Manage Users - User Guide - 2 - Cortex XPANSE - Cortex - Security Operations

Cortex Xpanse Expander User Guide
Product
Cortex XPANSE
Version
2
Creation date
2024-03-28
Last date published
2024-04-17
Category
User Guide
Solution
Cloud
Abstract

Manage users and user permissions in the Access Management section of Cortex Xpanse.

Any user who has a Customer Support Portal (CSP) account can be provisioned access to Cortex Xpanse. On the Users page, you can see a list of all CSP account holders and provision them with the appropriate role based on the privileges they need. If a user is not listed, ensure that the user is added in the Customer Support Portal.

On the Users page, you can perform the following actions:

  • View the list of Users

  • Import Multiple User Roles

  • Manage Users

Users List View

The Users page provides a list view of all Cortex Xpanse users. The Users list view displays user information such as the information described in the following table.

Name

Description

Direct Role

Name of the role assigned specifically to the user that is not inherited from somewhere else, such a User Group. When the user does not have any access permissions that are assigned specifically to them, the field displays No-Role.

Email

Email address of the user.

First Name

First name of the user.

Groups

Lists the group that a user belongs to, where any group imported from Active Directory has the letters AD added beside the group name.

Groups Scope

Lists the tags associated with the user based on the user groups the user belongs to. When you hover over the Groups Scope, the tags associated with this user are displayed.

Group Roles

Lists the different group roles based on the groups the user belongs to. When you hover over the group role, the group associated with this role is displayed.

Last Login Time

Last date and time the user accessed Cortex Xpanse.

Last Name

Last name of the user.

Scope

Tags assigned directly to the user.

Status

Displays whether the user is Active or Inactive

User Name

Full user name.

User Type

Indicates whether the user was defined in Cortex Xpanse using the CSP (Customer Support Portal) or some other method.

When hovering over a user’s name (and clicking the edit button) or right-clicking the user’s name, you can update the user’s role, you can perform several actions, including the following:

  • Add/edit Roles

    Add out-of-the-box roles such as Administrator, Analyst, etc or create your own roles.

  • Add/edit User Groups

    Note

    If you assign a user to more than one user group with different permissions, the user will get a superset of the permissions.

  • Add/edit accumulated permissions

    The Show Accumulated Permissions field shows permissions based on the role and user groups assigned to the user. Role permissions consist of different components and advanced permissions for all roles.

    By default all permissions are displayed, which lists the combined permissions of every role and user group assigned to the user. You can also select the specific roles assigned to the user, which enables you to compare available permissions based on the roles selected. This can help you understand how the role permissions for a particular user are built. For example, if you need to isolate a specific component, the permissions provided by a particular role or user group.

  • Add/edit permissions for components (such as dashboards, reports, incidents, etc) and page access, default dashboards, etc.

Import Multiple User Roles

You can also Import Multiple User Roles as a CSV file to quickly add users who have a CSP account and assign them pre-existing roles in Cortex Xpanse. Access the Download example file (when clicking Import Multiple User Roles) to view the required format to upload and replace the file contents with the data to upload. The following parameters and values must be included:

Parameter

Description

User email

The email address of the user belonging to a CSP account that you want to import.

Role Name

The name of the role that you want to assign to this user. The role must already be created in Cortex Xpanse.

Is an account role (default=false)

Determines whether the user role is created in the Cortex Gateway or Cortex Xpanse tenant. If defined in the Cortex Gateway, set the value to True, otherwise, the value is set to false (default).

Manage Users

Perform these steps to manage users.

  1. Select Settings & InfoSettingsAccess ManagementUsers.

    In the Users page, a number of different options are available to help you manage users.

  2. Select one or more users and right click to perform the following actions:

    • Update User Role

      1. Select a Role from the list of default and custom roles that you want to assign the user.

      2. Edit the user group, if required.

      3. Edit the accumulated permissions in the Show Accumulated Permissions field.

      4. Change the View/Edit permissions for individual components.

    • