Looping Authentication Prompts When Accessing Threat Hunter/Kibana

When accessing Threat Hunter and/or Kibana you may encounter an authentication prompt that will repeatedly ask for credentials regardless of the validity of the values entered.

This is most likely caused by a misconfiguration of the "domain" parameter in /opt/interset/etc/investigator.yml on the Reporting node. This parameter should be set to the value used to access the environment, so if your implementation will be accessed at "" this value should be set to "", whereas if it will be accessed via "http://intersetreporting", this should be set to "intersetreporting".

Note that changing this parameter will require a restart of Reporting (sudo monit -g reporting restart).

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request