Re: Splunk dashboard user session never expires

cyber_castle · ‎10-31-2018

Hello guys,

We are using SH Clustering with Eneterprise SEcurity with F5 Load balancer. We have a requirement from our SOC team to display the dashboard on the TV - 24/7 so that they can monitor it continuously. Our users are connected through LDAP. I am aware off the setting - ui_inactivity_timeout in web.conf to zero so that it will never expires.

We want to create only for one generic_user (soc_anaylsts) which is in the AD.
If we have to create the user locally in the SH, will it work as we have a Load balancer and as far as i know, it will create only on one SH not on all.

Pls help

cyber_castle · ‎11-07-2018

@sir_lamneth - thanks for EmbedScheduledreports. Let me test this in our environment and will let you know.

Rob2520 · ‎11-01-2018

This would help https://answers.splunk.com/answers/7233/user-specific-browser-session-timeout.html

https://docs.splunk.com/Documentation/Splunk/7.1.1/Admin/Configureusertimeouts

cyber_castle · ‎11-07-2018

I have tried that script, for some reason its not working for me. May be is it because, it may have written for an older version of browser/splunk version?

sir_lamneth · ‎11-01-2018

If you want to create a non-LDAP user, then you can do this in a Cluster. If you follow these instructions, then it will get replicated across the Cluster:

https://docs.splunk.com/Documentation/Splunk/7.2.0/DistSearch/AdduserstotheSHC

Another option is to embed the Report or Dashboard within another site.

https://docs.splunk.com/Documentation/Splunk/latest/Report/Embedscheduledreports

https://answers.splunk.com/answers/153158/feature-request-how-to-embed-a-dashboard-not-a-rep.html

Splunk dashboard user session never expires

Developer Spotlight with Brett Adams

Index This | What can you do to make 55,555 equal 500?

Say goodbye to manually analyzing phishing and malware threats with Splunk Attack ...