Splunk Enterprise idle session timeout must be set to not exceed 15 minutes.

An XCCDF Rule

Details
Profiles
Prose

Description

<VulnDiscussion>Automatic session termination after a period of inactivity addresses the potential for a malicious actor to exploit the unattended session. Closing any unattended sessions reduces the attack surface to the application.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-221938r879673_rule
Severity: Medium
References: CCI-002361
Updated: about 1 year ago

Select Settings >> Server Settings >> General Settings and set Session timeout to 15 minutes or less.

Splunk Enterprise idle session timeout must be set to not exceed 15 minutes.

Description

Remediation - Manual Procedure