| UBTU-18-010237 | V2R15 | The Ubuntu operating system must generate audit records for privileged activities or other system-level access. | |
| WN10-AU-000100 | V2R8 | The system must be configured to audit Policy Change - Audit Policy Change successes. | |
| WN10-AU-000107 | V2R8 | The system must be configured to audit Policy Change - Authorization Policy Change successes. | |
| WN10-AU-000130 | V2R8 | The system must be configured to audit System - Other System Events successes. | |
| WN10-AU-000135 | V2R8 | The system must be configured to audit System - Other System Events failures. | |
| WN11-AU-000130 | V2R1 | The system must be configured to audit System - Other System Events successes. | |
| WN11-AU-000135 | V2R1 | The system must be configured to audit System - Other System Events failures. | |
| RHEL-07-030810 | V3R8 | The Red Hat Enterprise Linux operating system must audit all uses of the pam_timestamp_check command. | |
| OL07-00-030810 | V2R14 | The Oracle Linux operating system must audit all uses of the pam_timestamp_check command. | |
| OL08-00-030603 | V1R9 | OL 8 must enable Linux audit logging for the USBGuard daemon. | |