The Google Search Appliances must respond to security function anomalies by notifying the system administrator.

From Google Search Appliance Security Technical Implementation Guide

Associated with: CCI-001674

SV-75241r1_rule The Google Search Appliances must respond to security function anomalies by notifying the system administrator.

Vulnerability discussion

The need to verify security functionality applies to all security functions. For those security functions not able to execute automated self-tests the organization either implements compensating security controls or explicitly accepts the risk of not performing the verification as required. Information system transitional states include startup, restart, shutdown, and abort.

Check content

Open the GSA Web Admin Console at https::8443. Login to the GSA management interface. Navigate to "Administration", select "Network Settings". Ensure that a valid Syslog server is entered correctly. If events are sent and recorded on the Syslog server, this is not a finding.

Fix text

Open the GSA Web Admin Console at https::8443. Login to the GSA management interface. Navigate to "Administration", select "Network Settings". Enter a valid Syslog server. Ensure that events are sent and recorded on the Syslog server.

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.