Increasing the Session timeout Of wazuh App
511 views
Skip to first unread message
John Carry
Oct 18, 2023, 4:00:20 AM10/18/23
to Wazuh | Mailing List
Dear Wazuh Team,
We are using Wazuh with Elastic and wants to increase the session timeout of Wazuh application because currently the Wazuh App doesn't seems to timeout.
Could you please let me know the steps to configure the session timeout?
Could you please let me know the steps to configure the session timeout?
Harshal Paliwal
Oct 18, 2023, 5:19:54 AM10/18/23
to Wazuh | Mailing List
Hi John,
Thanks for using the Wazuh.
To extend the session timeout, add the following settings in opensearch_dashboards.yml
Thanks for using the Wazuh.
To extend the session timeout, add the following settings in opensearch_dashboards.yml
opensearch_security.session.ttl: 3600000
opensearch_security.cookie.ttl: 3600000
opensearch_security.cookie.secure: true
opensearch_security.session.keepalive: true
This will extend the timeout to 1 hour.
Restart your Wazuh dashboard so the changes can take effect:
systemctl restart wazuh-dashboard
Let us know if you have any questions.
Regards!
Regards!
John Carry
Oct 19, 2023, 3:11:34 AM10/19/23
to Wazuh | Mailing List
Hello Harshal,
I think we are not using Opensearch rather we are using Elastic, I am attaching the snaps to let you know about our environment. Additionally I think in-order to increase the session time-out we need to configure the kibana.yml (Snap attached).
Please go through the details below and let us know where to apply session timeout configuration.
Wazuh-Version:
I think we are not using Opensearch rather we are using Elastic, I am attaching the snaps to let you know about our environment. Additionally I think in-order to increase the session time-out we need to configure the kibana.yml (Snap attached).
Please go through the details below and let us know where to apply session timeout configuration.
Note: I am unable to find opensearch config file.
1) GET /_cluster/stats:
{
"_nodes" : {
"total" : 1,
"successful" : 1,
"failed" : 0
},
"cluster_name" : "elasticsearch",
"cluster_uuid" : "rB7MpocmSkikr_7TN1147g",
"timestamp" : 1697697295664,
"status" : "green",
"indices" : {
"count" : 27,
"shards" : {
"total" : 49,
"primaries" : 49,
"replication" : 0.0,
"index" : {
"shards" : {
"min" : 1,
"max" : 3,
"avg" : 1.8148148148148149
},
"primaries" : {
"min" : 1,
"max" : 3,
"avg" : 1.8148148148148149
},
"replication" : {
"min" : 0.0,
"max" : 0.0,
"avg" : 0.0
}
}
},
"docs" : {
"count" : 2030373,
"deleted" : 509655
},
"store" : {
"size_in_bytes" : 2291527675,
"total_data_set_size_in_bytes" : 2291527675,
"reserved_in_bytes" : 0
},
"fielddata" : {
"memory_size_in_bytes" : 306072,
"evictions" : 0
},
"query_cache" : {
"memory_size_in_bytes" : 1507074,
"total_count" : 40770157,
"hit_count" : 1500476,
"miss_count" : 39269681,
"cache_size" : 869,
"cache_count" : 20501,
"evictions" : 19632
},
"completion" : {
"size_in_bytes" : 0
},
"segments" : {
"count" : 367,
"memory_in_bytes" : 12278268,
"terms_memory_in_bytes" : 11363408,
"stored_fields_memory_in_bytes" : 186296,
"term_vectors_memory_in_bytes" : 0,
"norms_memory_in_bytes" : 43456,
"points_memory_in_bytes" : 0,
"doc_values_memory_in_bytes" : 685108,
"index_writer_memory_in_bytes" : 2008828,
