Objective 

Prerequisites 

• You have administrator access to the EventLog Analyzer console.
• The application is installed and running properly on the server.
• You are familiar with the user role management concepts in EventLog Analyzer.
• You have a clear understanding of the permissions or access levels to be assigned to the technician.
  

Steps to follow 

Step 3: Click Manage Roles.  All the available roles will be displayed.  

Step 4: Click + Create New Role.

• Click the Description link next to the Role Name field to enter a description for the role you want to create.
• You will see multiple tabs, including Dashboard, Reports, Compliance, Correlation, Alerts, Settings, and Others.
• You can click the check boxes to provide access to the respective page in EventLog Analyzer.
• You can also navigate to each of these tabs individually and select the required permissions.
  
  
  
  
• Dashboard tab
• In the Dashboard section, you can allow users to view, create, and manage the dashboard. 
• In the View the Log Source section, you can assign permissions to view device, application, and file integrity monitoring logs.
• Reports tab
• Under the Reports tab, you can specify if the user can view, schedule, and create reports by selecting the appropriate check boxes. You can select all permissions associated with the Reports section by choosing General.
  
• Compliance tab

• Similarly, under the Compliance tab, you can choose if the user can view, create, and schedule compliance reports. Click the General check box if you want the user to have all permissions related to the Compliance tab.
  
• Search tab
• Under the Search tab, you can choose if you want to allow the user to perform search operations on the collected logs.
• Correlation tab
• Under the Correlation tab, you can find the Correlation and Activity Monitoring sections.
• In the Correlation section, you can choose if you want the role to be able to view correlation reports, schedule them, and create and manage correlation rules and custom correlation actions.
• In the Activity Monitoring section, you can choose if the role can view and schedule activity monitoring reports and create and manage activity monitoring rules.
• Alerts tab
• Under the Alerts tab, you can find four sections: Alerts, Incidents, Incident Workflows, and Ticketing Tools.
• In the Alerts section, you can specify if you want the role to be able to view generated alerts and manage alert profiles and alert assigning rules by clicking the appropriate check box.
• In the Incident section, you can specify if you want to view all incidents, view assigned incidents, manage incidents, and manage incident rules.
• In the Incident Workflows section, you can select if the role can manage incident workflows.
• In the Ticketing Tools section, you can allow the role to configure ticketing tools.
• Settings tab
• Under the Settings tab, you can find three tabs on the left pane: Log Source Configuration, Admin Settings, and System Settings.
• The Log Source Configuration tab contains multiple sections in which you can choose if you want the user to have permissions to configure and manage devices, applications, databases, virtual machines, cloud sources, log imports, and the file integrity monitoring component.
  

• Admin Settings tab
• In the Admin Settings tab, you can assign permissions related to the administrative configuration of the EventLog Analyzer environment.
• This includes access to critical areas, such as configuring and managing agents, device groups, domains, and threat feeds, as well as defining report profiles.
• You can also allow the technician to manage data storage configurations, including log archives, retention policies, and database settings.
• Additionally, permissions can be granted for managing general product settings, working hours, privacy configurations, and profile management.
• The Integrations section lets you enable access to manage Log360 Cloud settings and configure the Log Forwarder. 
•  The Others section allows you to grant permissions for specialized administrative functions that support advanced log management. This includes access to:

• Manage Custom Log Parsing Rules: Enables the technician to create or edit parsing rules for non-standard log formats, ensuring accurate data interpretation.
• Manage Tags: Allows the technician to create and manage custom tags for categorizing and filtering logs based on specific attributes.
  

• System Settings tab
  In the System Settings tab, you can assign permissions related to system-level configurations and support tools. This includes:

• General Settings: Control over HTTP/SSL port settings, proxy configuration, notification management, SNMP/Syslog port settings, and branding options like changing the product logo and name.
  
• ​Support Settings: Permissions to manage log-level settings; execute direct queries on the product database; and view system resource metrics such as disk usage, log flow rates, CPU, and RAM consumption.
  

Tips 

• It is recommended to add a description to all the roles to avoid repetition of the same roles.