Articles in this section

General Settings

Platform Timeout

After you log out and have to re-log into the Lacework platform, the Lacework Console times out. In Lacework Platform v4.3 and later, you can adjust the platform timeout duration in the Lacework Console at the organization level or the account level.

If you use the organization timeout, you cannot specify the timeout at the account level (it is greyed out).

If you don’t have an organization associated with your account, you can configure the idle timeout at the account level.

You can change the idle timeout from a minimum duration of 30 minutes up to a maximum of 24 hours. For example, if you select a timeout of 30 minutes, the session times out after 30 minutes of inactivity.

To specify the platform timeout, go to General Settings and under Platform Timeout, select the platform’s idle timeout from the drop-down.

Go to Settings > Account Settings > Audit Logs to view which user changed the timeout setting, at what time, from what value, and to what value.

When you first log in, Lacework creates a session with the timeout from the settings. If you change the timeout duration, it does not affect the previous session. The previous session only uses the timeout from the settings at the time of session creation,

For example:

  1. Timeout is set to 1 hour.
  2. You log in for the first time. The timeout is 1 hour.
  3. You change the timeout to 2 hours.
  4. Your session timeout is still set to 1 hour.

Compliance Report Schedule

Use the Send Reports at drop-down to select a time when Lacework starts running a complete compliance assessment, generates reports based on that assessment, and sends those reports to the email addresses listed in the specified alert channel.

The time specified in the drop-down is not the time that you will receive the report email because it takes time to collect the data, generate the report, and send the email. Changes made to report times can take up to one or two report cycles to take effect. Note that this drop-down affects only when reports are generated, not event summaries. Event summaries start generating at 12 PM GMT.

Lacework Policy Subscriptions

Toggle on Automatically enable Lacework default policies to enable any future Lacework default policies when they are introduced. You can also select which severities to enable. Existing policies are not affected.

Resource Management Collection Schedule

Use these settings to configure when to start resource collection and how frequently to perform collection.

Start collection on - Sets the start time for resource collection.

Collection interval - Currently, resource collection is performed every 24 hours.

Filter Suppressed Rules

Toggle on to filter suppressed rules from compliance assessments.

Continuous Assessments

Select what images are monitored for changes in vulnerabilities for a period of 30 days:

  • Reassess active images
  • Reassess images with a specific tag or label

Selecting both options means Lacework reassess all the active images in last 24 hours in addition to the images with the specified tags/labels.

Tags can contain one * wildcard, such as *mytag or mytag*.

Label keys cannot include the * wildcard. Label values can contain one * wildcard, such as key:*value or key:value*.