System Configuration
Last updated
Was this helpful?
Last updated
Was this helpful?
Use Panther's system configuration settings to configure your Panther Console and overall Panther deployment to best meet your organization's needs.
To access your General settings, click the gear icon in the upper right corner of your Panther Console. The General settings include the following tabs:
Only users with the Read Settings & SAML Preferences permission can view the configurations on this page, and only those with Edit Settings & SAML Preferences can make changes.
The footer on the Settings > General page displays your Panther instance's AWS Account ID, Panther Version, AWS Region, and Gateway Public IP:
In this section, you can configure the following fields:
Company Information
Company Name
Preferences
Send Product Analytics
This anonymized data helps us improve Panther.
Display UTC Time Zone
Show all dates and times displayed in the Console in Coordinated Universal Time (UTC). When switched off, the local time zone will be used.
Send Alert Assignment Emails
This is a global setting; it cannot be configured per-user.
Enable Panther Audit Logs
Enable Panther AI
Click the toggle next to We use the Panther Analysis Tool to manage our detections if you want to prevent users from enabling Panther Packs in the Panther Console. This helps prevent update conflicts between the Console and CI/CD workflows.
The "Developer Workflow" is also known as the CLI workflow.
Under Settings > Users, users with the View Users permission can view a list of all users in your Panther account. A user with the Manage Users permission can delete and invite users.
When you invite a user to your Panther account, they receive an email with temporary credentials that they can use to sign in to the platform. After a user's initial login, they are required to update their password and set up MFA.
Panther requires a strong password:
Password must contain at least 1 number
Password must contain at least 1 symbol
Password must contain at least 1 lowercase character
Password must contain at least 1 uppercase character
Password must contain at least 12 characters
Panther's System Health Notifications alert you with a "System Error" when a part of the Panther platform is not functioning correctly. This includes the following types of notifications:
Log source health notifications
Log classification errors
Alert delivery failures
Cloud security scanning failures
Panther audit logs provide a read-only history of activity in your Panther deployment. You can write detections on your audit logs, or query for them in your , the same way you would with any other security events ingested by Panther.
For more information, see .
Provides access to features.
You can integrate with SAML Identity Providers (IdPs) to enable user login to the Panther Console via . After setting up a SSO integration, you can optionally for logging in. Panther integrates with the following providers:
Panther also supports integrating with any SAML IdP via the integration.
For more information, see .
Panther is configured to write processed log data to an AWS-based database cluster. Using Panther with Snowflake enables Panther data to both integrate with your given Business Intelligence tools and to perform assessments of your organization's security posture. For more information, see .
This section in the Panther Console Settings also includes the ability to make LIMIT clauses required for scheduled queries. See the for more information.
Under Settings > User Roles, you can configure . This gives Panther deployments granular access control for its user accounts. All roles, including the three , are customizable by any user with UserModify permissions.
For more information, see .
Under Settings > API Tokens, view a list of API tokens that have been created for your account. You can also .
Under Settings > API Playground, access to try out API operations.
For more information, see
Visit the Panther Knowledge Base to that answer frequently asked questions and help you resolve common errors and issues.
