CloudSOC SpanVA is in a Degraded State
search cancel

CloudSOC SpanVA is in a Degraded State

book

Article ID: 252781

calendar_today

Updated On:

Products

CASB Audit CASB Security Advanced CASB Security Premium CASB Security Standard

Issue/Introduction

Client's SpanVA is in "Degraded" State.

It may be that the customer notices this "Degraded" State themselves or Audit Engineering may have run a SpanVA health check and CASB Support would notify the customer. 

 

Cause

There are multiple possible causes for a "Degraded" State

Resolution

Here are a few possible common causes for SpanVA degraded state. This list is not all inclusive. Please coordinate with CASB Support if the following does not help resolve this issue.

1. SpanVA to CloudSOC log upload failures due to corporate Network/FW restrictions not allowing required connectivity to GCP URL:

https://techdocs.broadcom.com/us/en/symantec-security-software/information-security/symantec-cloudsoc/cloud/spanva-home/allow-listing-urls-and-verifying-spanva-connectivity.html 

2. SpanVA resources (CPU/Mem/Disk) may be insufficient for amount of logs being fed from multiple data sources. (over utilized example)

https://techdocs.broadcom.com/us/en/symantec-security-software/information-security/symantec-cloudsoc/cloud/spanva-home/monitoring-spanva-operation/checking-spanva-status/spanva-view-operation-stats.html 

3. Issue with format of logs from one or more data sources:

https://techdocs.broadcom.com/us/en/symantec-security-software/information-security/symantec-cloudsoc/cloud/audit-home/data-source-management.html 

 

 

Powered by Wolken Software