Permissions to access settings
The permission structure in the Intelligence Center separates permissions in the following groups:
Permissions users require to configure and to manage Intelligence Center settings, features, and functionality.
Permissions users require to access and to consume Intelligence Center data.
Actions and permissions to access settings and configuration
The following table shows the permissions roles and users require to carry out actions affecting Intelligence Center settings and configuration.
|
Action |
Steps |
Permissions |
|
Search entities and observables. |
In the side navigation bar click the search icon |
|
|
View available incoming feeds. |
In the left navigation bar click Data configuration > Incoming feeds. |
|
|
View an incoming feed detail pane, including any content in the detail pane tabs. |
In the left navigation bar click Data configuration > Incoming feeds, select a feed in the overview, and open the corresponding feed detail pane. |
|
|
Create a new incoming feed. Edit an existing incoming feed. |
In the left navigation bar click Data configuration > Incoming feeds > + (Create incoming feed). Or select a feed in the overview, and then in the feed detail pane click |
|
|
Manually trigger an incoming feed task run to download new packages, if available. |
In the left navigation bar click Data configuration > Incoming feeds, select a feed in the overview, and open the corresponding feed detail pane. In the Overview tab of the feed detail pane, click Download now. |
|
|
View available outgoing feeds. |
In the left navigation bar click Data configuration > Outgoing feeds. |
|
|
View an outgoing feed detail pane, including any content in the detail pane tabs. |
In the left navigation bar click Data configuration > Outgoing feeds, select a feed in the overview, and open the corresponding feed detail pane. |
|
|
Create a new outgoing feed. Edit an existing outgoing feed. |
In the left navigation bar click Data configuration > Outgoing feeds > + (Create incoming feed). Or select a feed in the overview, and then in the feed detail pane click |
|
|
Manually trigger an outgoing feed task run to publish new packages, if available. |
In the left navigation bar click Data configuration > Outgoing feeds, select a feed in the overview, and open the corresponding feed detail pane. In the Overview tab of the feed detail pane, click Run now. |
|
|
View the taxonomy. |
In the left navigation bar click Data configuration > Taxonomies. |
|
|
Create a new taxonomy entry. Edit an existing taxonomy entry. Delete an existing taxonomy entry. |
In the left navigation bar click Data configuration > Taxonomies > + (Create taxonomy). Alternatively: in the row corresponding to the taxonomy entry you want to modify or remove, click |
|
|
View available enrichers. |
In the left navigation bar click Data configuration >Enrichers. |
|
|
Edit an existing enricher. |
In the left navigation bar click Data configuration > Enrichers, select an enricher in the overview, and open the corresponding detail pane. In the enricher detail pane, click Edit. |
|
|
Enable and disable enrichers. |
In the left navigation bar click Data configuration > Enrichers, and then on an enricher tile click Enable. |
|
|
View available rules. |
In the left navigation bar click Data configuration > Rules. |
At least one of the following permissions:
|
|
View an observable rule detail pane, including any content in the detail pane tabs. |
In the left navigation bar click Data configuration > Rules > Observable tab, and then select an observable rule to open the corresponding detail pane. |
|
|
Create a new observable rule. Edit an existing observable rule. Delete an existing observable rule. |
In the left navigation bar click Data configuration > Rules > Observable tab, and then click + (Create rule). Alternatively: in the row corresponding to the rule you want to modify or remove, click |
|
|
Create and preview a new observable rule. |
In the left navigation bar click Data configuration > Rules > Observable tab, and then click + (Create rule). Define the new rule, and then click Preview rule. |
|
|
Manually run an observable rule. |
In the left navigation bar click Data configuration > Rules > Observable tab, select a rule in the overview, and open the corresponding rule detail pane. In the Overview tab of the rule detail pane, click Run now. |
|
|
View an entity rule detail pane, including any content in the detail pane tabs. |
In the left navigation bar click Data configuration > Rules > Entity tab, select a rule in the overview, and open the corresponding rule detail pane. |
|
|
Create a new entity rule. Edit an existing entity rule. Delete an existing entity rule. |
In the left navigation bar click Data configuration > Rules > Entity tab, and then click + (Create rule). Alternatively: in the row corresponding to the rule you want to modify or remove, click |
|
|
Create and preview a new entity rule. |
In the left navigation bar click Data configuration > Rules > Entity tab, and then click + (Create rule). Define the new rule, and then click Preview rule. |
|
|
Manually run an entity rule. |
In the left navigation bar click Data configuration > Rules > Entity tab, select a rule in the overview, and open the corresponding rule detail pane. In the Overview tab of the rule detail pane, click Run now. |
|
|
View an enrichment rule detail pane, including any content in the detail pane tabs. |
In the left navigation bar click Data configuration > Rules > Enrichment tab, select a rule in the overview, and open the corresponding rule detail pane. |
|
|
Create a new enrichment rule. Edit an existing enrichment rule. Delete an existing enrichment rule. |
In the left navigation bar click Data configuration > Rules > Enrichment tab, and then click + (Create rule). Alternatively: in the row corresponding to the rule you want to modify or remove, click |
|
|
Manually run an enrichment rule. |
In the left navigation bar click Data configuration > Rules > Enrichment tab, select a rule in the overview, and open the corresponding rule detail pane. In the Overview tab of the rule detail pane, click Run now. |
|
|
View a discovery rule detail pane, including any content in the detail pane tabs. |
In the left navigation bar click Data configuration > Rules > Discovery tab, select a rule in the overview, and open the corresponding rule detail pane. |
|
|
Create a new discovery rule. Edit an existing discovery rule. Delete an existing discovery rule. |
In the left navigation bar click Data configuration > Rules > Discovery tab, and then click + (Create rule). Alternatively: in the row corresponding to the rule you want to modify or remove, click |
|
|
Manually run a discovery rule. |
In the left navigation bar click Data configuration > Rules > Discovery tab, select a rule in the overview, and open the corresponding rule detail pane. In the Overview tab of the rule detail pane, click Run now. |
|
|
View available policies. |
In the left navigation bar click Data configuration > Policies. |
|
|
View a policy detail pane, including any content in the detail pane tabs. |
In the left navigation bar click Data configuration > Policies, select a policy in the overview, and open the corresponding policy detail pane. |
|
|
Create a new policy. Edit an existing policy. Delete an existing policy. |
In the left navigation bar click Data configuration > Policies > + (Create retention policy). Alternatively: in the row corresponding to the policy you want to modify or remove, click |
|
.
> Edit.