cmdReporter meets or exceeds the requirements for each of the below controls for macOS computers.
AC-2 (4) Account management | automated audit actions
AC-2 (12)(a)(b) Account management | account monitoring / atypical usage
AC-6 (9) Least privilege | auditing use of privileged functions
AU-3 (2) Content of audit records | centralized management of planned audit record content
AU-4 (1) Audit storage capacity | transfer to alternate storage
AU-5 (2) Response to audit processing failures | real-time alerts
AU-7 (all) Audit reduction and report generation
AU-9(2) Audit backup on separate physical systems / components
AU-9(4) Access by subset of privileged users
AU-10 (1)(b) Provides the means for authorized individuals to determine the identity of the producer of the information.
AU-11(1) Long-term retrieval capability
Partial: cmdReporter makes meeting AU-11 much easier, but there are still non-macOS steps to take to meet.
AU-12 (all) Audit generation
AC-17 (1) The information system monitors and controls remote access methods.
Partial: audits, not controls. macOS natively controls remote access.