InNetWitness Platform, user can access each module, dashlet, and view is restricted based on the assigned permissions. You can locate these role permissions in the Add or Edit Roles dialogs accessible from the (Admin) > Security > Roles tab.
In the Add or Edit Role dialogs, the tabs in the Permission section represent different areas of NetWitness Platform and show the available permissions for those areas. For example, the Administration tab shows the permissions available in the Admin view.
Note: There is no Configure tab in the Add/Edit Role dialogs that corresponds to the Configure view. To assign permissions in the Configure view, assign permissions to the views contained within the Configure view: Live Content (Live), Incident Rules (Incidents), Respond Notifications (Incidents, Respond-server, Integration server), ESA Rules (Alerting), Subscriptions (Live), and Custom Feeds (Live).
Note: To the left of the Administration tab is a tab marked with an asterisk (*). This tab indicates access to management of backend services only.
The tables that follow show the default permissions assigned to each NetWitness Platform user role:
- Administrators
-
Respond Administrators (RAs)
- Reporting Engine Content Administrators (RE CAs)
- Data Privacy Officers (DPOs)
- SOC Managers (SOC Mgrs)
- Operators
- Malware Analysts (MAs)
- Analysts
- UEBA Analysts
Since the Administrators role has all of the permissions by default, it is not included in the tables.
Service Permissions Format for New Services
The service permissions for some new NetWitness Platform services contain three parts in the following format:
<service name>.<resource>.<action>
For example, for the investigate-server.metrics.read permission:
- service name = investigate-server
- resource = metrics
- action = read
Users assigned this permission can read any metrics that the investigate-server service exposes.
Admin-server
The following table describes the permissions in the Admin-server tab.
Permission | Description |
---|---|
admin-server.configuration.manage | Permission to modify all service configuration parameters |
admin-server.health.read | Permission to view any health notifications that the service exposes |
admin-server.logs.manage | Permission to change log-related configuration |
admin-server.metrics.read | Permission to view any metrics that the service exposes |
admin-server.process.manage | Permission to start and stop the service |
admin-server.security.manage | Permission to edit security-related resources (passwords, keys, and so on) |
admin-server.security.read | Permission to view security-related resources |
Administration
The following table describes the list of permissions in Administration tab.
Permission | Description |
---|---|
Access Administration Module | Permission to access all the administration modules |
Access Health & Wellness | Permission to access the health and wellness module |
Apply System Updates | Permission to update the system |
Can Opt In to Live Intelligence Sharing | Permission to opt for Live Intelligence sharing |
Manage Advanced Settings | Permission to modify the advanced settings |
Manage ATD Settings | Permission to modify the ATD settings |
Manage Auditing | Permission to modify the auditing |
Manage Email | Permission to change the email settings |
Manage Global Auditing | Permission to modify global auditing |
Manage Health & Wellness Policy | Permission to update the health & wellness policy |
Manage Jobs | Permission to change the job settings |
Manage LLS | Permission to modify LLS |
Manage Logs | Permission to modify log related configurations |
Manage Notifications | Permission to change notification settings |
Manage Plugins | Permission to modify the plugins |
Manage Predicates | Permission to modify the predicates |
Manage Reconstruction | Permission to change the reconstruction |
Manage Security | Permission to update the security settings |
Manage Services | Permission to start and stop the services |
Manage SSL Security | Permission to manage PKI setting |
Manage System Settings | Permission to the modify the system settings |
Modify ESA Settings | Permission to modify the ESA settings |
Modify Event Sources | Permission to modify the ESA sources |
Modify Hosts | Permission to modify the hosts |
Modify Services | Permission to modify the services |
View Event Sources | Permission to view the event sources |
View Health & Wellness Policy | Permission to view the health & wellness policy |
View Health & Wellness Stats Browser | Permission to view the health and wellness status in the browser |
View Hosts | Permission to view the hosts |
View Services | Permission to view the services |
View Unified Sources | Permission to view the unified sources |
The following table lists the permissions in the Administration tab assigned to each role. A blank field indicates that the role does not have the permission. The Administrators role has all of the permissions by default and is not listed.
