.png?width=180&height=32&name=NW%20Logo%20(2).png){kind=small}
Add or Edit Role Dialog
In the Add Role and Edit Role dialogs, you can add or edit a role and the permissions assigned to it. You can also specify the query-handling attributes for role members to lock down the information that they can retrieve. The structure of these dialogs is the same. The only difference is that you either add a new role or modify an existing role.
When you change permissions for a role, the change is immediately applied to users who are assigned the particular role after the role is saved.
What do you want to do?
- Role: Admin
- I want to ...: View preconfigured roles
- Show me how: Review the Preconfigured NetWitness Platform Roles
- Role: Admin
- I want to ...: Create a new role
- Show me how: (Optional) Add a Role and Assign Permissions
- Role:
Admin
- I want to ...:
Edit a role
- Show me how:
- Role: Admin
- I want to ...: Delete a role
- Show me how: (Optional) Add a Role and Assign Permissions
Related Topics
Verify Query and Session Attributes per Role
Quick Look
To access this view, go to 
(Admin) > Security > Roles tab and in the toolbar, click 
, or select a role and click 
.
The Add Role and Edit Role dialogs include three sections.
- Column 1: 1
- Column 2: Role info
- Column 1: 2
- Column 2: Attributes
- Column 1: 3
- Column 2: Permissions
Role Info
This is the information in the Role Info section.
- Feature: Name
- Description: The name of the user role.
- Feature: Description
- Description: An optional description of the user role.
Attributes
The following table describes the fields in the Attributes section..
- Field: Core Query Timeout
- Description: (Optional) Specifies the maximum number of minutes that a user can run a query. The default value is 5 minutes. This timeout only applies to queries performed from Investigation. If this value is set, it must be zero (0) or greater. A value of zero represents no timeout.
- Field: Core Session Threshold
- Description: Controls how the service scans meta values to determine session counts. This value must be zero (0) or greater. If this value is greater than zero, a query optimization will extrapolate the total session counts that exceed the threshold. When the meta value returned by the query reaches the threshold, the system will:
- Stop its determination of the session count
- Show the threshold and percentage of query time used to reach the threshold
- Field: Core Query Prefix
- Description: (Optional) Filters query results to restrict what the role members see. By default, this is blank. For example, the 'service' = 80 query prefix prepends to any queries run by the user and the user can only access meta of HTTP sessions.
Permissions
The following table describes the features in the Permission section.
- Feature: Module
tabs - Description: There are fifteen default tabs, one for each module: Administration, Admin-server, Alerting, Config-server, Incidents, Investigation, Investigation-server, Integration-server, Live, Malware, Orchestration-server, Reports, Response-server, Security-server and Dashboard. Additional tabs may be available based on the installation. Each tab lists the permissions for a module.
- Feature: Assigned
column - Description: Checkbox that indicates if a module permission is assigned to the role.
- Feature: Description
column - Description: List of all permissions for the module.
- Feature: Save
- Description: Saves the role with the selected permissions assigned to it.
- Feature: Cancel
- Description: Cancels any work and closes the dialog.