356 |
V2R11 |
The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the finit_module syscall. |
|
| OL07-00-030370 |
V2R11 |
The Oracle Linux operating system must audit all uses of the chown, fchown, fchownat, and lchown syscalls. |
|
| OL07-00-030510 |
V2R11 |
The Oracle Linux operating system must audit all uses of the creat, open, openat, open_by_handle_at, truncate, and ftruncate syscalls. |
|