Host GS: Services Security View - Users Tab

Document created by RSA Information Design and Development Employee on Nov 7, 2017Last modified by RSA Information Design and Development Employee on Sep 8, 2020
Version 18Show Document
  • View in full screen mode
 

In the Services Security view Users tab, you can configure the following for a service:

  • Add user accounts.
  • Change service user passwords.
  • Configure user authentication properties and query handling properties for the service.
  • Specify the user role membership, which specifies the roles that the user belongs to on the selected service.

Note: For version 10.4 or later NetWitness Platform Core services that utilize trusted connections, it is no longer necessary to create NetWitness Platform Core user accounts for users that log on through the web client.  You only need to create NetWitness Platform Core user accounts for aggregation, thick client users, and REST API users.

Workflow

This is an example of a workflow for the Services view.

What do you want to do?

                                                
User RoleI want to...Documentation
Administrator set up a host.

Setting Up a Host

Administrator maintain a host.Maintaining Hosts

Administrator

maintain a service.

Maintaining Services

Administrator add user accounts.*Add, Replicate, or Delete a Service User

Administrator

change service user passwords.*

Change a Service User Password
Administrator configure user authentication properties and query handling properties for the service.*See "Verify Query and Session Attributes per Role" in the System Security and User Management Guide.

Administrator

specify the user role membership (roles that the user belongs to on the selected service).*

See "Add a User and Assign a Role" in the System Security and User Management Guide.

* You can perform these tasks in the current view.

Related Topics

Quick Look

This is an example of the Users tab.

The Users tab has a User List panel on the left. Selecting a username from the panel makes the User Definition panel on the right available.

User List Panel

The User List panel has the following features.

                           
FeatureDescription
The Add icon Adds a new user to the current service.
The delete icon Deletes the selected users from the service.
The actions drop-down Performs one of the following actions on the selected service user account:
  • Replicate: Replicates the entire service user account to selected services.
  • Change Password: Changes the password of a service user and replicates the new password to Core services with that user account defined. The Change Password option replicates only the password change to the Core services selected and does not replicate the entire user account.
UsernameThe usernames for all user accounts that access the service. The username must be one used to log on to NetWitness Platform.

The following figure shows the "Replicate User to other services" dialog.

This is an example of the Replicate User to other services dialog.

The following figure shows the Change Password dialog.

This is an example of the Change Password dialog.

User Definition Panel

The User Definition panel has three sections: 

  • User Information identifies the user as created in the Admin Services Security view.
  • User Settings define parameters that apply to this user's access to the service.
  • Role Membership defines user roles to which the user belongs.

There are two buttons at the bottom of the panel:

  • The Apply button saves the changes made in the User Definition panel, and they become effective immediately.
  • If you have not saved changes in the User Definition panel, the Reset button resets all fields and settings to their values before editing.

User Information

The User Information section has the following features.

                               
FieldDescription
Name The name of the user.
Username The username that this user enters to log in to the service. This is the NetWitness Platform username generated when the administrator added the user and the associated credentials in the Admin Services Security view.
Password (and Confirm Password)The password that the user enters to log on to the service. This is the NetWitness Platform password generated when the administrator added the user and the associated credentials in the Administration Security view. The NetWitness Platform account password and the service password must match in order to allow the user to connect to the service through NetWitness Platform.
Email (Optional) The user's email address.
Description (Optional) A general description field to describe this user.

User Settings

The User Settings section has the following features.

                           
FieldDescription
Auth TypeThe authentication scheme for this user. The product line supports internal and external authentication.
  • NetWitness Platform specifies internal authentication, and is enabled by default. In this mode, all users must authenticate with the user account and passwords that are generated when the administrator uses the NetWitness Platform Admin Services Security view to create the user and their associated credentials.
  • External specifies that authentication is enabled through the host interface with PAM (Pluggable Authentication Modules). For more information, see "Configure PAM Login Capability" in the System Security and User Management Guide.
Core Query Timeout

Note: This field was previously known as "SA Core Query Timeout" and does not appear for 10.4 and earlier service versions. NetWitness Platform version 10.4 and earlier services use "Query Level" instead.

Specifies the maximum number of minutes a user can run a query on the service. If this value is set to 0, the query timeout is not enforced for the user on the service.
Query Prefix(Optional) Restricts query results seen by the user by appending the query syntax to every query. For example, adding the query prefix email != 'ceo@company.com' prevents those email results from showing up in the sessions.
Session Threshold

(Optional) Controls the behavior of the application when scanning meta values to determine session counts. If any meta value has a session count that is above the set threshold, the determination of the true session count stops when the threshold is reached.

If a threshold is set for a session, the Navigate view (INVESTIGATE > Navigate) shows that the threshold was reached and the percentage of query time used to reach the threshold.

Role Membership

The Role Membership section shows a list of all roles. The checkbox next to a role is selected for the roles that a user is a member of for the selected service.

Previous Topic:Services Security View
You are here
Table of Contents > References > Services View > Services Security View - Users Tab

Attachments

    Outcomes