Siren Platform User Guide

Limitations

The current implementation requires disabling the Kerberos replay cache in Search Guard, as the Siren Investigate backend needs to make multiple requests to the Elasticsearch cluster on behalf of the user in several places without the ability to generate new service tickets.

As long as all the traffic to Siren Investigate is encrypted and the service ticket lifetime is short (the default in most system is five to 10 minutes) this should not pose a significant security risk.

Search results

    No results found