Add or Edit User Dialog

All users must either have a local user account with a username and password or an external user account that is mapped to NetWitness.

What do you want to do?

Role I want to ... Show me how
Administrator Add a User and Assign a Role
Administrator Change User Information
Administrator Reset a User Password
Administrator Add a User for External Authentication

Related Topics

Quick Look

To access Add or Edit User dialog, go to netwitness_adminicon_25x22.png (Admin) > Security > Users tab and in the toolbar, clicknetwitness_icon-add.png, or select a user and click netwitness_icon_edit.png.

Add User Dialog

This is the Add User dialog for an internal user.


Edit User Dialog

This is the Edit User dialog for an internal user.


The Add User and Edit User dialogs are the same except that the Add User dialog contains additional Password and Confirm Password fields. You can add a password for a new user in the Add User dialog. Users can change their own passwords in the user preferences. You can reset a password for a user directly from the Users tab.

The Add User and Edit User dialogs have following sections:

1 User information
2 Roles tab
3 Attributes tab

User Information

The following table provides descriptions of the user information.

Field Description
NetWitness Authenticate with NetWitness.
Active Directory Authenticate with Active Directory.
PAM Authenticate with PAM.
Username Username for the NetWitness user account.
Email Email address of the user.
Password (Add User dialog only) Password to log on to NetWitness.
Confirm Password (Add User dialog only) Password confirmation for adding the user password.
Full Name Name of the user.
Description (Optional) Description of the user.
Force password change on next login Expires the user password the next time the user logs on to NetWitness. This field applies only to internal users. This does not affect any active user sessions. The netwitness_icon_clock_19x19.png appears in the user row to show that the user password expired. After a password is expired, you cannot undo it. This checkbox is cleared the next time you edit the user account.
Reset Form Removes any changes in process.

Roles Tab

The following table provides descriptions of the Roles tab options. The Roles tab shows the roles that are assigned to the user.

Option Description
netwitness_icon_add.png Opens the Add Role dialog that lists roles you could assign to the user.
netwitness_icon_delete.png Removes the selected role from being assigned to the user.
netwitness_icon_showperms.png Shows permissions for the selected role.
Name Lists each role assigned to the user.

Attributes Tab

The following table lists the descriptions of the Attributes tab options. The Attributes tab shows the attributes that are assigned to the user.

Option Description
Core Query Timeout (Optional) Specifies the maximum number of minutes that a user can run a query. The default value is 5 minutes. This timeout only applies to queries performed from Investigation. If this value is set, it must be zero (0) or greater. A value of zero represents no timeout.
Core Session Threshold Controls how the service scans meta values to determine session counts. This value must be zero (0) or greater. If this value is greater than zero, a query optimization will extrapolate the total session counts that exceed the threshold. When the meta value returned by the query reaches the threshold, the system will:
  • Stop its determination of the session count
  • Show the threshold and percentage of query time used to reach the threshold
The default value is 100000. The limit you specify here overrides the Max Session Export value defined in the Investigate view settings.
Core Query Prefix (Optional) Filters query results to restrict what the role members see. By default, this is blank. For example, the 'service' = 80 query prefix prepends to any queries run by the user and the user can only access meta of HTTP sessions.