Host GS: Add a Service User Role

Document created by RSA Information Design and Development Employee on Mar 21, 2017
Version 1Show Document
  • View in full screen mode

There are pre-configured roles in Security Analytics that are installed on the server and on each service. You can also add custom roles. The following table lists the pre-configured system roles and their permissions.

AdministratorsFull system access
OperatorsAccess to configurations but not to meta and session content
AnalystsAccess to meta and session content but not to configurations
SOC_ManagersSame access as Analysts plus additional permission to handle incidents
Malware_AnalystsAccess to malware events and to meta and session content
Data_Privacy_OfficersAccess to meta and session content as well as configuration options that manage obfuscation and viewing of sensitive data within the system (see Data Privacy Management).

You must add a service role when you have added a:

  • Service user or users that requires a new set of permissions.
  • Custom role on Security Analytics server because trusted connections require that the same custom role exists both on the server and on each service the custom role will access. The names must be identical. For example, if you add a JuniorAnalysts role on the server then you must add a JuniorAnalysts role on each service the role will access. For more information, see the Add a Role and Assign Permissions topic in System Security and User Management.

There is also a pre-configured Aggregation service role. Aggregation Role and Service User Roles and Permissions provide additional information.


To add a service user role and assign permissions to it:

  1. In the Security Analytics menu, select Administration > Services.
  2. Select a service, then Actns.png > View > Security.
    The Security view for the selected service is displayed with the Users tab open.
  3. Select the Roles tab and click 104ApplAdd.png.
    The Services Security view is displayed and five pre-configured roles are already listed. 
  4. Click 104ApplAdd.png, type the Role Name and press Enter.
    The Role Name is displayed above a list of Role Permissions.
  5. Select each permission the role will have on the service. 
  6. Click Apply.

The role is added to the service immediately. You can add service users to it in the Users tab.

You are here
Table of Contents > Service Procedures > Add a Service User Role