19.1 Available Permissions

Some permissions are available for any deployed product. Other permissions depend on the capabilities that you have deployed.

19.1.1 Reports Permissions

The following table lists the permissions available when you add the Reports feature.

Function	Permission	Allows users to…
Reports	Report Admin	In the Reports Portal ... View dashboards and reports Create subfolders Schedule reports Create data worksheets, dashboards, and reports View Admin reports Manage the data source (not available in a SaaS environment)
Reports	Design Reports	In the Reports Portal ... View dashboards and reports Create subfolders Schedule reports Create data worksheets, dashboards, and reports
Reports	Schedule Reports	In the Reports Portal ... View dashboards and reports Create subfolders Schedule reports
Reports	View Reports	In the Reports Portal ... View dashboards and reports Create subfolders

19.1.2 User Management Permissions

The following table lists the permissions needed to manage users.

Function	Permission	Allows users to…
User Management	View Users	View the list of all active and inactive users
User Management	Create Users	View users Assign roles to users Assign users to groups
User Management	Activate/Deactivate Users	View users Change the status of a user that you manage
User Management	Change User Password	View users Change the password of a user that you manage
User Management	Change User Email	View users Change the email associated with a user
User Management	Assign Roles to Users	View users Assign roles that you currently have to users that you manage
User Management	Assign Users to Groups	View users View account groups Add and remove users from account groups that you currently manage Assign users who are members of account groups that you manage to any other account group
User Management	Manage Groups	View account groups Create account groups You are automatically added to the account groups that you create. Delete account groups that you currently manage Add and remove managers for account groups that you currently manage Add and remove users from account groups that you currently manage Assign users who are members of account groups that you manage to any other account group
User Management	Manage Roles	View roles Create roles You are automatically added to the roles that you create. Add and remove users from roles that you have Add and remove any permission assigned to you from roles that you currently have Delete roles that you currently have

19.1.3 ArcSight Permissions

The following table lists the permissions available when you deploy an ArcSight capability such as Recon or Intelligence.

Function	Permission	Allows users to…	Available with...
ArcMC	ArcMC System Admin	Perform System Admin functions (not available in a SaaS environment)	ArcMC
ArcMC	ArcMC Operation Admin	Perform all Operations functions, but does not have access to System Admin (not available in a SaaS environment)	ArcMC
ArcMC	ArcMC System Viewer	Read only access to System Admin functions (not available in a SaaS environment)	ArcMC
ArcMC	ArcMC Operation Viewer	Read only access to Operations functions (not available in a SaaS environment)	ArcMC
Dashboards	Share a Dashboard	With the Manage Role permission, share the current dashboard with any role Without the Manage Role permission, share the current dashboard with any of the roles associated with the user’s role	Fusion
Intelligence	Access Intelligence	Log in and use Intelligence	Intelligence
Intelligence	View Intelligence Raw Events	Access Intelligence View raw event data	Intelligence
Intelligence	Tune Intelligence Analytics	Access Intelligence Fine-tune the importance applied by Analytics to the events in your source data	Intelligence
Intelligence	Access Intelligence Search Manager	Access Intelligence Use the Intelligence Search Manager tool for troubleshooting NOTE:Do not assign this permission or use the tool without first consulting Support Services. For more information, see the ArcSight Intelligence User Guide on the ArcSight Intelligence documentation site. In a SaaS environment, this permission is available only to the System Operations Administrator.	Intelligence
Licensing and Usage	Manage Contract	Create and edit an MSSP profile Import, update, view, and delete an MSSP contract	an MSSP license
Licensing and Usage	Access EPS Usage	Export an EPS Usage Report	an MSSP license
Searches	Execute Search	Execute searches using fieldsets, custom ranges dates, and search operators	Recon Also available for ESM, Intelligence, and SOAR in a preview mode
Searches	Export Search Results	Export the search results in csv format	Recon Also available for ESM, Intelligence, and SOAR in a preview mode
Searches	Never Expire Search Results	Configure searches to never expire	Recon
Searches	Manage Scheduled Searches	Create and manage scheduled searches	Recon
Searches	Perform Event Integrity Check	Run an Event Integrity Check and view the results	Recon
Searches	Manage Outlier Models and Scoring	Create and delete Outliers models Build and pause the scoring processes	Recon
Searches	Manage Lookup Lists	Add, configure, view, and delete lookup lists	Recon
Searches	Manage Fieldsets	Create, edit, and delete fieldsets	Recon
Searches	Manage Search Queries/Criteria	Create, clone, edit, delete,and view all previously saved search queries and search criteria View and clone all out-of-the-box search queries	Recon Also available for ESM, Intelligence, and SOAR in a preview mode
Searches	Logger Data Migration	Execute a data migration to Recon from Logger	Recon
Operations Management	Access Database Monitoring	Access the APIs for monitoring the database (not available in a SaaS environment)	Capabilities that require the ArcSight Database
Operations Management	Manage Storage Groups	Create and manage storage groups	Recon
Operations Management	Manage Kafka	Access Kafka Manager for Transformation Hub (not available in a SaaS environment)	Transformation Hub