Configure access to cases

edit

Configure access to cases

edit

To access cases in Stack Management, you must have the appropriate Kibana privileges:

Action Kibana privileges

Give full access to manage cases and settings

  • All for the Cases feature under Management.
  • All for the Actions and Connectors feature under Management.

The Actions and Connectors feature privilege is required to create, add, delete, and modify case connectors and to send updates to external systems.

By default, All for the Cases feature includes authority to delete cases and comments, edit case settings, add case comments and attachments, and re-open cases unless you customize the sub-feature privileges.

Give assignee access to cases

All for the Cases feature under Management.

Before a user can be assigned to a case, they must log into Kibana at least once, which creates a user profile.

This privilege is also required to add case actions to rules.

Give view-only access to cases

Read for the Cases feature under Management.

You can customize sub-feature privileges for deleting cases and comments, editing case settings, adding case comments and attachments, and re-opening cases.

Revoke all access to cases

None for the Cases feature under Management.

For more details, refer to Kibana privileges.

If you are using an on-premises Kibana deployment and you want the email notifications and the external incident management systems to contain links back to Kibana, you must configure the server.publicBaseUrl setting.