Roles can be used to restrict the Compliance Auditor options available to Framework users. For example, you might want users to be able to audit events, but not administer rules, ACLs, or reports.
To define roles for a user group to control use of the Compliance Auditor:
Click
on the home page of the console.(Conditional) To add a new group, click
> , specify a name, then click .To modify an existing group or configure the group you just created, select the group, then click
.Select the users you want to be members of this compliance auditing group.
In the
option, click , then add the following roles
Module |
Role |
Description |
---|---|---|
secaudit |
console |
View the Compliance Auditor console. |
secaudit |
audit |
View and edit records. |
secaudit |
<audit role name> |
(Optional) Allows the users to access records generated by the rules configured to use this Audit Role. If you do not add the <audit role name> role, the users can only access records generated by rules with no Audit Role defined. |
audit |
read |
View a keystroke replay. |
Users belonging to this group can access the Compliance Auditor console, view and edit records, and review keystroke logs. If you do not add the <audit role name> role, the users can access all records. If you add the <audit role name> role, the users can access only the records generated by the rules configured to use this Audit Role.
With these roles, the users cannot manage rules, reports, or ACLs. For the roles required for these additional tasks, see Compliance Auditor Roles.
Click
.To continue setting up the Compliance Auditor, see Section 7.2.1, Adding or Modifying an Audit Rule.