diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/ansible/shared.yml
index be23b5ae8fb..d5a3be0e29d 100644
--- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/ansible/shared.yml
@@ -4,11 +4,11 @@
 # complexity = low
 # disruption = low
 
-{{%- if "sle" in product or "slmicro5" in product or "ubuntu" in product %}}
+{{%- if product in ['sle12', 'sle15', 'slmicro5'] or "ubuntu" in product %}}
 {{%- set pam_lastlog_path = "/etc/pam.d/login" %}}
 {{%- set pam_lastlog = "pam_lastlog.so" %}}
 {{%- set after_match = "^\s*session.*include\s+common-session$" %}}
-{{%- elif product == 'slmicro6' %}}
+{{%- elif product in ['sle16', 'slmicro6'] %}}
 {{%- set pam_lastlog_path = "/etc/pam.d/postlogin-session" %}}
 {{%- set pam_lastlog = "pam_lastlog2.so" %}}
 {{%- set after_match = "^\s*session.*include\s+common-session$" %}}
diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/bash/shared.sh
index 50e5845d2b0..4a8bd355094 100644
--- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/bash/shared.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/bash/shared.sh
@@ -1,6 +1,6 @@
 # platform = multi_platform_sle,multi_platform_slmicro,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu,multi_platform_almalinux
 
-{{%- if "sle" in product or "slmicro5" in product or "ubuntu" in product %}}
+{{%- if product in ['sle12', 'sle15', 'slmicro5'] or "ubuntu" in product %}}
 {{%- set pam_lastlog_path = "/etc/pam.d/login" %}}
 {{%- set pam_lastlog = "pam_lastlog.so" %}}
 {{%- if "ubuntu" in product %}}
@@ -8,7 +8,7 @@
 {{%- else %}}
 {{%- set after_match = "^\s*session.*include\s+common-session$" %}}
 {{%- endif %}}
-{{%- elif product == 'slmicro6' %}}
+{{%- elif product in ['sle16', 'slmicro6'] %}}
 {{%- set pam_lastlog_path = "/etc/pam.d/postlogin-session" %}}
 {{%- set pam_lastlog = "pam_lastlog2.so" %}}
 {{%- else %}}
diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/oval/shared.xml b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/oval/shared.xml
index 4bd247c410d..b1b45341c60 100644
--- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/oval/shared.xml
+++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/oval/shared.xml
@@ -1,7 +1,7 @@
-{{%- if "sle" in product or "slmicro5" in product or "ubuntu" in product %}}
+{{%- if product in ['sle12', 'sle15', 'slmicro5' ] or "ubuntu" in product %}}
 {{% set pam_lastlog_path = "/etc/pam.d/login" %}}
 {{% set pam_lastlog = "pam_lastlog.so" %}}
-{{% elif product == 'slmicro6' %}}
+{{% elif product in ['sle16', 'slmicro6'] %}}
 {{% set pam_lastlog_path = "/etc/pam.d/postlogin-session" %}}
 {{% set pam_lastlog = "pam_lastlog2.so" %}}
 {{% else %}}
diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/rule.yml b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/rule.yml
index 5703fde6aa4..0301a7a2eda 100644
--- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/rule.yml
@@ -1,7 +1,7 @@
-{{%- if "sle" in product or "slmicro5" in product or "ubuntu" in product %}}
+{{%- if product in ['sle12', 'sle15', 'slmicro5' ] or "ubuntu" in product %}}
 {{%- set pam_lastlog_path = "/etc/pam.d/login" %}}
 {{%- set pam_lastlog = "pam_lastlog.so" %}}
-{{%- elif product == 'slmicro6' %}}
+{{%- elif product in ['sle16', 'slmicro6'] %}}
 {{%- set pam_lastlog_path = "/etc/pam.d/postlogin-session" %}}
 {{%- set pam_lastlog = "pam_lastlog2.so" %}}
 {{%- else %}}
@@ -43,7 +43,7 @@ identifiers:
     cce@sle12: CCE-83149-5
     cce@sle15: CCE-85560-1
     cce@slmicro5: CCE-93730-0
-    cce@slmicro6: CCE-95037-8 
+    cce@slmicro6: CCE-95037-8
 
 references:
     cis-csc: 1,12,15,16
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/oval/shared.xml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/oval/shared.xml
index d756d5d6dda..4fa825c17e4 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/oval/shared.xml
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/oval/shared.xml
@@ -15,9 +15,9 @@
   <!-- OVAL object to collect filename for Aide build database -->
   <ind:textfilecontent54_object id="object_aide_operational_database_filename" version="1">
     <ind:filepath>/etc/aide.conf</ind:filepath>
-    {{% if 'sle' in product or product == 'slmicro5' %}}
+    {{% if product in ['sle12', 'sle15', 'slmicro5'] %}}
       <ind:pattern operation="pattern match">^database=file:/([/a-z.]+)$</ind:pattern>
-    {{% elif product == 'slmicro6' %}}
+    {{% elif product in ['sle16', 'slmicro6'] %}}
       <ind:pattern operation="pattern match">^database_in=file:/([/a-z.]+)$</ind:pattern>
     {{% elif product == "rhel9" %}}
       <!-- RHEL 9.8 (aide-0.19.2-2.el9 and newer) uses _in suffix for database_in line -->
diff --git a/products/sle16/profiles/base.profile b/products/sle16/profiles/base.profile
index 1d6c2bcfd35..981ba581ca9 100644
--- a/products/sle16/profiles/base.profile
+++ b/products/sle16/profiles/base.profile
@@ -17,3 +17,6 @@ description: |-
 
 selections:
     - base_sle16:all
+    - aide_build_database
+    - aide_periodic_checking_systemd_timer
+    - display_login_attempts