Skip to main content
Version: 2.13.X

Detailed Permissions

The following tables describe the permissions available to apply to both roles and groups.

Authoring

PermissionRead/WriteControl
DeploymentsReadRead deployment-related statuses and data.
DeploymentsWriteWrite deployment-related data, including the ability to deploy and terminate deployments.
ModelsReadRead authoring data models (projects, event patterns, event types, etc.).
ModelsWriteWrite authoring data models (projects, event patterns, event types, etc.).
Schema DiscoveryReadUse Schema Discovery to search topics and view schemas.

Data Management

PermissionRead/WriteControl
ConnectorsReadUser is able to view connector configurations and status.
ConnectorsWriteUser is able to create, run, and stop connectors.
Upload FilesReadUser is able to see file upload status and records in the Activity Monitor page of the Data Importer.
Upload FilesWriteUser is able to upload files via Data Importer.

History

PermissionRead/WriteControl
AuditReadUser can visit the Audit Viewer application, which allows viewing historical actions.

Manual Actions

PermissionRead/WriteControl
Manual ActionsWriteIf an event has manual actions available, a user can access the manual event interface to perform a specific action on the event.

User Management

PermissionRead/WriteControl
GroupsReadUser can see a list of groups in the system.
GroupsWriteUser can create, delete, or modify a group.
RoleReadUser can see a list of roles in the system.
RoleWriteUser can create, delete, or modify a role.
UsersReadUser can see a list of all users in the system.
UsersWriteUser can modify another user's details, including first name, last name, access, role and group.

Workstation

PermissionRead/WriteControl
Collections AttachmentsReadUser can download attachments from a collection or its comments.
Collections AttachmentsWriteUser can upload attachments to a collection and its comments.
Collections ExportReadUser can export data and reports from a collection.
Custom Field TemplatesWriteUser is able to view and edit Custom Field Templates in Workstation Designer.
Data DeleteWriteUser is able to perform administrative deletion of Workstation data.
Export BuilderWriteUser can access/update the export builder tool to create, manage, or delete limited custom mappings from a collection into CSV format.
IngestWriteUser can see and interact with the Admin screen and the “Ingestion settings” table on the Admin screen. Note: Write permission to "Ingest" is required for any user that wishes to set "Event Decorations" on Designer (which is handled via the "Templates Views" view permission).
Notification SettingsWriteUser can see and interact with the "Notification Settings" table on the Admin screen, but they are required to also be granted access to "Ingest", otherwise they will not see the Admin screen at all.
Report BuilderWriteUser can access/update the report builder tool.
TagsWriteUser can see the Designer tab and the "Tags" mode within it. User can create, edit, or delete tags.
Templates Event DetailsWriteUser can see the Designer tab and the "Event Detail Templates" mode within it. User can create, edit, or delete Event Detail Templates.
Templates ViewReadUser can view view templates.
Templates ViewWriteUser can create, update, or delete view templates. User can see the "Event Decorations" mode in the Designer tab if they also have "Write" access to "Ingest".
ViewsReadUser can click into views but cannot add or delete widgets.
ViewsWriteUser can create, edit, and delete views. Within a view, they can add, edit, or delete widgets.