In the web client, Security Policy Management has a settings page used to manage Sessions Password Access and the Audit Log Stream Service. You can also manage the reasons for requesting access to a password, SSH key, or session.

  • Navigate to Security Policy Management > Settings to manage the settings listed below.
    Table 144: Security Policy Settings
    Setting Description

    Maximum Notification Recipients

    Set the maximum number of notification recipients.

    Expiration Warning Duration

    Enter the number of days for the warning to expire.

    Show User Name in Access Request Conflict Messages

    When the check box is selected, if there is a conflicting access request for the time period a user wants to request, the error message will include the name of the user who requested the conflicting access request. When the check box is cleared, the error message will show the access request id instead. This check box is cleared by default.

    Allow Access Request Search by Tags

    This option allows you to find requestable accounts by searching for tags. This feature is disabled by default.

    NOTE: When the Allow Access Request Search by Tags option is turned off, the Asset Tags column, the Account Tags column, and the Advanced Search boxes are not available in the New Access Request window.

    Session Password Access Enabled

    Use this to enable or disable session password access. This feature is disabled by default.

    Audit Log Stream Service

    Use this to send SPP data to Safeguard for Privileged Sessions to audit the Safeguard privileged management software suite. The feature is disabled by default.

    To accept SPP data, the Safeguard for Privileged Sessions Appliance Administrator must turn on audit log syncing. For information, see the Safeguard for Privileged Sessions Administration Guide.

    SPP and Safeguard for Privileged Sessions must be linked to use this feature. For more information, see SPP and Safeguard for Privileged Sessions appliance link guidance.

    While the synchronization of SPP and Safeguard for Privileged Sessions is ongoing, Safeguard for Privileged Sessions is not guaranteed to have all of the audit data at any given point due to some latency.

    NOTE: This setting is also available under Appliance Management. For more information, see Global Services.

    Reasons

    From this pane you can manage the reasons for requesting access to a password, SSH key, or session. For more information, see Reasons.