HAProxy must use a logging mechanism that is configured to alert the ISSO and SA in the event of a processing failure.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-89139	VRAU-HA-000085	SV-99789r1_rule		Medium

Description
An accurate and current audit trail is essential for maintaining a record of system activity. If the logging system fails, the SA must be notified and must take prompt action to correct the problem. Minimally, the system must log this event and the SA will receive this notification during the daily system log review. If feasible, active alerting (such as e-mail or paging) should be employed consistent with the site's established operations management systems and procedures.

Description

An accurate and current audit trail is essential for maintaining a record of system activity. If the logging system fails, the SA must be notified and must take prompt action to correct the problem. Minimally, the system must log this event and the SA will receive this notification during the daily system log review. If feasible, active alerting (such as e-mail or paging) should be employed consistent with the site's established operations management systems and procedures.

STIG	Date
VMW vRealize Automation 7.x HA Proxy Security Technical Implementation Guide	2018-10-12

Details

Check Text ( C-88831r1_chk )
Interview the ISSO. Determine if logging failure events are monitored, and warnings provided to the ISSO. If logging failure events do not provide warnings in accordance with organization policies, this is a finding. If alerts are not sent or the web server is not configured to use a dedicated logging tool that meets this requirement, this is a finding.

Fix Text (F-95881r1_fix)
Ensure logging failures result in warnings to the ISSO and SA at a minimum.