Title

The Google Search Appliance must support the requirement to back up audit data and records onto a different system or media than the system being audited at least every seven days. (Cat II impact)

Discussion

Protection of log data includes assuring log data is not accidentally lost or deleted. Backing up audit records to a different system or onto separate media than the system being audited on an organizationally defined frequency helps to assure in the event of a catastrophic system failure, the audit records will be retained.

Check Content

Open the GSA Web Admin Console at https:<your GSA IP or hostname>:8443. Login to the GSA management interface. Navigate to "Administration", select "Network Settings". If the "Facility" setting is enabled, this is not a finding.

Fix Text

Open the GSA Web Admin Console at https:<your GSA IP or hostname>:8443. Login to the GSA management interface. Navigate to "Administration", select "Network Settings". Ensure that "Facility" setting is enabled. Click Save.

Additional Identifiers

Rule ID: SV-75219r1_rule

Vulnerability ID: V-60767

Group Title: SRG-APP-000125

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.