In the Add Role and Edit Role dialogs, you can add or edit a role and the permissions assigned to it. You can also specify the query-handling attributes for role members to lock down the information that they can retrieve. The structure of these dialogs is the same. The only difference is that you either add a new role or modify an existing role.
When you change permissions for a role, the change is immediately applied to users who are assigned the particular role after the role is saved.
What do you want to do?
|Role||I want to ...||Show me how|
|Admin||View preconfigured roles||Review the Preconfigured NetWitness Platform Roles|
|Admin||Create a new role||(Optional) Add a Role and Assign Permissions|
Edit a role
|Admin||Delete a role||(Optional) Add a Role and Assign Permissions|
To access this view, go to (Admin) > Security > Roles tab and in the toolbar, click , or select a role and click .
The Add Role and Edit Role dialogs include three sections.
This is the information in the Role Info section.
|Name||The name of the user role.|
|Description||An optional description of the user role.|
The following table describes the fields in the Attributes section..
|Core Query Timeout||(Optional) Specifies the maximum number of minutes that a user can run a query. The default value is 5 minutes. This timeout only applies to queries performed from Investigation. If this value is set, it must be zero (0) or greater. A value of zero represents no timeout.|
|Core Session Threshold||Controls how the service scans meta values to determine session counts. This value must be zero (0) or greater. If this value is greater than zero, a query optimization will extrapolate the total session counts that exceed the threshold. When the meta value returned by the query reaches the threshold, the system will: |
|Core Query Prefix||(Optional) Filters query results to restrict what the role members see. By default, this is blank. For example, the 'service' = 80 query prefix prepends to any queries run by the user and the user can only access meta of HTTP sessions.|
The following table describes the features in the Permission section.
|There are fifteen default tabs, one for each module: Administration, Admin-server, Alerting, Config-server, Incidents, Investigation, Investigation-server, Integration-server, Live, Malware, Orchestration-server, Reports, Response-server, Security-server and Dashboard. Additional tabs may be available based on the installation. Each tab lists the permissions for a module.|
|Checkbox that indicates if a module permission is assigned to the role.|
|List of all permissions for the module.|
|Save||Saves the role with the selected permissions assigned to it.|
|Cancel||Cancels any work and closes the dialog.|