Permission | RAs | DPOs | SOC Mgrs | Operators | MAs | Analysts | UEBA Analysts |
---|---|---|---|---|---|---|---|
Access Administration Module |
| Yes | Yes | Yes | Yes | Yes |
|
Access Health & Wellness | Yes | Yes | Yes | Yes | Yes | ||
Apply System Updates |
| Yes |
| ||||
Can Opt In to Live Intelligence Sharing | Yes | ||||||
Manage Advanced Settings |
| Yes |
| ||||
Manage ATD Settings | Yes | Yes | Yes | Yes | |||
Manage Auditing |
| Yes | Yes |
| |||
Manage Email | Yes | ||||||
Manage Global Auditing |
| Yes | Yes |
| |||
Manage Health & Wellness Policy | Yes | ||||||
Manage Jobs |
| Yes | Yes | Yes |
|
|
|
Manage LLS |
| Yes | |||||
Manage Logs | Yes | Yes |
| ||||
Manage Notifications |
| Yes | |||||
Manage Plugins | Yes | Yes | Yes | Yes |
| ||
Manage Predicates |
| Yes | |||||
Manage Reconstruction | Yes |
| |||||
Manage Security |
| Yes | Yes | ||||
Manage Services | Yes | Yes |
| ||||
Manage SSL Security |
|
|
|
|
|
|
|
Manage System Settings |
| Yes | Yes | Yes | Yes | ||
Modify ESA Settings | Yes |
| |||||
Modify Event Sources |
| Yes | |||||
Modify Hosts | Yes |
| |||||
Modify Services |
| Yes | Yes | ||||
View Event Sources | Yes | Yes |
| ||||
View Health & Wellness Policy |
| Yes | Yes | Yes | |||
View Health & Wellness Stats Browser | Yes | Yes | Yes | Yes |
| ||
View Hosts |
| Yes | Yes | ||||
View Services | Yes | Yes |
| ||||
View Unified Sources |
| Yes | Yes | Yes | Yes |
Alerting
The following table describes the permissions in the Alerting tab.
Permission | Description |
---|---|
Access Alerting Module | Permission to access the alerting module |
Manage Rules | Permission to update the rules |
View Alerts | Permission to view the alerts |
View Rules | Permission to view the rules |
The following table lists the permissions in the Alerting tab assigned to each role. A blank field indicates that the role does not have the permission. The Administrators role has all of the permissions by default and is not listed.
Permission | RAs | DPOs | SOC Mgrs | Operators | MAs | Analysts |
---|---|---|---|---|---|---|
Access Alerting Module | Yes | Yes | Yes | Yes |
| Yes |
Manage Rules | Yes | Yes | Yes | Yes | ||
View Alerts | Yes | Yes | Yes |
|
| Yes |
View Rules | Yes | Yes | Yes |
Config-server
The following table describes the permissions in the Config-server tab. The Administrators role has all of the permissions and is the only role granted permissions by default.
Permission | Description |
---|---|
config-server.* | All permissions (everything below) |
config-server.configuration.manage | Permission to modify all service configuration parameters |
config-server.health.read | Permission to view any health notifications that the service exposes |
config-server.logs.manage | Permission to change log-related configuration |
config-server.metrics.read | Permission to view any metrics that the service exposes |
config-server.process.manage | Permission to start and stop the service |
config-server.security.manage | Permission to edit security-related resources (passwords, keys, and so on) |
config-server.security.read | Permission to view security-related resources |
Content-server
The following table describes the permissions in the Content-server tab.
Permission | Description |
---|---|
content-server.* | All permissions (everything below) |
content-server.collection.read | Permission to read selective collection content |
content-server.configuration.manage | Permission to modify all service configuration parameters |
content-server.health.read | Permission to view any health notifications that the service exposes |
content-server.logparser.manage | Permission to manage log parser configurations |
content-server.logparser.read | Permission to view log parser configurations |
content-server.logs.manage | Permission to change log-related configuration |
content-server.metrics.read | Permission to view any metrics that the service exposes |
content-server.policy.read | Permission to read policies |
content-server.process.manage | Permission to start and stop the service |
content-server.rule.manage | Permission to manage content rules |
content-server.rule.read | Permission to view content rules |
content-server.security.manage | Permission to edit security-related resources (passwords, keys, and so on) |
content-server.security.read | Permission to view security-related resources |
The following table lists the permissions in the Content-server tab assigned to each role. A blank field indicates that the role does not have the permission. The Administrator role has all of the permissions by default and is not listed.
