In Security Analytics, each service has a separate configuration of users, roles, and role permissions, which are managed in the Services Security view.
To access service information and perform service operations through Security Analytics, a user must belong to a role that has permissions on that service. For 10.4 or later Security Analytics Core services that utilize trusted connections, it is no longer necessary to create Security Analytics Core user accounts for users that log on through the web client. You only need to create Security Analytics Core user accounts for aggregation, thick client users, and REST API users.
Note: Only the default admin user in Security Analytics is created by default on all services. As a prerequisite to managing service security, the default admin user account must be present in the Security Analytics Administration > Services view. For every other user, you must configure access to each particular service through Security Analytics.
Procedures related to this tab are described in Additional Service Procedures.
To access the Services Security view:
- In the Security Analytics menu, select Administration > Services.
- Select a service and select > View > Security.
The Services Security view for the selected service is displayed.
The Services Security view has three tabs, Users tab, Roles tab, and Settings tab.
Roles and Service Access
Primary considerations in configuring service security are defining the roles and assigning users to the roles. The Service Security view separates these two functions into the Users tab and the Roles tab.
- In the Roles tab, you can create roles and assign permissions to the roles for a selected service.
- In the Users tab, you can add a user, edit user settings, change the user password, and edit the role membership of the user for a selected service. Although you select a single service in the Services Security view, you can apply the settings for one service to other services.