Documentation forThreat Monitor

Add and edit users

Users with administrator access can add users and assign permissions and access levels. Each user can span multiple companies and possess different access levels.

  1. In Threat Monitor, navigate to Access > New User.

    You can also navigate to Access > Clone User to use an existing user account as a template and save time when creating multiple user accounts.

  2. On the Account tab, enter a user name and password.
  3. Select the Force password change check box, and then click Next.
  4. On the Contacts tab, enter the user contact information, and then click Next.
  5. To establish user permissions, click the Access tab and select one or more of the following access levels:
    • Superadmin: Admin rights - can do everything in the portal

    • Ossec admin: Access to the OSSEC UI
    • Syslog admin: Access to the Syslog UI
    • Reports admin: Access to the reports tab
    • Alarm view: Can see alarms
    • Alarm admin: Access to alarm policies
    • Email admin: Access to email templates
    • Asset admin: Access to add and remove assets
    • Policy admin: Access to policies
  6. For users that do not require administrative access, make no selection to grant read-only access, and then click Next.
  7. On the Company Access tab, select each company the user can access.

  8. Select access options for sensors, alarms, and test email, and then click Next.

    When you select Receive alarms or test emails, select the appropriate Alarm mail template as well.

  9. Review your settings, and then click Next to create the new user.
  10. To restrict the type of log data each user can view, navigate to Access > Access Filters.

  11. From the Select User drop-down list, select a user name.
  12. Select one or more filter check boxes.
  13. Choose an action from the drop-down list, and then click Go.