User Permissions

The permissions applied to the LRCloud User Profile are listed here. This is the default "administrator" account provided to customers. 

Customers can create additional user profiles as necessary. There are no global administrator accounts available to the customer.

Last updated on December 3, 2021

SIEM version: 7.8.0

Entities

The primary site is granted permission by default. As the customer creates additional entities, they will also inherit the granted permission.

Log Sources Access Rights

Inherited by access to entities.

Data Processor Access Rights

All DPs are granted.

SR Plugins Access Rights

LRC does not preload any SmartResponse Plugins; no rights provided by default. Customers will be the owners of the SRPs when imported and they will inherit grant rights.

Management Permissions

Category

Privilege Name

View

Manage

Entities

Display / Manage Entities

check mark

check mark

Entities

Manage Re-Organization Wizard

check mark

check mark

System Monitor

Display / Manage System Monitor Agents

check mark

check mark

System Monitor

Manage Data Loss Defender Policies

check mark

check mark

System Monitor

Manage File Integrity Monitor Policies

check mark

check mark

System Monitor

Manage Real Time Integrity Monitor Policies

check mark

check mark

System Monitor

Display / Manage System Monitor Configuration Policy Manager

check mark

check mark

System Monitor

Manage Agent Upgrade Packages

check mark

check mark

Network Monitor

Manage Network Monitor

check mark

check mark

Log Sources

Display / Manage Log Sources

check mark

check mark

Log Sources

Windows Host Wizard

check mark

check mark

Log Sources

Manage Log Source Type

check mark

check mark

Log Sources

Manage Automatic Log Source Configuration

check mark

check mark

Log Sources

Manage Log Visualizations Template Policies

check mark

check mark

Log Sources

Manage Automatic Log Source Acceptance Rules

check mark

check mark

Data Processing

Manage Data Processors

cross mark

cross mark

Data Processing

Manage Log Processing Policies

check mark

check mark

Data Processing

Manage MPE Rules

check mark

check mark

Data Processing

Manage Common Events

check mark

check mark

Data Processing

Manage Application

cross mark

cross mark

Data Processing

Manage Common Event Change Manager

check mark

check mark

Data Processing

Manage Data Masking Rules

check mark

check mark

Data Processing

Manage Global Log Processing Policies

check mark

check mark

AI Engine

Manage AI Engines

check mark

check mark

AI Engine

Manage AI Engine Rules

check mark

check mark

AI Engine

Manage AI Engine Rule Actions

check mark

check mark

Lists and Filters

Display / Manage Lists

check mark

check mark

Lists and Filters

Manage Composite Filters

check mark

check mark

Search and Report

Display and Run Investigations

check mark

check mark

Search and Report

Display and Run Tails

check mark

check mark

Search and Report

Manage Report Templates, Reports and Report Packages

check mark

check mark

Search and Report

Manage Schedule Jobs for Reports

check mark

check mark

Search and Report

Manage SecondLook

cross mark

cross mark

Monitor and Alarm

Manage Alarm Rules

check mark

check mark

Monitor and Alarm

Manage Alarm Rule Actions

check mark

check mark

Monitor and Alarm

Manage Notifications

check mark

check mark

Monitor and Alarm

Display Personal Dashboard

cross mark

cross mark

Monitor and Alarm

Display Personal Alarms

cross mark

cross mark

Monitor and Alarm

Manage Global AI Engine Events

check mark

check mark

Monitor and Alarm

Display Alarm Viewer

check mark

check mark

Automate and Orchestrate

Manage Smart Response Plug-ins

check mark

check mark

Automate and Orchestrate

Manage LogRhythm Case Management

check mark

check mark

Users

Manage People and Users

check mark

check mark

Users

Manage User Profiles

check mark

check mark

Users

Manage User Preferences

check mark

check mark

Users

Manage Active Directory

cross mark

cross mark

Users

Manage Object Permissions

cross mark

cross mark

Users

Manage Security Manager

cross mark

cross mark

General Administration

Deployment Manager

check mark

cross mark

General Administration

Manage Platform Managers

cross mark

cross mark

General Administration

Manage CloudAI Access

check mark

check mark

General Administration

Import and Manage Knowledgebase

check mark

check mark

General Administration

Manage TrueIdentity

check mark

check mark

General Administration

Manage LogRhythm API Access

cross mark

cross mark

General Administration

Manage License File Import

cross mark

cross mark

General Administration

Display License Report

check mark

cross mark

General Administration

Database Usage Widget (Web Console)

cross mark

cross mark

General Administration

Component Status Widget (Web Console)

cross mark

cross mark

General Administration

Processing Widget (Web Console)

check mark

check mark

General Administration

Threat Widget (Web Console)

check mark

check mark

General Administration

Manage Tags (Web Console)

check mark

check mark

General Administration

Manage Case Widgets (Web Console)

check mark

check mark

General Administration

Manage All Cases (Web Console)

check mark

check mark

General Administration

Single Sign-On Management (Web Console)

check mark

check mark