This topic explains the features of the Services Security view > Users tab.
In the Services Security view, the Users tab enables you to configure the following for a service:
- Add user accounts.
- Change service user passwords.
- Configure user authentication properties and query handling properties for the service.
- Specify the user role membership, which specifies the roles that the user belongs to on the selected service.
Note: For 10.4 or later NetWitness Suite Core services that utilize trusted connections, it is no longer necessary to create NetWitness Suite Core user accounts for users that log on through the web client. You only need to create NetWitness Suite Core user accounts for aggregation, thick client users, and REST API users.
Procedures related to this tab are described in Host GS: Hosts and Services Procedures.
To access the Services Security view > Users tab:
- In NetWitness Suite, go to ADMIN > Services.
- Select a service to which you want to add a user, and select
> View > Security.
Features
The Users tab has a User List panel on the left. Selecting a username makes the User Definition panel on the right available.
User List Panel
The User List panel has the following features.
 | Adds a new user to the current service. |
 | Deletes the selected users from the service. |
| | Performs one of the following actions on the selected service user account: - Replicate: Replicates the entire service user account to selected services.
- Change Password: Changes the password of a service user and replicates the new password to Core services with that user account defined. The Change Password option replicates only the password change to the Core services selected and does not replicate the entire user account.
|
| Username | The user names for all user accounts that access the service. The username must be one used to log on to NetWitness Suite. |
The following figure shows the Replicate User to other services dialog.
The following figure shows the Change Password dialog.
User Definition Panel
The User Definition panel has three sections:
- User Information identifies the user as created in the Administration Security view.
- User Settings define parameters that apply to this user's access to the service.
- Role Membership defines user roles to which the user belongs.
There are two buttons:
- The Save button saves the changes made in the User Definition panel, and they become effective immediately.
- If you have not saved changes in the User Definition panel, the Reset button resets all fields and settings to their values before editing.
User Information
The User Information section has the following features.
| Name | The name of the user. |
| Username | The username that this user enters to log on to the service. This is the NetWitness Suite username generated when the administrator added the user and the associated credentials in the Administration Security view (Administration > Security). |
| Password (and Confirm Password) | The password that the user enters to log on to the service. This is the NetWitness Suite password generated when the administrator added the user and the associated credentials in the Administration Security view. The NetWitness Suite account password and the service password must match in order to allow the user to connect to the service through NetWitness Suite. |
| Email | (Optional) The user's email address. |
| Description | (Optional) A general description field to describe this user. |
User Settings
The User Settings section has the following features.
| Auth Type | The authentication scheme for this user. The product line supports internal and external authentication. - Netwitness specifies internal authentication, and is enabled by default. In this mode, all users must authenticate with the user account and passwords that are generated when the administrator uses the NetWitness Suite Administration Security view (Administration > Security) to create the user and their associated credentials.
- External specifies that authentication is enabled through the host interface with PAM (Pluggable Authentication Modules). For more information, see the Configure PAM Login Capability topic in the System Security and User Management guide.
|
| Query Prefix | (Optional) Always append the query syntax to all queries by this user. For example, adding the query prefix email != 'ceo@company.com' prevents those email results from showing up in the sessions. |
| SA Core Query Timeout | Note: This field applies to NetWitness Suite 10.5 and later service versions and does not appear for 10.4 and earlier service versions. NetWitness Suite 10.4 and earlier services use Query Level instead of SA Core Query Timeout. Specifies the maximum number of minutes a user can run a query on the service. If this value is set to zero (0), the query timeout is not enforced for the user on the service.
When replicating a user from a NetWitness Suite 10.5 or later service to a NetWitness Suite 10.4 service, Query Timeout migrates to Query Level based on the closest level. For example, if a user has a Query Timeout of 15 minutes, the user gets a Query Level of 3 after the migration. If a user has a Query Timeout of 35 minutes, the user gets a Query Level of 2 after the migration. If a user has a Query Timeout of 45 minutes, the user gets a Query Level of 2 after the migration. |
| Session Threshold | (Optional) Controls the behavior of the application when scanning meta values to determine session counts. Any meta value with a session count that is above the set threshold stops its determination of the true session count when the threshold is reached.
If a threshold is set for a session, the Navigation view shows that the threshold was reached and the percentage of query time used to reach the threshold. |
Role Membership
The Role Membership section shows the roles that a user is a member of for the selected service.
