You can create different user roles and assign them different permissions. Role assignment helps you control users access to functionality, data access based on fields in the incoming events, or both. Each role can contain any number of users. Users belonging to the same role inherit the permissions of the role they belong to. You can set multiple permissions for a role.
Change Guardian has the following roles by default:
Administrator: A user in this role has administrative rights in the Change Guardian system. You cannot delete users in this role. Administrative rights include the ability to perform user administration, data collection, data storage, search operations, rules, report, dashboard, and license management.
You cannot modify or delete the administrator role.
Change Guardian Administrator: A user in this role can view all event data, including raw data.
Operator A user in this role can manage alerts, view Security Intelligence Dashboards, share alert and event views, run reports, view and rename reports, and delete report results. The Threat Response dashboard allows Operators to triage alerts quickly and efficiently.
PCI Compliance Auditor: A user in this role has access to view events that are tagged with at least one of the regulation tags such as PCI, SOX, HIPAA, NERC, FISMA, GLBA, NISPOM, JSOX, and ISO/IEC_27002:2005, and can view system events, view the Change Guardian configuration data, and search data targets.
User: A user in this role can manage dashboards, run reports, view and rename reports, and delete report results.