Host GS: Service User Roles and Permissions

Document created by RSA Information Design and Development on Nov 7, 2017Last modified by RSA Information Design and Development on Nov 7, 2017
Version 2Show Document
  • View in full screen mode
  

This topic describes the pre-configured service user roles and permissions.

The Services Security view Roles tab enables you to create service user roles and assign permissions. You can also use the pre-configured roles included with NetWitness Suite to assign user permissions.

Service User Roles

NetWitness Suite has the following pre-configured service user roles.

                                      
RoleAssigned PermissionsPersonnel/Account
AdministratorsAll permissionsNetWitness Suite System Administrator
Aggregationaggregate
sdk.content
sdk.meta
sdk.packets
You can use this role to create an Aggregation account.

This role provides the minimum permissions necessary to perform aggregation of data. It is only available on NetWitness Suite 10.5 and later services. 
Analysts, Malware_Analysts, and SOC_Managerssdk.meta
sdk.content
sdk.packets
storedproc.execute
Users can use specific applications, run queries and view content for purposes of analysis.
Data_Privacy_Officerssys.manage
users.manage
sdk.meta
sdk.content
sdk.packets
sdk.manage
logs.manage
database.manage
index.manage
dpo.manage 
Data Privacy Officer

Data Privacy Officers have the dpo.manage permission on Decoders and Log Decoders.
Operatorssys.manage
services.manage
connections.manage
users.manage
logs.manage
parsers.manage
rules.manage
database.manage
index.manage
sdk.manage
decoder.manage
archiver.manage
concentrator.manage
storedproc.manage
Operators are responsible for the daily operation of the services.

Service User Permissions

There are many permissions that you can assign a service role in NetWitness Suite. Users can have different permissions on each service, depending on their role assignments and the permissions selected for each role. This table describes the permissions that you can assign to a role.

                                                                                               
PermissionDefinition
sys.manageAllows the user to edit the service configuration settings.
services.manageAllows the user to manage connections to other services.
connections.manageAllows the user to manage connections to the service.
users.manageAllows the user to create individual users and user roles and specify user permissions.
aggregateAllows the user to perform aggregation of data.
sdk.metaAllows the user to run queries in the Investigation and Reporting applications and to view the metadata returned by the query.
sdk.contentAllows the user to access raw packets and logs from any client application (Investigations and Reporting).
sdk.packetsAllows users to access raw packets and logs from any client application.
appliance.manageAllows the user to manage the appliance (host) tasks. This permission is required by the Appliance service.
decoder. manageAllows the user to edit the configuration settings for the Decoder service.
concentrator.manageAllows the user to edit the configuration settings for the Concentrator/Broker service.
logs.manageAllows the user to view the service logs and edit the logging configuration settings for the specified service.
parsers.manage
 
Allows the user to manage all attributes under the parsers node.
 
rules.manageAllows the user to add and delete all rules.
database.manageAllows the user to set database locations, sizes, and the various configuration settings for the session, meta and/or packet/log databases.
index.manageAllows the user to manage all index-related attributes.
sdk.manageAllows the user to view and set all SDK configuration items.
storedproc.executeAllows the user to execute a Lua stored procedure.
storedproc.manageAllows the user to manage Lua stored procedures.
archiver.manageAllows the user to modify the Archiver configuration.
dpo.manageAllows the user to manage the transform configuration and the applicable keys.
Previous Topic:Roles Tab
Next Topic:Aggregation Role
You are here
Table of Contents > Host GS: References > Services View > Services Security View > Service User Roles and Permissions

Attachments

    Outcomes