Permission | RAs | DPOs | SOC Mgrs | Operators | MAs | Analysts |
---|---|---|---|---|---|---|
content-server.* | Yes | Yes |
| |||
content-server.collection.read | ||||||
content-server.configuration.manage | ||||||
content-server.health.read |
| |||||
content-server.logparser.manage | ||||||
content-server.logparser.read | Yes | Yes | ||||
content-server.logs.manage | ||||||
content-server.metrics.read |
|
|
|
|
|
|
content-server.policy.read |
|
|
|
|
|
|
content-server.process.manage |
|
|
|
|
| |
content-server.rule.manage |
|
|
|
|
|
|
content-server.rule.read | ||||||
content-server.security.manage |
|
|
|
|
|
|
content-server.security.read |
|
|
|
|
|
Contexthub-server
The following table describes the permissions in the Contexthub-server tab.
Permission | Description |
---|---|
contexthub-server.* | All permissions (everything below) |
contexthub-server.configuration.manage | Permission to modify all service configuration parameters |
contexthub-server.connection.manage | Permission to modify all connection settings |
contexthub-server.connection.read | Permission to view all connection settings |
contexthub-server.connectiontypes.read | Permission to view all configured connection types |
contexthub-server.datasource.manage | Permission to modify data source settings |
contexthub-server.datasource.read | Permission to view data source settings |
contexthub-server.health.read | Permission to view any health notifications that the service exposes |
contexthub-server.listentries.manage | Permission to modify list entries |
contexthub-server.logs.manage | Permission to change log-related configuration |
contexthub-server.metrics.read | Permission to view any metrics that the service exposes |
contexthub-server.process.manage | Permission to start and stop the service |
contexthub-server.query.read | Permission to view queries |
contexthub-server.security.manage | Permission to edit security-related resources (passwords, keys, and so on) |
contexthub-server.security.read | Permission to view security-related resources |
contexthub-server.stix.read | Permission to view stix settings |
contexthub-server.taxiidatasource.manage | Permission to modify settings for the taxii data source |
contexthub-server.taxiidatasource.read | Permission to view settings for the taxii data source |
The following table lists the permissions in the Contexthub-server tab assigned to each role. A blank field indicates that the role does not have the permission. The Administrator role has all of the permissions by default and is not listed.
Permission | RAs | DPOs | SOC Mgrs | Operators | MAs | Analysts |
---|---|---|---|---|---|---|
contexthub-server.* | Yes |
| ||||
contexthub-server.configuration.manage | ||||||
contexthub-server.connection.manage |
| |||||
contexthub-server.connection.read | Yes | Yes | Yes | Yes | ||
contexthub-server.connectiontypes.read | Yes |
| ||||
contexthub-server.datasource.manage | Yes | Yes | Yes | Yes | ||
contexthub-server.datasource.read | Yes | Yes | Yes | Yes | ||
contexthub-server.health.read | ||||||
contexthub-server.listentries.manage | Yes | Yes | Yes | Yes | ||
contexthub-server.logs.manage | ||||||
contexthub-server.metrics.read |
| |||||
contexthub-server.process.manage | ||||||
contexthub-server.query.read | Yes | Yes | Yes | Yes | ||
contexthub-server.security.manage | ||||||
contexthub-server.security.read |
| |||||
contexthub-server.stix.read | Yes | Yes | Yes | |||
contexthub-server.taxiidatasource.manage | Yes | Yes | Yes | |||
contexthub-server.taxiidatasource.read | Yes | Yes | Yes |
Correlation-server
The following table describes the permissions in the Correlation-server tab. These permissions pertain to ESA Correlation.
Permission | Description |
---|---|
correlation-server.* | All permissions (everything below) |
correlation-server.configuration.manage | Permission to modify all service configuration parameters |
correlation-server.endpoint.manage | Permission to modify all endpoint configuration parameters |
correlation-server.endpoint.read | Permission to view all endpoint configuration parameters |
correlation-server.engine.manage | Permission to modify all engine configuration parameters |
correlation-server.engine.read | Permission to view all engine configuration parameters |
correlation-server.esperrule.manage | Permission to modify all esperrule configuration parameters |
correlation-server.esperrule.read | Permission to view all esperrule configuration parameters |
correlation-server.health.read | Permission to view any health notifications that the service exposes |
correlation-server.keyvaluerule.manage | Permission to modify all keyvaluerule configuration parameters |
correlation-server.keyvaluerule.read | Permission to view all keyvaluerule configuration parameters |
correlation-server.logs.manage | Permission to change log-related configuration |
correlation-server.metrics.read | Permission to view any metrics that the service exposes |
correlation-server.module.manage | Permission to modify each module |
correlation-server.module.read | Permission to view each module |
correlation-server.process.manage | Permission to start and stop the service |
correlation-server.security.manage | Permission to edit security-related resources (passwords, keys, and so on) |
correlation-server.security.read | Permission to view security-related resources |
correlation-server.stream.manage | Permission to edit stream configuration settings |
correlation-server.stream.read | Permission to view stream configuration settings |
correlation-server.telemetry.read | Permission to view telemetry configuration settings |
The following table lists the permissions in the Correlation-server tab assigned to each role. A blank field indicates that the role does not have the permission. The Administrator role has all of the permissions by default and is not listed.
