Groups Permission
LogicHub provides the following permissions, along with a description of each permission type, as well as the category to which it belongs.
Administrative Permissions
Permission | Description | Type |
---|---|---|
User Management | Allows you to manage people who can use LogicHub. | List: This allows you to view the entities created by you and those that are shared with you. |
Platform Permissions
Permission | Description | Type |
---|---|---|
Kibana | Allows you to use the LogicHub SIEM platform for querying your data sources. | Access: Allows users to access Kibana. |
Content Permissions
Permission | Description | Type |
---|---|---|
Case Management | Allows you to track activity related to investigations of threats and other security issues. | Admin: All users that have permission on a case type can view and edit fields, tasks or comments. |
Connection | Allows you to import data into LogicHub from SIEMs, Elastic Search, File, or a Directory. | List: Allows you to view and manage permissible connections. |
Integration Connection | Allows you to exchange data/automate actions in supported third-party applications. | List: Allows you to view and manage integration instances. |
Dashboard | Allows you to visualize data from Playbooks or Files. | List: Allows you to view and manage permissible dashboards. |
Playbook | Codifies a security analyst's intelligence to analyze the imported data. | List: Allows you to view and manage permissible playbooks. |
Command | This is a type of playbook that executes on-demand based on inout arguments. | List: Allows you to view and manage permissible commands. |
Event Type | This is a query to import data into LogicHub from a connection. | List: Allows you to view and manage permissible event types. |
Destination | Receives the results of playbooks to a connection. | List: Allows you to view and manage permissible destinations. |
Custom List | Stores and reuses the data from any playbook in others. | List: Allows you to view and manage permissible custom list. |
Stream | Automates your playbook by executing it in batches at preset intervals. | List: Allows you to view and manage permissible streams. |
Baseline | Serves as a reference of normal IT activities. Can be created from and used in playbooks. | List: Allows you to view and manage permissible baselines. |
User Form | Request input from users and automatically include the responses in a case or playbook | List: Allows you to view and manage permissible User Forms. |
Updated 2 months ago