This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
NetWitness Discussions

App & Network Rules Permissions - RBAC

Go to solution
JayWatson
Beginner
Beginner

‎2017-08-28 11:10 AM

I have a requirement that needs to allow a group of cyber content developers access to NW in a lab environment with permissions to create App and Network rules (Administration > Services > View > Concentrator > Config) but not allot them full Administrator permissions. It would seem to me that RBAC is either not granular enough to allow this or I'm totally missing something. 

 

I've tried - 'Administration > Services > Decoder > Security and added a user and it effectively does nothing within the GUI. I have also added that same user via the standard 'Administration > Security > Users.

 

So to clarify, I want to take a 'Analyst role' and allow them administer content such as App rules, Network rules, Correlation rules, but that it, not additional admin level options. 

 

I bet this simple, just not overly clear in executing.

0 Likes
1 ACCEPTED SOLUTION

Accepted Solutions

Go to solution
SravanKoneti1
Beginner
Beginner

‎2017-08-29 04:55 AM

Hi Jay,

 

Please try below procedure.

1. Create a custom role with permissions (Manage Services, View Services, Access Administration Module) in Administration->Security->Roles page.
2. Create user with above custom role.
3. Create same custom role name in Administration > Services > Decoder > Security->Roles page with Role permissions (rules.manage,sdk.content,sdk.manage,sdk.meta,sdk.packets)

 

Note:When you Apply changes to App rules, it throws pop-up as "Failed to apply rules to service". But still that changes applied in GUI.

View solution in original post

0 Likes
2 REPLIES 2

Go to solution
SravanKoneti1
Beginner
Beginner

‎2017-08-29 04:55 AM

Hi Jay,

 

Please try below procedure.

1. Create a custom role with permissions (Manage Services, View Services, Access Administration Module) in Administration->Security->Roles page.
2. Create user with above custom role.
3. Create same custom role name in Administration > Services > Decoder > Security->Roles page with Role permissions (rules.manage,sdk.content,sdk.manage,sdk.meta,sdk.packets)

 

Note:When you Apply changes to App rules, it throws pop-up as "Failed to apply rules to service". But still that changes applied in GUI.

0 Likes

Go to solution
JayWatson
Beginner
Beginner

‎2017-08-31 09:10 AM

Thanks Sravan - It looks like this worked, much appreciated! Now on to figure out non-admin role access to Feeds.

0 Likes
© 2022 RSA Security LLC or its affiliates. All rights reserved.