CyberArk credential provider and CacheRefreshInterval timing issues with SL1 polling frequency
Rotation of password by Cyberark and the timespan defined with "CacheRefreshInterval" is causing issues with the polling interval of SL1 DAs. With CyberArk, the SL1 can source credential data from CyberARK. Respecting security policies, Cybersecurity recommends changing of password to the SL1 IDs. CyberARK can only specify a time frame during which the passwords can be changed. Within the collectors on the Cyberark agent setup CacheRefreshInterval is set up with 1500 secs (25 mins) to refresh the local cache with the Cyberark every 25 mins. As Cyberark can change the password at any minute or secs of time, SL1 still waits for CacheRefreshInterval to refresh the password. As polling frequencies are default set with 5 minutes(with password change happening at the 4th minute), often SL1 still reaches the server with old password and cause account lockouts. Is there a known way to tackle this issue?Who will be our next SL1 Innovators?
Hello Nexus Members, Looking to showcase your creativity, innovation, and inspiration? Look no further. In case you're opted out of email, we just launched our SL Innovators Awards!! Our ScienceLogic Innovators Awards were established to recognize and learn from those nerdy by nature, tech buffs, and visionaries using SL1 in pioneering ways to power a better way to work. Show the Nexus Community something cool and innovative you've been working on to achieve real business outcomes. We want to hear your ideas! Submit your applicationby September 12.
