UCF STIG Viewer Logo

The Google Search Appliance must be capable of taking organization-defined actions upon audit failure (e.g., overwrite oldest audit records, stop generating audit records, cease processing, notify of audit failure).


Overview

Finding ID Version Rule ID IA Controls Severity
V-60751 GSAP-00-000285 SV-75203r1_rule Medium
Description
It is critical when a system is at risk of failing to process audit logs as required; it detects and takes action to mitigate the failure. Audit processing failures include: software/hardware errors, failures in the audit capturing mechanisms, and audit storage capacity being reached or exceeded. Applications are required to be capable of either directly performing or calling system level functionality performing defined actions upon detection of an application audit log processing failure.
STIG Date
Google Search Appliance Security Technical Implementation Guide 2015-07-07

Details

Check Text ( C-61685r1_chk )
Open the GSA Web Admin Console at https::8443.

Login to the GSA management interface.

Navigate to "Administration", select "System Settings".

If valid email addresses are entered, this is not a finding.
Fix Text (F-66431r1_fix)
Open the GSA Web Admin Console at https::8443.

Login to the GSA management interface.

Navigate to "Administration", select "System Settings".

Enter valid email addresses that the audit failures need to be sent to be reviewed.