"version_map_memory_in_bytes" : 0,
"fixed_bit_set_memory_in_bytes" : 64840,
"max_unsafe_auto_id_timestamp" : 1697012511529,
"file_sizes" : { }
},
"mappings" : {
"field_types" : [
{
"name" : "boolean",
"count" : 12,
"index_count" : 12,
"script_count" : 0
},
{
"name" : "constant_keyword",
"count" : 3,
"index_count" : 1,
"script_count" : 0
},
{
"name" : "date",
"count" : 176,
"index_count" : 18,
"script_count" : 0
},
{
"name" : "double",
"count" : 55,
"index_count" : 11,
"script_count" : 0
},
{
"name" : "float",
"count" : 2,
"index_count" : 1,
"script_count" : 0
},
{
"name" : "geo_point",
"count" : 22,
"index_count" : 11,
"script_count" : 0
},
{
"name" : "integer",
"count" : 22,
"index_count" : 11,
"script_count" : 0
},
{
"name" : "ip",
"count" : 89,
"index_count" : 12,
"script_count" : 0
},
{
"name" : "keyword",
"count" : 6354,
"index_count" : 18,
"script_count" : 0
},
{
"name" : "long",
"count" : 769,
"index_count" : 15,
"script_count" : 0
},
{
"name" : "nested",
"count" : 1,
"index_count" : 1,
"script_count" : 0
},
{
"name" : "object",
"count" : 878,
"index_count" : 18,
"script_count" : 0
},
{
"name" : "text",
"count" : 193,
"index_count" : 18,
"script_count" : 0
},
{
"name" : "version",
"count" : 1,
"index_count" : 1,
"script_count" : 0
}
],
"runtime_field_types" : [ ]
},
"analysis" : {
"char_filter_types" : [ ],
"tokenizer_types" : [ ],
"filter_types" : [ ],
"analyzer_types" : [ ],
"built_in_char_filters" : [ ],
"built_in_tokenizers" : [ ],
"built_in_filters" : [ ],
"built_in_analyzers" : [ ]
},
"versions" : [
{
"version" : "7.17.9",
"index_count" : 27,
"primary_shard_count" : 49,
"total_primary_bytes" : 2291527675
}
]
},
"nodes" : {
"count" : {
"total" : 1,
"coordinating_only" : 0,
"data" : 1,
"data_cold" : 1,
"data_content" : 1,
"data_frozen" : 1,
"data_hot" : 1,
"data_warm" : 1,
"ingest" : 1,
"master" : 1,
"ml" : 1,
"remote_cluster_client" : 1,
"transform" : 1,
"voting_only" : 0
},
"versions" : [
"7.17.9"
],
"os" : {
"available_processors" : 8,
"allocated_processors" : 8,
"names" : [
{
"name" : "Linux",
"count" : 1
}
],
"pretty_names" : [
{
"pretty_name" : "CentOS Stream 8",
"count" : 1
}
],
"architectures" : [
{
"arch" : "amd64",
"count" : 1
}
],
"mem" : {
"total_in_bytes" : 41879580672,
"free_in_bytes" : 2408120320,
"used_in_bytes" : 39471460352,
"free_percent" : 6,
"used_percent" : 94
}
},
"process" : {
"cpu" : {
"percent" : 1
},
"open_file_descriptors" : {
"min" : 858,
"max" : 858,
"avg" : 858
}
},
"jvm" : {
"max_uptime_in_millis" : 587186223,
"versions" : [
{
"version" : "19.0.2",
"vm_name" : "OpenJDK 64-Bit Server VM",
"vm_version" : "19.0.2+7-44",
"vm_vendor" : "Oracle Corporation",
"bundled_jdk" : true,
"using_bundled_jdk" : true,
"count" : 1
}
],
"mem" : {
"heap_used_in_bytes" : 914161296,
"heap_max_in_bytes" : 4294967296
},
"threads" : 131
},
"fs" : {
"total_in_bytes" : 1518997602304,
"free_in_bytes" : 1321454481408,
"available_in_bytes" : 1321454481408
},
"plugins" : [ ],
"network_types" : {
"transport_types" : {
"security4" : 1
},
"http_types" : {
"security4" : 1
}
},
"discovery_types" : {
"zen" : 1
},
"packaging_types" : [
{
"flavor" : "default",
"type" : "rpm",
"count" : 1
}
],
"ingest" : {
"number_of_pipelines" : 2,
"processor_stats" : {
"date" : {
"count" : 1988284,
"failed" : 0,
"current" : 0,
"time_in_millis" : 38529
