Permissions to access data#

The permission structure in EclecticIQ Intelligence Center separates permissions in the following groups:

Permissions users require to configure and to manage Intelligence Center settings, features, and functionality.
Permissions users require to access and to consume Intelligence Center data.

Actions and permissions to access and consume data#

The following table shows the permissions roles and users require to carry out actions on Intelligence Center data and resources.

Action	Steps	Permissions
View EclecticIQ Intelligence Center dashboard.	From the left sidebar, select Dashboard .	read entities read extracts read outgoing-feeds read tickets
View ingested entities.	From the left sidebar, go to Search > GO TO SEARCH AND BROWSE > Entities.	read entities
View an entity detail pane, including any content in the detail pane tabs.	From the left sidebar, go to Search > GO TO SEARCH AND BROWSE > Entities, select an entity in the overview, and open the corresponding entity detail pane.	read destinations read entities read extracts read history-events read intel-sets read sources read taxonomies read tickets read workspaces
Create a new entity. Edit an existing entity. Delete an existing entity.	From the left sidebar, go to Search > GO TO SEARCH AND BROWSE > Entities > Create entity + to create a new entity.	modify draft-entities (to save as draft) modify entities read extracts read sources read taxonomies
View ingested observables.	From the left sidebar, go to Search > GO TO SEARCH AND BROWSE > Observables.	read entities read extracts
View an observable detail pane, including any content in the detail pane tabs.	From the left sidebar, go to Search > GO TO SEARCH AND BROWSE > Observables, select an observable in the overview.	read destinations read entities read extracts read intel-sets read tickets read users read workspaces
Create a new observable.	From the left sidebar, go to Search > GO TO SEARCH AND BROWSE > Observables > Create observable +.	modify extracts
View manually uploaded files.	From the left sidebar, go to Search > GO TO SEARCH AND BROWSE > Uploads.	read blob-uploads
View an uploaded file detail pane, including any content in the detail pane tabs.	From the left sidebar, go to Search > GO TO SEARCH AND BROWSE > Uploads, click an uploaded file under Recently uploaded files, and open the corresponding uploaded file detail pane.	read blob-uploads read content-types read entities read source read users
Manually upload a file. View an uploaded file detail pane, including any content in the detail pane tabs.	From the left sidebar, go to Search > GO TO SEARCH AND BROWSE > Uploads tab, and then manually upload a file; or click an uploaded file under Recently uploaded files to open the corresponding uploaded file detail pane.	modify blob-uploads read content-types read entities read groups
View datasets.	From the left sidebar, go to Search > GO TO SEARCH AND BROWSE > Datasets.	read intel-sets
View a dataset detail pane, including any content in the detail pane tabs.	From the left sidebar, go to Search > GO TO SEARCH AND BROWSE > Datasets, select a dataset in the overview, and open the corresponding dataset detail pane.	read entities read intel-sets
Create a new dataset. Edit an existing dataset. Delete an existing dataset.	From the left sidebar, go to Search > GO TO SEARCH AND BROWSE > Datasets > + (Create dataset).	modify intel-sets modify workspaces read workspaces
View saved graphs.	From the left sidebar, go to Graphs > Saved graphs >.	read entities read graphs
Create a new graph. Load an existing graph to view it and to edit it. Delete an existing graph.	From the left sidebar, go to Graphs > Saved graphs > Create graph +.	modify graphs read entities read workspaces
View entities created with EclecticIQ Intelligence Center entity editor.	From the left sidebar, go to Search > GO TO SEARCH AND BROWSE > Entities.	read draft-entities read entities
Create a new entity in the entity editor. Edit an existing entity in the entity editor. Delete an entity previously created in the entity editor.	From the left sidebar, select Create + and create a new entity.	modify draft-entities modify entities modify extracts read draft-entities read entities read extracts read groups
View newly discovered entities.	From the left sidebar, go to Discovery .	read discovery-rules read entities read source
View exposed entities.	From the left sidebar, go to Exposure > Entities.	read entities
View an exposed entity detail pane, including any content in the detail pane tabs.	From the left sidebar, go to Exposure > Entities. select an entity in the overview, and open the corresponding entity detail pane.	read destinations read entities read extracts read history-events read intel-sets read sources read taxonomies read tickets read workspaces
Edit an existing exposed entity. Delete an existing exposed entity.	From the left sidebar, go to Exposure > Entities.	modify draft-entities (to save as draft) modify entities read extracts read sources read taxonomies
View exposure settings.	From the left sidebar, go to Exposure > Settings tab.	read configurations
Edit exposure settings.	From the left sidebar, go to Exposure > Settings tab > Edit exposure settings.	modify configurations
View outgoing feed setup for exposure.	From the left sidebar, go to Exposure > Outgoing feeds tab.	read content-type read outgoing feeds read transports
View workspaces.	From the left sidebar, go to Workspaces .	read graphs read workspaces
Create a new workspace. Edit an existing workspace. Delete an existing workspace.	From the left sidebar, go to Workspaces > Create workspace +.	modify workspaces
Add MITRE ATT&CK classifications to entities.	In the entity builder, select + Add ATT&CK classification.	read attack modify entities
View and install knowledge packs.	From the left sidebar, go to Data configuration > Knowledge packs.	install knowledge-packs read knowledge-packs