Splunk® Phantom (Legacy)

Administer Splunk Phantom

Splunk Phantom 4.10.7 is the final release of Splunk's Security Orchestration, Automation, and Response (SOAR) system to be called Splunk Phantom. All later versions are named Splunk SOAR (On-premises). For more information, see the Splunk SOAR (On-premises) documentation.

Configure password requirements and timeout intervals to secure your Splunk Phantom accounts

You can configure password requirements and set timeout intervals for inactivity to secure your local Splunk Phantom accounts. Accounts that authenticate using single sign-on have their password requirements set by the individual service provider.

Perform the following steps to configure account security:

  1. From the main menu, select Administration.
  2. Select User Management > Account Security.
  3. Configure the desired timeout settings for all local Splunk Phantom accounts.
    Setting Description
    Inactivity Timeout The number of minutes with no activity between the user's browser and the web server before the user is logged out.
    Absolute Timeout The number of minutes after which a local user is logged out, regardless of activity. Some pages, such as the home page and Investigation have constant activity in the form of widgets and dashboards that are updated automatically without user intervention. Setting an absolute timeout is a security precaution to make sure that only authorized users are accessing your Splunk Phantom system.
  4. Configure the password requirements for your local Splunk Phantom accounts.
    Setting Description
    Length The minimum required length for any user password. This length can be overridden based on other password configurations. For example, if you set the Length to 8 characters, but also require 5 capital letters and 5 digits, then the minimum length of the password is 10 characters.
    Digits The number of unique digits 0-9 required in the password.
    Special Characters The number of unique special characters required in the password.
    Capital Letters The number of unique capital letters required in the password.
Last modified on 23 January, 2020
Manage roles and permissions in Splunk Phantom   Configure single sign-on authentication for Splunk Phantom

This documentation applies to the following versions of Splunk® Phantom (Legacy): 4.8, 4.9, 4.10, 4.10.1, 4.10.2, 4.10.3, 4.10.4, 4.10.6, 4.10.7

Was this topic useful?

You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters