IBM Security QRadar

 View Only
  • 1.  User roles

    Posted Fri July 17, 2020 09:18 AM
    ​How do you create user roles to give users access to apps like log source management without giving user the admin rights?

    I have created user roles to give users access to apps and a security profile of admin.

    I have not figured out a way to give user access to apps like log source management with the admin role.



    ------------------------------
    Bruce Hutchinson
    ------------------------------


  • 2.  RE: User roles

    Posted Tue July 21, 2020 09:53 AM
    Hi Bruce,

    Currently all apps have their own permission that will appear in the User Roles UI when they are installed. To grant access to that app, you need to assign that permission to whatever user roles you wish to have use the app.

    That's to access the app itself. On top of that, some apps will require access to underlying APIs and so to be fully functional, a user using the app needs access to those APIs as well. In the case of Log Source Management, the user needs access to the log source APIs, which will be accessible to any user with the System Administrator permission or the Delegated Administration->Manage Log Sources permission. Obviously System Administrator is admin-level access so if you want users to be able to manage log sources without having full admin rights, give them the Log Source Management app permission and Delegated Admin->Manage Log Sources.

    You didn't mention any other specific apps but I would think that the docs for those apps should mention what user role permissions are needed, I know Log Source Management's docs do. Generally it should be fairly intuitive - if the app deals with Reference Data, you'll need the Manage Reference Data permission, if it works with Offenses, it will need the Offenses permission, and so on.

    Cheers
    Colin

    ------------------------------
    COLIN HAY
    IBM Security
    ------------------------------