Creating and managing roles

Overview

Roles define the set of permissions assigned to a user or a group of users in the product console. They determine what actions a user can perform and what data they can access. By creating and managing roles effectively, you can ensure that each user has the appropriate level of access, maintaining both operational efficiency and data security. This page elaborates on how to create new roles and manage existing ones.

Creating a role

1. In your account, navigate to the Settings tab.
2. Under Admin Settings, select Technicians and Roles.

   

3. On the Manage Technicians page, click Manage Roles.

   

4. In the top-right corner, click Create New Role.

   

5. Enter a Role Name. You may also provide a Description (optional).

   

6. The available permissions are grouped under these tabs: Home, Reports, Compliance, Search, Security, Correlation, Alerts, Settings, and Others.
7. Select the checkbox beside a tab to grant all permissions under that tab.

   

8. You can also click the tab to select individual permissions. The tabs and their permissions are as follows:
   • Dashboard:
     • Dashboard: Allow users to view, create, and manage dashboards.
     • View the Log Sources: Assign permissions to view device, application, and file integrity monitoring logs.
     • Use the section-level checkbox to select all options at once.

     

   • Reports:
     • Choose whether users can view, schedule, and create reports.
     • Select General to grant all permissions under this tab.

     

   • Compliance
     • Allow viewing, creating, and scheduling of compliance reports.
     • Use General to assign all compliance permissions.

     

   • Search
     • Allow or restrict the ability to search collected logs.

     

   • Security
     • Security: View security reports, manage security rules, create and manage security actions, manage report schedules, and create security rules. Includes permission for accessing the security dashboard.
     • Activity Monitoring: View reports, create and manage rules, and schedule activity monitoring reports.

     

   • Alerts
     • Alerts: View all or personal alerts, manage alert profiles, and assign alert rules.
     • Incidents: View all or personal incidents, manage incidents, and manage incident rules.
     • Ticketing Tools: Configure ticketing integrations, create tickets, and view tickets.
     • Incident Workflows: Manage workflows for incident handling.

     

   • Settings
     • Log Source Configuration: Configure and manage devices, applications, databases, virtual machines, file integrity monitoring, manage cloud sources, and import logs.
     • Admin Settings: Manage device groups, threat feeds, report profiles, log archives, log retention settings, database settings, log collection filters, log collection failure alerts, privacy settings, profiles, log forwarder, Log360 integrations, custom log parsing rules, and tags.
     • System Settings: Manage general and system-level configurations.

     

   • Others
     • Grant access to view product support information, supported log sources, and notifications.

     

9. After selecting all required permissions, click Create to save the role.

   

Managing roles

1. Click the icon to create a duplicate of an existing role.

   

   NOTE Default roles such as Guest, Admin, and Operator cannot be edited or modified.
2. Click the icon to modify the permissions of a role.

   

3. This opens the Modify Role page where you can change permissions.

   

4. Click the icon to remove a role.

   

5. In the confirmation popup, click Yes to confirm deletion.

   

6. Use the icon to find roles by their name.

   

7. To view the technicians associated with each role, click the number shown under the Associate Technician column.

   

Read also

This page explained how to create and manage roles. For more details on the feature, see the articles below:

• About Centralized Technician Management
• Adding technicians