},
"date_index_name" : {
"count" : 1988284,
"failed" : 0,
"current" : 0,
"time_in_millis" : 67608
},
"geoip" : {
"count" : 9941420,
"failed" : 0,
"current" : 0,
"time_in_millis" : 111250
},
"gsub" : {
"count" : 0,
"failed" : 0,
"current" : 0,
"time_in_millis" : 0
},
"json" : {
"count" : 1988285,
"failed" : 1,
"current" : 0,
"time_in_millis" : 68848
},
"remove" : {
"count" : 29824260,
"failed" : 0,
"current" : 0,
"time_in_millis" : 11112
},
"script" : {
"count" : 0,
"failed" : 0,
"current" : 0,
"time_in_millis" : 0
}
}
}
}
}
"_nodes" : {
"total" : 1,
"successful" : 1,
"failed" : 0
},
"cluster_name" : "elasticsearch",
"cluster_uuid" : "rB7MpocmSkikr_7TN1147g",
"timestamp" : 1697697295664,
"status" : "green",
"indices" : {
"count" : 27,
"shards" : {
"total" : 49,
"primaries" : 49,
"replication" : 0.0,
"index" : {
"shards" : {
"min" : 1,
"max" : 3,
"avg" : 1.8148148148148149
},
"primaries" : {
"min" : 1,
"max" : 3,
"avg" : 1.8148148148148149
},
"replication" : {
"min" : 0.0,
"max" : 0.0,
"avg" : 0.0
}
}
},
"docs" : {
"count" : 2030373,
"deleted" : 509655
},
"store" : {
"size_in_bytes" : 2291527675,
"total_data_set_size_in_bytes" : 2291527675,
"reserved_in_bytes" : 0
},
"fielddata" : {
"memory_size_in_bytes" : 306072,
"evictions" : 0
},
"query_cache" : {
"memory_size_in_bytes" : 1507074,
"total_count" : 40770157,
"hit_count" : 1500476,
"miss_count" : 39269681,
"cache_size" : 869,
"cache_count" : 20501,
"evictions" : 19632
},
"completion" : {
"size_in_bytes" : 0
},
"segments" : {
"count" : 367,
"memory_in_bytes" : 12278268,
"terms_memory_in_bytes" : 11363408,
"stored_fields_memory_in_bytes" : 186296,
"term_vectors_memory_in_bytes" : 0,
"norms_memory_in_bytes" : 43456,
"points_memory_in_bytes" : 0,
"doc_values_memory_in_bytes" : 685108,
"index_writer_memory_in_bytes" : 2008828,
"version_map_memory_in_bytes" : 0,
"fixed_bit_set_memory_in_bytes" : 64840,
"max_unsafe_auto_id_timestamp" : 1697012511529,
"file_sizes" : { }
},
"mappings" : {
"field_types" : [
{
"name" : "boolean",
"count" : 12,
"index_count" : 12,
"script_count" : 0
},
{
"name" : "constant_keyword",
"count" : 3,
"index_count" : 1,
"script_count" : 0
},
{
"name" : "date",
"count" : 176,
"index_count" : 18,
"script_count" : 0
},
{
"name" : "double",
"count" : 55,
"index_count" : 11,
"script_count" : 0
},
{
"name" : "float",
"count" : 2,
"index_count" : 1,
"script_count" : 0
},
{
"name" : "geo_point",
"count" : 22,
"index_count" : 11,
"script_count" : 0
},
{
"name" : "integer",
"count" : 22,
"index_count" : 11,
"script_count" : 0
},
{
"name" : "ip",
"count" : 89,
"index_count" : 12,
"script_count" : 0
},
{
"name" : "keyword",
"count" : 6354,
"index_count" : 18,
"script_count" : 0
},
{
"name" : "long",
"count" : 769,
"index_count" : 15,
"script_count" : 0
},
{
"name" : "nested",
"count" : 1,
"index_count" : 1,
"script_count" : 0
},
{
"name" : "object",
"count" : 878,
"index_count" : 18,
"script_count" : 0
},
{
"name" : "text",
"count" : 193,
"index_count" : 18,
"script_count" : 0
},
{
"name" : "version",
"count" : 1,
"index_count" : 1,
"script_count" : 0
}
],
"runtime_field_types" : [ ]
},
"analysis" : {
"char_filter_types" : [ ],
"tokenizer_types" : [ ],
"filter_types" : [ ],
"analyzer_types" : [ ],
"built_in_char_filters" : [ ],
"built_in_tokenizers" : [ ],
