Follow

Looping Authentication Prompts When Accessing Threat Hunter/Kibana

When accessing Threat Hunter and/or Kibana you may encounter an authentication prompt that will repeatedly ask for credentials regardless of the validity of the values entered.

This is most likely caused by a misconfiguration of the "domain" parameter in /opt/interset/etc/investigator.yml on the Reporting node. This parameter should be set to the value used to access the environment, so if your implementation will be accessed at "http://intersetreporting.company.com" this value should be set to "intersetreporting.company.com", whereas if it will be accessed via "http://intersetreporting", this should be set to "intersetreporting".

Note that changing this parameter will require a restart of Reporting (sudo monit -g reporting restart).

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

Powered by Zendesk