IBM QRadar SOAR

IBM QRadar SOAR

Join this online user group to communicate across Security product users and IBM experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only
  • 1.  Automating Granting and Revocation Processes

    Posted 30 days ago

    I'm working on automating user access granting and revocation via email or API requests. Currently, I can add users using sudo resutil newuser, but it defaults users to the 'master' role, and I can't set different roles during creation. Does anyone know how to assign specific roles at user creation with resutil, or an alternative method to dynamically set user permissions during automation? Any guidance or best practices would be really appreciated.



    ------------------------------
    Lucas Marino
    ------------------------------


  • 2.  RE: Automating Granting and Revocation Processes

    Posted 29 days ago

    Hi Lucas,

    You can set a role at creation using the -role parameter.

    Command line utility to create a new user in an organization in Resilient Systems
    Usage: newuser [options]
      Options:
        -help, --help
          Print the Create User help
        -createorg
          Should the organization be created if it does not exist
          Default: false
        -createrole
          Should the role be created if it does not exist
          Default: false
      * -email
          Email of the user
        -first
          First name of the user
          Default: Resilient
        -incseqcodeprefix
          The Prefix for the Incident Sequence Code. Customization valid only for Child and Standard organizations. Maximum of 10 characters allowed.
        -incseqcodestartindex
          The Starting Index for the Incident Sequence Code. This is only set on organization creation and can not be set thereafter. Customization only valid for Child and Standard organizations.
        -last
          Last name of the user
          Default: Sysadmin
      * -org
          Name of the organization to add the user to
        -orglocale
          The locale of the new organization. It determines the language of
          default playbook items. The supported locale values are "en" for
          English, "ja" for Japanese, "zh_TW" for Traditional Chinese, "zh" for
          Simplified Chinese, "it" for Italian, "fr" for French, "de" for German,
          "es" for Spanish, "pt_BR" for Brazil Portuguese, "ru" for Russian and
          "ko" for Korean. The default value is "en"
        -role
          Name of the role to assign to user (default role: Master Administrator)
        -sysadmin
          Assign System Settings permission to the user
          Default: false



    ------------------------------
    BEN WILLIAMS
    ------------------------------



  • 3.  RE: Automating Granting and Revocation Processes

    Posted 29 days ago

    Hi Ben,

    Thank you for your quick reply. Unfortunately, when I try to assign a role-whether it's a global role or a group role-I always get an error message indicating that the role was not found.



    ------------------------------
    Lucas Marino
    ------------------------------