Stealthwatch Limitation on readonly users

hsangral — Mon, 20 Jan 2020 12:44:00 GMT

Hello,

Is there a limitations on the number of read only users that can be created on stealthwatch, I have a requirement fo 30+ user accounts that are needed to be created.

Re: Stealthwatch Limitation on readonly users

brford — Mon, 20 Jan 2020 18:03:55 GMT

There is no practical limitation on the number of users that can be created but...

You should monitor the number of active or logged in users in Stealthwatch at the Stealthwatch Management Console (SMC). The number of active users supported is listed in the documentation based on virtual or appliance. If you have many users logged in and running queries at the same time the management console response time may increase (i.e. get slower).

About creating and maintaining those accounts; it's a good security practice to create accounts for people who are active users of the system. If you find someone is not using the system; either because their responsibilities changed or because they don't work there anymore you should remove those accounts. If you leave inactive accounts available in the system you are creating a threat surface in that a bad actor might figure out how to use that account to surveil your network.

topic Stealthwatch Limitation on readonly users in Security Analytics

Stealthwatch Limitation on readonly users

Re: Stealthwatch Limitation on readonly users