General
Platform Timeout
The Lacework Console terminates an idle user session after a configurable amount of time, 1 hour by default. You can adjust the platform timeout duration in the Lacework Console at the organization level or the account level.
If you use the organization timeout, you cannot specify the timeout at the account level. (It is greyed out.)
If you don’t have an organization associated with your account, you can configure the idle timeout at the account level.
You can change the idle timeout from a minimum duration of 30 minutes up to a maximum of 24 hours. For example, if you select a timeout of 30 minutes, the session times out after 30 minutes of inactivity.
To specify the platform timeout, go to Settings > Configuration > General. Under Platform Timeout, select the platform’s idle timeout from the drop-down.
Changes to the idle timeout value appear in Lacework Console audit logs. To view which user changed the timeout setting, when the change was made, and the old and new values, go to Settings > Usage > Audit Logs.
When you log in, Lacework creates a session with the current timeout. If you change the timeout duration, it does not affect active sessions. An active session only uses the timeout from the settings at the time of session creation. For example:
- Timeout is set to 1 hour.
- You log in for the first time. The timeout is 1 hour.
- You change the timeout to 2 hours.
- Your session timeout is still set to 1 hour.
Compliance Report Schedule
Use the Send reports at drop-down to select a time when Lacework starts running a complete compliance assessment, generates reports based on that assessment, and sends those reports to the email addresses listed in the specified alert channel.
The time specified in the drop-down is not the time that you will receive the report email because it takes time to collect the data, generate the report, and send the email. Changes made to report times can take up to one or two report cycles to take effect. Note that this drop-down affects only when reports are generated, not event summaries. Event summaries start generating at 12 PM GMT.
Lacework Policy Subscription
Toggle on Automatically enable Lacework default policies to enable any future Lacework default policies when they are introduced. You can also select which severities to enable. Existing policies are not affected.
Resource Management Collection Schedule
Use these settings to configure when to start resource collection and how frequently to perform collection.
Start collection at - Sets the start time for resource collection.
Collection interval - Currently, resource collection is performed every 24 hours.
Suppressed Rule Filter
Toggle to filter suppressed rules from compliance assessments.
Continuous Assessments
Select what images are monitored for changes in vulnerabilities for a period of 30 days:
- Reassess active images
Selecting this option means Lacework will reassess all active images in last 24 hours.
note
If you want to reassess images with a specific tag or label, contact Lacework Support.
Disable old CIS policies
Use this option to disable legacy CIS policies for the specified cloud vendor.
warning
Once you have disabled these policies, they cannot be re-enabled in the future. This includes any reports related to these policies.
For a full list of policies and reports that are disabled when using this option, see Disable Old CIS Policies - Legacy Policies and Reports.
These legacy CIS policies and reports will be automatically deprecated on 28th February 2023 (for AWS/GCP) and 31st March 2023 (for Azure). Lacework recommends that you start using the latest available benchmarks, which are listed below: