Creating and Managing Roles

Navigation:  Configuration > User and Role Management >

Creating and Managing Roles

Previous pageReturn to chapter overviewNext page

Like employees in a company, users of OTUS, SIEM have roles. This topic explains how to create and manage roles. There are basically three types of roles. 1. Built-in roles, 2. Access Roles and 3. View Roles. The table below summarizes the responsibilities of each of them.

 

   Role - Type

     Function

 Examples

Built-In Roles

Define what actions users are permitted to perform in the application.

Cannot be created or deleted. They are built-in.

config - allows simple configuration of servers, groups and distribution.

config advanced - permits advanced configuration functions such as configuring distribution, storage, settings

user_config - permits administration of users/roles

user_config_self - permits changing user info (username, password) but not roles for themselves (i.e for the logged-in user) Everyone by default has this role.

superuser - Can perform any or all the functions of the application.

report - A special function that permits a read-only view of all data and no configuration capability

Access Roles

Define the time periods, a logged-in user can access the application. Users with the user_config role can create Access Roles.

always - users can access the system anytime

working_hours - users can access the application only during working hours of the company

View Roles

Define what data a user can view on the application. Users with the user_config role can create View Roles.


 

Note:   The Roles option in the Configuration menu is displayed only for Superusers or users with the user_config role.

 

This topic discusses the creation and managing of the various types of roles.

 

To manage the roles click Roles from the Configuration menu.

 

roles_menu

 

The following page is displayed

 

roles_main_page

Click the View roles tab to view the other roles such as built-in roles.

 

To create an access role

 

1.   Click add_filter_btn on the Access roles page. The web page displays additional fields as shown below.

 

access_role_add

 

2.   Enter a name for the new access role in the Name box.

 

3.   Enter a time period (use the existing time formats as a hint) in the Access box.

 

4.   Click save_btn.

 

 

To modify an access role

 

1.   Double-click the field that needs to be modified and the field is enabled for editing as shown below. In the example below the Access field of an access role was double-clicked.

 

      accessrole_accesstimefieldediting

 

2.   Modify the field as per your requirement.

 

Note:   A few correct formats are mon-sat 09:00-09:30, 09:00-10:00, mon-fri 09:00-09:30, 10:00-13:30 etc.,

 

3.   Click save_btn to save the changes. Click cancel_btn to quit without saving the changes.

 

 

To delete an access role

 

1.   Select an access role from the list. It is highlighted by a blue background as shown below.

 

select_accessrole

 

2.   Click delete_btn.

 

      delete_confirmation_role.

 

3.   Click Yes to delete or click No to abort the operation.

 

Caution:   Exercise this function with care. The process cannot be undone. All data is deleted.

 

 

To create a view role

 

Ensure you are at the View Roles page as shown below.

 

view_roles_pg

 

1.   Click add_filter_btn. The following fields and buttons are displayed.

 

view_roles_add

 

2.   Enter the name of a role in the Name box.

 

3.   Click inside the Servers box to choose one or more servers from the drop-down list.

 

Note:   Users assigned this role can view data originating only from these server. You can search for servers by typing the first few characters of the server name. To delete a server from the Servers box, click the "X" symbol of the server.

 

4.   Click inside the Groups box to choose one or more groups from the drop-down list.

 

Note:   Users assigned this role can view data originating only from servers that are assigned to these groups. You can search for groups by typing the first few characters of the group's name. To delete a server from the Groups box, click the "X" symbol of the group.

 

5.   Click inside the From box to invoke the calendar as shown below.

 

      calendar_control

 

     Use the calendar control to select a From date for the role. The role is in effect in the system from the From date onwards.

 

      from_date

 

Note:   Users assigned this role can view log data created only during this date/time range.

 

7.   Click save_btn.  The new role is listed in the table displaying roles in the system. To quit without saving click cancel_btn.

 

 

To modify a view role

 

1.   Double-click the field that needs to be modified and the field is enabled for editing as shown below. In the example below the Name field of a view role was double-clicked.

 

      viewrole_namefieldediting

 

2.   Modify the field and click save_btn to save the changes. Click cancel_btn to quit without saving the changes.

 

 

To delete a view role

 

1.   Select the view role to delete. The role is highlighted as shown below.

 

viewrole_selected

 

2.   Click delete_btn. The delete confirmation dialog is displayed.

 

      viewrole_deleteconfirmation

 

3.   Click Yes to delete. Click No to quit.