2 Replies Latest reply on Jan 20, 2015 5:17 PM by nicole pauls

    User Privileges

    cassandra.berg

      What's the difference between the "Modify" and "Audit" privileges for user roles in LEM? I'm assuming "Access" means they can just view the area. Myself and my co-administrator need to have full privileges to the system but we need to lock it down for the others so they can't modify the configuration or any of the data. Creating filters is alright, though.

        • Re: User Privileges
          curtisi

          So I created a couple test users in my lab, an Auditor role and a Monitor role.  Using the "Rules" section as an example, this is what the Monitor user has:

           

          2015-01-07 09_07_05-SolarWinds Log and Event Manager Console.png

           

          And if I log in as that user and try to access the Rules, I can't:

           

          2015-01-07 09_07_22-SolarWinds Log & Event Manager.png

           

          So then I logged in as the Auditor user, that has these permissions:

           

          2015-01-07 09_08_10-SolarWinds Log and Event Manager Console.png

           

          I can access rules, but I can't make changes to the rules or their states:

           

          2015-01-07 09_08_44-SolarWinds Log & Event Manager.png  2015-01-07 09_08_52-SolarWinds Log & Event Manager.png

          • Re: User Privileges
            nicole pauls

            The "Audit" permission is basically just flagging that any access (or changes, if allowed) by that user will be audited with InternalAuditSuccess (or rarely, Failure) events in LEM.

             

            Modify / Access are the actual "permissions" that dictate whether a change can be made.

             

            Here's the role summary from the user guide:

            • Administrators are users who have full access to the system, and can view and modify everything.
            • Auditors are users who have extensive view rights to the system, but cannot modify anything other than their own filters.
            • Monitors are users who can access the Console, but cannot view or modify anything, and must be provided a set of filters.
            • Contacts are users who cannot access the Console, but do receive external notification.
            • Guests are users who have extensive view rights to the system, but cannot modify anything other than their own filters.

             

            My guess is that you and your co-admin should be administrator users and others should be auditor users (can see everything but can't make configuration changes).