Permission | RAs | DPOs | SOC Mgrs | Operators | MAs | Analysts |
---|---|---|---|---|---|---|
correlation-server.* | Yes |
|
|
|
| |
correlation-server.configuration.manage | ||||||
correlation-server.endpoint.manage |
|
|
|
|
|
|
correlation-server.endpoint.read |
|
|
|
|
|
|
correlation-server.engine.manage | Yes |
| Yes | Yes |
|
|
correlation-server.engine.read | Yes | Yes | Yes | |||
correlation-server.esperrule.manage |
|
|
|
|
|
|
correlation-server.esperrule.read |
|
|
|
|
|
|
correlation-server.health.read |
|
|
|
|
| |
correlation-server.keyvaluerule.manage | ||||||
correlation-server.keyvaluerule.read | ||||||
correlation-server.logs.manage | ||||||
correlation-server.metrics.read |
|
|
|
|
| |
correlation-server.module.manage | Yes | Yes | Yes | |||
correlation-server.module.read | Yes |
| Yes | Yes |
|
|
correlation-server.process.manage | ||||||
correlation-server.security.manage |
|
|
|
|
| |
correlation-server.security.read | ||||||
correlation-server.stream.manage | Yes |
| Yes | Yes |
|
|
correlation-server.stream.read | Yes | Yes | Yes | |||
correlation-server.telemetry.read |
|
|
|
|
|
Dashboard
The following table describes the permissions in the Dashboard tab.
Permission | Description |
---|---|
Dashlet Access - Admin Device List Dashlet | Permission to access Admin Device List Dashlet |
Dashlet Access - Admin Device Monitor Dashlet | Permission to access Admin Device Monitor Dashlet |
Dashlet Access - Admin News Dashlet | Permission to access Admin News Dashlet |
Dashlet Access - Alert Variance Dashlet | Permission to access Alert Variance Dashlet |
Dashlet Access - Alerting Recent Alerts Dashlet | Permission to access Alerting Recent Alerts Dashlet |
Dashlet Access - Investigation Jobs Dashlet | Permission to access Investigation Jobs Dashlet |
Dashlet Access - Investigation Top Values Dashlet | Permission to access Investigation Top Values Dashlet |
Dashlet Access - Live Featured Resources Dashlet | Permission to access Live Featured Resources Dashlet |
Dashlet Access - Live New Resources Dashlet | Permission to access Live New Resources Dashlet |
Dashlet Access - Live Subscriptions Dashlet | Permission to access Live Subscriptions Dashlet |
Dashlet Access - Live Updated Resources Dashlet | Permission to access Live Updated Resources Dashlet |
Dashlet Access - Malware Jobs Dashlet | Permission to access Malware Jobs Dashlet |
Dashlet Access - Reporting Recent Report Dashlet | Permission to access Reporting Recent Report Dashlet |
Dashlet Access - Reporting Charts Dashlet | Permission to access Reporting Charts Dashlet |
Dashlet Access - Top Alerts Dashlet | Permission to access Top Alerts Dashlet |
Dashlet Access - Unified RSA First Watch Dashlet | Permission to access Unified RSA First Watch Dashlet |
Dashlet Access - Unified Shortcuts Dashlet | Permission to access Unified Shortcuts Dashlet |
The following table lists the permissions in the Dashboard tab assigned to each role. A blank field indicates that the role does not have the permission. The Administrators role has all of the permissions by default and is not listed.
