Manage Users with Roles and Permissions

A set of end-to-end procedures for managing users in NetWitness is described in this section. These steps explain how to add a user in NetWitness and then how to control what the user can do.

Manage Users Workflow

This figure shows the high-level workflow for managing the users in NetWitness.

netwitness_manuserrolperm-wf.png

First, review the preconfigured NetWitness roles such as Administrators, Respond Administrators, Data Privacy Officers, SOC managers, Operators, Malware analysts, Analysts, and UEBA analysts. Determine if you need to make any adjustments to these roles for your environment. You can add new custom roles and assign permissions to each role. After you define the roles, you can verify the query and session attributes that are set for each role. Then you can set up the users by adding new users and assigning roles to them. You can also map external group users to the NetWitness roles.

These are the procedures for setting up and managing users: