Reporting: Manage Access for a Chart or Chart Group

Document created by RSA Information Design and Development on Jul 28, 2016
Version 1Show Document
  • View in full screen mode
 

This guide describes the Alert feature in Reporting module. The Alerts module is used to define and view alerts.

This section covers the access permissions the user has depending on the user role to manage a chart and chart group. The Reporting Module provides access control at the chart and chart group level. The user who has the right set of permissions can only perform the tasks in reporting module. The access control is managed by the administrator from the Administration > Security > Roles tab.

The administrator when creating users and user roles, must ensure that the roles created for specific tasks should have access to all the permissions higher in the hierarchy of roles.

Charts and Chart Groups can be tied to a specific set of user roles so that when a user logs into Security Analytics, the charts with the access rights for the specific user role can be viewed. Users that belong to a user role with the ‘Read & Write’ access permission can define charts. Further, the access can be tightened so that charts are accessed only by those who have the ‘Read Only’ access.

Note: You must have ‘Read Only’ permission on a group to view the charts within that group.

At the chart level, you can set the following access permissions for the user roles in Security Analytics:

  • Read & Write
  • Read Only
  • No Access

Suppose, you want the Security Analysts to have access to all the charts in a Chart Group, you can set the permission 'Read & Write' at the Chart Group level. And, if you do not want the Operator role to have access to a specific set of charts in a chart group, you can set the permission 'No Access' at the Chart Group level.

The permission is set only for the chart group but not the charts, rules or sub-groups in the Chart Group.

Access Control for a Chart Group

When you want to change the chart group permissions, you must select a chart group and set their access permissions using the Charts Permissions panel.

Before applying chart group permissions, the default permission set for all the user roles is 'No Access' permission, and the checkboxes are unchecked.

105_b4_applyg_chart_grp_perm.png

If you want to change the access permission for a specific user role, you must set these at the chart group level, as shown in the figure. Suppose, you want the Administrators to have access to all the charts in a Chart Group, you can set the permission 'Read & Write' in the Charts Group Permissions panel.

And, you can also apply permissions to sub-groups and charts in the group, as well as apply read-only permission to rules in the charts by selecting the appropriate checkboxes.

105_after_applyg_chart_grp_perm.png

The three scenarios are explained in brief:

  • Scenario 1: Permissions applied to Chart Group/ Sub Group/ Chart based on the user role.
  • Scenario 2: Permissions applied to Sub Group and Chart in the Group.
  • Scenario 3: Read-only permission applied to Rules in the Chart.
                               
 Role
(Analyst)
Permissions applied to Chart Group/ Sub Group/ Chart based on the user rolePermissions applied to Sub group and Chart in the GroupPermission (Read-only) applied to Rules in the Chart
Group Read & WriteRead & WriteRead & WriteRead & Write
Sub GroupReadReadRead & Write - InheritedRead & Write
ChartReadReadRead & Write - InheritedRead & Write
RulesReadReadReadRead

The Chart Group are assigned the role of a Security Analyst and permissions are set to Read & Write chart group.

For scenario 1, each of the levels will have a permission set depending on the user role. For scenario 2, the permission at the Chart Group level will be inherited by the Sub Group and Charts in the Group. For scenario 3, the Read permission is set for the Rules except that the permission set for the rules cannot be higher than the permissions set for the Chart Group.

Access Control for a Chart

When you want to change the chart permissions, you must select a chart and set their access permissions using the Chart Permissions panel.

Before applying the Chart permissions, the default permission set for all the user roles is 'No Access' permission and the checkbox is unchecked.

105_b4_applyg_chart_perm.png

If you want to change the access permission for a specific user role, you must set these at the chart level, as shown in the figure. Suppose, you want the Administrators to have access to a specific chart, you can set the permission 'Read & Write' in the Charts Permissions panel.

And, you can apply read-only permission to rules in the charts by selecting the checkbox.

105_after_applyg_chart_perm.png

The two scenarios are explained in brief:

  • Scenario 1: Permissions applied to Chart Group/ Sub Group/ Chart/ Rules based on the user role.
  • Scenario 2: Read-only permission applied to Rules in the Chart.
                          
 Role
(Analyst)
Permissions applied to Chart Group/ Sub Group/ Chart/ Rules based on the user rolePermission (Read-only) applied to Rules in the Chart
Group Read & WriteRead & WriteRead & Write
Sub GroupReadReadRead & Write
ChartReadReadRead & Write
RulesReadReadRead
 

The Chart will be assigned the role of a Security Analyst and permissions are set to Read & Write charts.

For scenario 1, each of the levels has a permission set based on the user role. For scenario 2, the Read permission is set for the Rules except that the permission for the rules cannot be higher than the permission for the Charts.

Note: If the permission for the rules is higher than the permission for the Chart, the permission is not applied. For example, if you set the permissions for the Report Group as No Access and specify the option Apply Read-only permission to Rules in the Reports, the read-only permission is not set for the rules. 

Access Control for a Chart When Multiple Charts are Selected

When you want to change permissions of multiple charts, you must select several charts and set their access permissions using the Charts Permissions panel. The access permission that you choose is applied to all the selected charts.

105_mult_objts_sel.png

Access Control for a Chart When Multiple Charts with Several Rules are Selected

When you want to change permissions when multiple charts with several rules are selected, you must select the checkbox in the Charts Permissions panel.

105_multp_obj_rules_sel.png

The read-only access permission is applied to all the rules of the selected charts, provided that the permission of the rules are lower than the permission of the charts.

Note:  If a user (other than the super user) creates a chart, the super user cannot access that chart. 

Tabular Listing

The following table lists the various columns in the Charts Permissions panel.

                       
ColumnDescription
Roles    The role of the user logged into the Security Analytics UI.
Read & WriteThe user can access, view, edit, import, export, and delete the chart on the Charts view. The user can also change the permission on the chart.
Read Only The user can only access and view the chart on the Charts view.
No AccessThe user cannot access or view the chart for which this permission is set. 
IconCheckbox.png Apply these permissions to sub-groups and Charts in this groupSelect the checkbox to apply the selected permissions to the chart group, sub-groups in the group and charts in the group.

Note: This checkbox is populated only when you set access permissions for a Chart Group.

IconCheckbox.png Apply Read-only permission to Rules in the ChartsSelect the checkbox to automatically apply permissions to the rules in the charts.

Topics

You are here: Working with Charts in the Reporting Module > Reporting: Manage Access for a Chart or Chart Group

Attachments

    Outcomes