Permission | RA | DPOs | SOC Mgrs | Operators | MAs | Analysts |
---|---|---|---|---|---|---|
Dashlet Access - Admin Device List Dashlet | Yes | Yes | Yes | Yes | Yes | |
Dashlet Access - Admin Device Monitor Dashlet | Yes | |||||
Dashlet Access - Admin News Dashlet | Yes | Yes | Yes | Yes | Yes | |
Dashlet Access - Alert Variance Dashlet | Yes | Yes | Yes | Yes | ||
Dashlet Access - Alerting Recent Alerts Dashlet | Yes | Yes | Yes | Yes | ||
Dashlet Access - Investigation Jobs Dashlet | Yes | Yes | Yes | Yes | ||
Dashlet Access - Investigation Top Values Dashlet | Yes | Yes | Yes | Yes | ||
Dashlet Access - Live Featured Resources Dashlet | Yes | Yes | Yes | Yes | Yes | |
Dashlet Access - Live New Resources Dashlet | Yes | Yes | Yes | Yes | Yes | |
Dashlet Access - Live Subscriptions Dashlet | Yes | Yes | Yes | Yes | Yes | |
Dashlet Access - Live Updated Resources Dashlet | Yes | Yes | Yes | Yes | Yes | |
Dashlet Access - Malware Jobs Dashlet | Yes | Yes | Yes | Yes | ||
Dashlet Access - Reporting Recent Report Dashlet | Yes | Yes | Yes | Yes | ||
Dashlet Access - Reporting Charts Dashlet | Yes | Yes | Yes | Yes | ||
Dashlet Access - Top Alerts Dashlet | Yes | Yes | Yes | Yes | ||
Dashlet Access - Unified RSA First Watch Dashlet | Yes | Yes | Yes | Yes | Yes | |
Dashlet Access - Unified Shortcuts Dashlet | Yes | Yes | Yes | Yes | Yes |
Endpoint-broker-server
The following table describes the permissions in the Endpoint Broker server tab.
Permission | Description |
---|---|
endpoint-broker-server* | All permissions (everything below) |
endpoint-broker-server.agent.manage | Permission to manage the agent, that is start or stop scan, downloading file from host, delete agent data from the Endpoint Log Hybrid and so on. |
endpoint-broker-server.agent.read | Permission to view the endpoint data received from the agent such as host, file, certificate, events and so on. |
endpoint-broker-server.configuration.manage | Permission to modify all endpoint broker configuration parameters |
endpoint-broker-server.health.read | Permission to view any health notifications that the service exposes |
endpoint-broker-server.logs.manage | Permission to change log-related configuration |
endpoint-broker-server.metrics.read | Permission to view any metrics that the service exposes |
endpoint-broker-server.policy.read | Permission to view existing policy details |
endpoint-broker-server.process.manage | Permission to start and stop the service |
endpoint-broker-server.security.manage | Permission to edit security-related resources (passwords, keys, and so on) |
endpoint-broker-server.security.read | Permission to view security-related resources |
The following table lists the permissions in the Endpoint-server tab assigned to each role. A blank field indicates that the role does not have the permission. The Administrator role has all of the permissions by default and is not listed.
Permission | RA | DPOs | SOC Mgrs | Operators | MAs | Analysts |
---|---|---|---|---|---|---|
endpoint-broker-server* |
|
|
|
|
| |
endpoint-broker-server.agent.manage | Yes | Yes | ||||
endpoint-broker-server.agent.read |
|
| Yes |
| Yes | |
endpoint-broker-server.configuration.manage | ||||||
endpoint-broker-server.health.read |
|
|
|
|
| |
endpoint-broker-server.logs.manage | ||||||
endpoint-broker-server.metrics.read |
|
|
|
|
| |
endpoint-broker-server.policy.read |
|
|
|
| Yes | |
endpoint-broker-server.process.manage | ||||||
endpoint-broker-server.security.manage |
|
|
|
|
| |
endpoint-broker-server.security.read |
Endpoint-server
The following table describes the permissions in the Endpoint-server tab.
Permission | Description |
---|---|
endpoint-server* | All permissions (everything below) |
endpoint-server.agent.manage | Permission to generate and download the agent packager. Permission to manage the agent, that is start or stop scan, downloading files, master file table (MFT), memory dumps from host, isolate host from network, delete agent data from the Endpoint Log Hybrid and so on. |
endpoint-server.agent.read | Permission to view the agent packager configuration. Permission to view the endpoint data received from the agent such as host, file, certificate, events, and so on. |
endpoint-server.ca.manage | Permission to generate and download the agent packager. |
endpoint-server.ca.read | Permission to generate and download the agent packager |
endpoint-server.configuration.manage | Permission to modify all endpoint configuration parameters |
endpoint-server.filter.manage | Permission to save, modify, and delete filters |
endpoint-server.filter.read | Permission to view filters |
endpoint-server.health.read | Permission to view any health notifications that the service exposes |
endpoint-server.logs.manage | Permission to change log-related configuration |
endpoint-server.metrics.read | Permission to view any metrics that the service exposes |
endpoint-server.policy.read | Permission to view existing policy details |
endpoint-server.process.manage | Permission to start and stop the service |
endpoint-server.relay.manage | Permission to modify Relay Server Configuration |
endpoint-server.relay.read | Permissions to view Relay Server details |
endpoint-server.security.manage | Permission to edit security-related resources (passwords, keys, and so on) |
endpoint-server.security.read | Permission to view security-related resources |
The following table lists the permissions in the Endpoint-server tab assigned to each role. A blank field indicates that the role does not have the permission. The Administrator role has all of the permissions by default and is not listed.