"built_in_filters" : [ ],
"built_in_analyzers" : [ ]
},
"versions" : [
{
"version" : "7.17.9",
"index_count" : 27,
"primary_shard_count" : 49,
"total_primary_bytes" : 2291527675
}
]
},
"nodes" : {
"count" : {
"total" : 1,
"coordinating_only" : 0,
"data" : 1,
"data_cold" : 1,
"data_content" : 1,
"data_frozen" : 1,
"data_hot" : 1,
"data_warm" : 1,
"ingest" : 1,
"master" : 1,
"ml" : 1,
"remote_cluster_client" : 1,
"transform" : 1,
"voting_only" : 0
},
"versions" : [
"7.17.9"
],
"os" : {
"available_processors" : 8,
"allocated_processors" : 8,
"names" : [
{
"name" : "Linux",
"count" : 1
}
],
"pretty_names" : [
{
"pretty_name" : "CentOS Stream 8",
"count" : 1
}
],
"architectures" : [
{
"arch" : "amd64",
"count" : 1
}
],
"mem" : {
"total_in_bytes" : 41879580672,
"free_in_bytes" : 2408120320,
"used_in_bytes" : 39471460352,
"free_percent" : 6,
"used_percent" : 94
}
},
"process" : {
"cpu" : {
"percent" : 1
},
"open_file_descriptors" : {
"min" : 858,
"max" : 858,
"avg" : 858
}
},
"jvm" : {
"max_uptime_in_millis" : 587186223,
"versions" : [
{
"version" : "19.0.2",
"vm_name" : "OpenJDK 64-Bit Server VM",
"vm_version" : "19.0.2+7-44",
"vm_vendor" : "Oracle Corporation",
"bundled_jdk" : true,
"using_bundled_jdk" : true,
"count" : 1
}
],
"mem" : {
"heap_used_in_bytes" : 914161296,
"heap_max_in_bytes" : 4294967296
},
"threads" : 131
},
"fs" : {
"total_in_bytes" : 1518997602304,
"free_in_bytes" : 1321454481408,
"available_in_bytes" : 1321454481408
},
"plugins" : [ ],
"network_types" : {
"transport_types" : {
"security4" : 1
},
"http_types" : {
"security4" : 1
}
},
"discovery_types" : {
"zen" : 1
},
"packaging_types" : [
{
"flavor" : "default",
"type" : "rpm",
"count" : 1
}
],
"ingest" : {
"number_of_pipelines" : 2,
"processor_stats" : {
"date" : {
"count" : 1988284,
"failed" : 0,
"current" : 0,
"time_in_millis" : 38529
},
"date_index_name" : {
"count" : 1988284,
"failed" : 0,
"current" : 0,
"time_in_millis" : 67608
},
"geoip" : {
"count" : 9941420,
"failed" : 0,
"current" : 0,
"time_in_millis" : 111250
},
"gsub" : {
"count" : 0,
"failed" : 0,
"current" : 0,
"time_in_millis" : 0
},
"json" : {
"count" : 1988285,
"failed" : 1,
"current" : 0,
"time_in_millis" : 68848
},
"remove" : {
"count" : 29824260,
"failed" : 0,
"current" : 0,
"time_in_millis" : 11112
},
"script" : {
"count" : 0,
"failed" : 0,
"current" : 0,
"time_in_millis" : 0
}
}
}
}
}
Wazuh-Version:
Kibana.yml:
John Carry
Oct 20, 2023, 3:23:56 AM10/20/23
to Wazuh | Mailing List
Dear
Harshal,
Any update please?
John Carry
Oct 23, 2023, 12:58:01 AM10/23/23
to Wazuh | Mailing List
Dear Harshal,
Please update.
Please update.
Harshal Paliwal
Oct 24, 2023, 11:02:48 PM10/24/23
to Wazuh | Mailing List
Hi John,
Sorry for the late response!
To extend the session timeout, add the following settings in kibana.yml
Sorry for the late response!
To extend the session timeout, add the following settings in kibana.yml
opendistro_security.session.ttl: 3600000
opendistro_security.cookie.ttl: 3600000
opendistro_security.cookie.secure: true
opendistro_security.session.keepalive: true
This will extend the timeout to 1 hour.
Restart your Wazuh dashboard so the changes can take effect:
systemctl restart kibana
Let us know if you have any questions.
Regards!
Regards!
Reply all
Reply to author
Forward
0 new messages