Roles and permissions in IT Data Analytics

As an administrator, you can control access permissions to the TrueSight IT Data Analytics (TrueSight IT Data Analytics) product based on the user roles and permissions assigned to users.

Note that you can use various options to authenticate users into TrueSight IT Data Analytics. However, regardless of the method you use to authenticate users, TrueSight IT Data Analytics uses the access permissions described in this topic to authorize users.

Access permissions can be of two kinds – role-based access (or feature-level access) and data-level access. The role-based access permissions and data-level access permissions together determine the actions that a user can perform related to viewing, creating, modifying, or deleting data.`

This topic contains the following information:

Related topics

Managing users and access controlSetting user preferences

Security planning

Role-based access

Role-based access refers to access to various features (tabs) in the product, depending on the user role and responsibility. Thus, this kind of access is enabled at the feature-level. As an administrator, you can apply this kind of access by assigning user groups to roles.

The following roles are available in TrueSight IT Data Analytics:

  • Super Admin
  • App Admin
  • Troubleshooter

For more information about roles, see

The following table provides an illustration of the feature-level access permissions available to different roles. Note that the 'X' symbol in the table indicates the access permissions available to various user roles.

Main tab

Subtab

Roles

Super Admin

App Admin

Troubleshooter

Dashboards

X

X

X

Search

X

X

X

Saved Searches

X

X

X

Administration

Data Collectors

X

X

 

Data Patterns

X

X

 

Notifications

X

X

 

Users*

X

 

 

User Groups*

X

 

 

Roles

X

 

 

Components

X

 

 

Credentials

X

X

 

Hosts

X

 

 

Content Packs

X

X

(Export only access)

 

System Settings

X

 

 

External Configurations

X

X

(View only access)

 

Collection Profiles

X

 

 

Settings

User Settings

X

(Specific to individual user)

X

(Specific to individual user)

X

(Specific to individual user)

Change Password

X

(Specific to individual user)

X

(Specific to individual user)

X

(Specific to individual user)

If you are using Remedy Single Sign-On for user authentication, then the Users and user Groups pages are not available.

Data-level access

Data-level access refers to access to data emerging from particular data sources or applications.

Data-level access can be implemented by assigning user groups to data collectors. Data collectors are responsible for collecting data from various data sources and making it available for search. By assigning user groups at the time of data collector creation, you can restrict access to the data collected.

Note

Based on the data-access permissions, as a user, you can:

  • Perform searches on the event data to which you have been granted access.
  • See objects shared with you via saved searches.

This kind of access control is useful when you want to restrict access to application data based on user roles or based on users with certain attributes. You can group users with similar attributes by adding them to a common user group. After doing this, you can use that user group for assigning access permissions to particular application data (or data emerging from particular data sources).

For the data-level access permissions to be applied:

For more information about creating data collectors, see Collecting data into the system

Where to go from here

To configure the product for data collection, see Collecting data into the system

To configure user authorization, see Authenticating users with Remedy Single Sign-On or IT Data Analytics.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*