Configure security settings - Administrator Guide - Cortex XSIAM - Cortex - Security Operations

Cortex XSIAM Documentation

Cortex XSIAM
Creation date
Last date published
Administrator Guide

Configure security settings such as session expiration, user login expiration, and dashboard expiration.

You can configure security settings such as how long users can be logged into Cortex XSIAM, and from which domains and IP ranges users can log in.

Go to SettingsConfigurationsGeneralSecurity Settings.




Session Expiration

User Login Expiration

The number of hours (between 1 and 24) after which the user login session expires. You can also choose to automatically log users out after a specified period of inactivity.

Dashboard Expiration

Whether the Dashboard page expires at the same time as the user login session or after seven days. This is useful when you view a dashboard on a separate screen.

For example, if you select seven days for dashboards and eight hours for login expiration and you are currently viewing the Dashboard page, the dashboard expiration takes priority (seven days). This ensures that the Dashboard page continues to display the widgets for an extended period.

Allowed Sessions

Approved Domains

The domains from which you want to allow user access (login) to Cortex XSIAM. You can add or remove domains as necessary.

Approved IP Ranges

The IP ranges from which you want to allow user access (login) to Cortex XSIAM. You can also choose to limit API access from specific IP addresses.

User Expiration

Deactivate Inactive User

Deactivate an inactive user, and also set the user deactivation trigger period. By default, user expiration is disabled. When enabled, enter the number of days after which inactive users should be deactivated.

Allowed Domains

Domain Name

The domain names that can be used in your distribution lists for reports. For example, when generating a report, ensure the reports are not sent to email addresses outside your organization.