STIGQter: STIG Summary: Splunk Enterprise 7.x for Windows Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 23 Apr 2021:

Splunk Enterprise idle session timeout must be set to not exceed 15 minutes.

DISA Rule

SV-221938r508660_rule

Vulnerability Number

V-221938

Group Title

SRG-APP-000295-AU-000190

Rule Version

SPLK-CL-000190

Severity

CAT II

CCI(s)

CCI-002361 - The information system automatically terminates a user session after organization-defined conditions or trigger events requiring session disconnect.

Weight

Fix Recommendation

Select Settings >> Server Settings >> General Settings and set Session timeout to 15 minutes or less.

Check Contents

Select Settings >> Server Settings >> General Settings and verify that Session timeout is set to 15 minutes or less.

If Splunk is not configured to 15 minutes or less, this is a finding.

Vulnerability Number

V-221938

Documentable

False

Rule Version

SPLK-CL-000190

Severity Override Guidance

Select Settings >> Server Settings >> General Settings and verify that Session timeout is set to 15 minutes or less.

If Splunk is not configured to 15 minutes or less, this is a finding.

Check Content Reference

Target Key

4082

Splunk Enterprise idle session timeout must be set to not exceed 15 minutes.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments