Access Control Lists

ESM uses Access Control Lists (ACLs) to manage user group permissions. ACLs define which user groups have permissions to which resources, and to which components such as rules, reports, and filters. (See also Editing Access Control Lists (ACLs).)

User groups can have inspect (read) permissions, edit (write) permissions, or both. If a user group has inspect permissions, they can read the resource. For example, the users in the group can see the resource and related information through the Console. If the group has edit permissions, they can write to or change the resource, such as writing or editing a rule or report resource.

Resources, too, can have inspect (read) permissions, or edit (write) permissions. Resources, like user groups, are managed as groups and not as individual resources. Therefore, a resource can only be accessed if a user group has access to the resource's group. Permission to inspect or edit resources is granted when the user logs in, and the resource only appears in the Console if the logged in user has inspect permissions.

Note: Best practices:

  • Log out and log back in again for permission changes to take effect.

  • Whenever an administrator changes another user’s permissions, the other user should log out and log back in again. This ensures that the new permissions are registered with the Manager, and the user can see the changes.