Services Security View - Aggregation Role

This topic describes the Aggregation role and permissions that allow service users to perform aggregation.

Related Topics

The Aggregation role is a service user role intended only for aggregation of data. It has the minimum role permissions required to do aggregation:

  • aggregate
  • sdk.meta
  • sdk.packets
  • sdk.content

The Aggregation role is available only on NetWitness version 10.5 and later services and it can be used for an aggregation account. Members of this role or service users with these permissions can perform aggregation on Network Decoders, Concentrators, Archivers, and Brokers. The aggregate permission allows service users to perform aggregation of sessions and metadata along with raw packets and logs.

You can still use the decoder.manage, concentrator.manage, and archiver.manage permissions, but the Aggregation role permissions allow aggregation only and prevent the other available operations.

You access the service roles from the netwitness_adminicon_25x22.png (Admin) > Services (select a service) > netwitness_actiondd.png > View > Security > Roles tab.

Procedures related to roles are described in Hosts and Services Maintenance Procedures. Services Security View - Service User Roles and Permissions provides detailed information on the pre-configured roles.

The following figure shows the permissions in the Aggregation role.