This the multi-page printable view of this section. Click here to print.

Return to the regular view of this page.

    Configure Interactive Session Expiration

    (For On-Premises installations): When you want inactive sessions to deactivate after a time-out period, you need to set four interlinked configuration parameters with the installer. Two of these parameters handle the session expiration in the backend and two of them control the frontend tracker that handles the session expiration when the user’s browser is idle. To achieve session expiration for a specific period of time (for example, 30 minutes), these parameters should be aligned to the same value.

    The parameters, with sample settings, are:

    sysdig
     inactivitySettings:
        trackerEnabled: true
        trackerTimeout: 1800
      api:
        jvmOptions: -Ddraios.security.rememberMe.tokenValiditySeconds=1800 -Ddraios.security.session.timeoutMinutes=30
    

    Parameter

    Description

    Values

    sysdig.inactivitySettings.trackerEnabled

    Must be set to enable frontend activity tracker in general, boolean

    false by default

    sysdig.inactivitySettings.trackerTimeout

    Timeout in seconds before the inactive interactive session expires, valid only if

    sysdig.inactivitySettings.trackerEnabled is set to true

    1800 seconds by default

    draios.security.rememberMe.tokenValiditySeconds

    Must match the trackerTimeout value

    1800 if trackerTimeout default is used

    draios.security.session.timeoutMinutes

    Convert validitySeconds to minutes

    30 if trackerTimeout default is used

    The jvmOptions parameters handle the backend session expiration, while the sysdig.inactivitySettings.trackerEnabled and

    sysdig.inactivitySettings.trackerTimeout handle the frontend activity tracker.

    See also: configuration_parameters.md.