Alerting: Role Permissions

Document created by RSA Information Design and Development Employee on Jul 20, 2016Last modified by RSA Information Design and Development Employee on Apr 26, 2017
Version 2Show Document
  • View in full screen mode

This topic lists all ESA permissions and shows which permissions are assigned to each pre-configured Security Analytics role. User access is restricted based on roles and permissions assigned to roles.

  • Administrators
  • Operators
  • Analyst
  • Security Operations Center (SOC) Managers
  • Malware Analysts (MA)
  • Data Privacy Officer

There are four permissions for ESA:

  1. Access Alerting Module – Is required for any permission
  2. View Rules – Allows view-only permission for rules in the Rule Library
  3. View Alerts – Allows view-only permission for alerts ESA generates
  4. Manage Rules – Allows you to view, create, edit and delete rules

The following table lists permissions for ESA and the roles to which they are assigned. Use this table to see how each role can work with rules and alerts.

PermissionAdministratorsOperatorsAnalystsSOC MgrsMAsDPOs
Access Alerting ModuleYesYesYesYes Yes
View RulesYesYes Yes Yes
View AlertsYes YesYes Yes
Manage RulesYesYes Yes Yes

For more information on roles and permissions, see the System Security and User Management Guide.

Previous Topic:ESA Rule Types
You are here
Table of Contents > ESA Rule Types > Role Permissions