Permission | RA | DPOs | SOC Mgrs | Operators | MAs | Analysts |
---|---|---|---|---|---|---|
endpoint-server* |
| |||||
endpoint-server.agent.manage | Yes | Yes | ||||
endpoint-server.agent.read | Yes | Yes | ||||
endpoint-server.ca.manage | Yes | |||||
endpoint-server.ca.read | Yes |
| ||||
endpoint-server.configuration.manage | ||||||
endpoint-server.filter.manage | Yes | |||||
endpoint-server.filter.read | Yes | |||||
endpoint-server.health.read |
| |||||
endpoint-server.logs.manage | ||||||
endpoint-server.metrics.read |
| |||||
endpoint-server.policy.read | Yes | |||||
endpoint-server.process.manage | ||||||
endpoint-server.rar.manage | ||||||
endpoint-server.rar.read |
|
|
|
|
|
|
endpoint-server.relay.manage | Yes | |||||
endpoint-server.relay.read |
|
|
| Yes |
|
|
endpoint-server.security.manage |
| |||||
endpoint-server.security.read |
Incidents
The following table describes the permissions in the Incidents tab.
Permission | Description |
---|---|
Access Incident Module | Permission to access the Incident module |
Configure Incident Management Integration | Permission to configure incident management integration |
Delete Alerts and incidents | Permission o delete alerts and incidents |
Manage Alert Handling Rules | Permission to modify the alert handling rules |
View and Manage Incidents | Permission to modify the incidents |
The following table lists the permissions in the Incidents tab assigned to each role. A blank field indicates that the role does not have the permission. The Administrators role has all of the permissions by default and is not listed.
Permission | RAs | DPOs | SOC Mgrs | Operators | MAs | Analysts |
---|---|---|---|---|---|---|
Access Incident Module | Yes | Yes | Yes | Yes | Yes | |
Configure Incident Management Integration | Yes | Yes | Yes | |||
Delete Alerts and incidents | Yes | Yes |
| |||
Manage Alert Handling Rules | Yes | Yes | Yes | |||
View and Manage Incidents | Yes | Yes | Yes | Yes | Yes |
Integration-server
(The Integration-server permissions are available in NetWitness Platform version 11.1 and later.)
The following table describes the permissions in the Integration-server tab.
Permission | Description |
---|---|
integration-server.* | All permissions (everything below) |
integration-server.api.access | Permission to authorize external requests from 3rd party applications |
integration-server.configuration.manage | Permission to view and modify all service integration configuration parameters |
integration-server.health.read | Permission to read any health notifications that the service exposes |
integration-server.logs.manage | Permission to change log-related integration configurations |
integration-server.metrics.read | Permission to read any metrics that the service exposes |
integration-server.notification.manage | Permission to change global notification configurations (for example, SMTP server) |
integration-server.notification.read | Permission to read global notification configurations (for example, SMTP server) |
integration-server.notification.send | Permission to send notifications (for example, Email) |
integration-server.process.manage | Permission to start and stop the service |
integration-server.security.manage | Permission to edit security-related resources (passwords, keys, and so on) |
integration-server.security.read | Permission to read security-related resources |
integration-server.template.manage | Permission to change notification template |
integration-server.template.read | Permission to read notification template |
The following table lists the permissions in the Integration-server tab assigned to each role. A blank field indicates that the role does not have the permission. The Administrator role has all of the permissions by default and is not listed.
Permission | RAs | DPOs | SOC Mgrs | Operators | MAs | Analysts |
---|---|---|---|---|---|---|
integration-server.* | Yes | |||||
integration-server.api.access | ||||||
integration-server.configuration.manage | ||||||
integration-server.health.read |