| ALMA-09-045780 | V1R1 | AlmaLinux OS 9 /etc/audit/auditd.conf file must have 0640 or less permissive to prevent unauthorized access. | |
| ALMA-09-045890 | V1R1 | AlmaLinux OS 9 must allow only the information system security manager (ISSM) (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited. | |
| UBTU-18-010311 | V2R15 | The Ubuntu operating system must be configured so that audit configuration files are not write-accessible by unauthorized users. | |
| UBTU-18-010312 | V2R15 | The Ubuntu operating system must permit only authorized accounts to own the audit configuration files. | |
| UBTU-18-010313 | V2R15 | The Ubuntu operating system must permit only authorized groups to own the audit configuration files. | |
| UBTU-20-010133 | V1R9 | The Ubuntu operating system must be configured so that audit configuration files are not write-accessible by unauthorized users. | |
| UBTU-20-010134 | V1R9 | The Ubuntu operating system must permit only authorized accounts to own the audit configuration files. | |
| UBTU-20-010135 | V1R9 | The Ubuntu operating system must permit only authorized groups to own the audit configuration files. | |
| UBTU-24-900040 | V1R1 | Ubuntu 24.04 LTS must be configured so that audit configuration files are not write-accessible by unauthorized users. | |
| UBTU-24-900050 | V1R1 | Ubuntu 24.04 LTS must permit only authorized accounts to own the audit configuration files. | |
| UBTU-24-900060 | V1R1 | Ubuntu 24.04 LTS must permit only authorized groups to own the audit configuration files. | |
| UBTU-22-653065 | V2R1 | Ubuntu 22.04 LTS must be configured so that audit configuration files are not write-accessible by unauthorized users. | |
| UBTU-22-653070 | V2R1 | Ubuntu 22.04 LTS must permit only authorized accounts to own the audit configuration files. | |
| UBTU-22-653075 | V2R1 | Ubuntu 22.04 LTS must permit only authorized groups to own the audit configuration files. | |
| RHEL-08-030610 | V1R9 | RHEL 8 must allow only the Information System Security Manager (ISSM) (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited. | |
| RHEL-09-653110 | V2R1 | RHEL 9 must allow only the information system security manager (ISSM) (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited. | |
| RHEL-09-653115 | V2R1 | RHEL 9 /etc/audit/auditd.conf file must have 0640 or less permissive to prevent unauthorized access. | |
| OL09-00-000805 | V1R1 | OL 9 must allow only the information system security manager (ISSM) (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited. | |
| OL09-00-000810 | V1R1 | OL 9 /etc/audit/auditd.conf file must have 0640 or less permissive to prevent unauthorized access. | |
| OL08-00-030610 | V1R9 | OL 8 must allow only the Information System Security Manager (ISSM) (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited. | |