Configure Interactive Session Expiration

(For On-Premises installations): When you want inactive sessions to deactivate after a time-out period, you need to set four interlinked configuration parameters with the installer. Two of these parameters handle the session expiration in the backend and two of them control the frontend tracker that handles the session expiration when the user’s browser is idle. To achieve session expiration for a specific period of time (for example, 30 minutes), these parameters should be aligned to the same value.

The parameters, with sample settings, are:

sysdig
 inactivitySettings:
    trackerEnabled: true
    trackerTimeout: 1800
  api:
    jvmOptions: -Ddraios.security.rememberMe.tokenValiditySeconds=1800 -Ddraios.security.session.timeoutMinutes=30

Parameter

Description

Values

sysdig.inactivitySettings.trackerEnabled

Must be set to enable frontend activity tracker in general, boolean

false by default

sysdig.inactivitySettings.trackerTimeout

Timeout in seconds before the inactive interactive session expires, valid only if

sysdig.inactivitySettings.trackerEnabled is set to true

1800 seconds by default

draios.security.rememberMe.tokenValiditySeconds

Must match the trackerTimeout value

1800 if trackerTimeout default is used

draios.security.session.timeoutMinutes

Convert validitySeconds to minutes

30 if trackerTimeout default is used

The jvmOptions parameters handle the backend session expiration, while the sysdig.inactivitySettings.trackerEnabled and

sysdig.inactivitySettings.trackerTimeout handle the frontend activity tracker.

Learn More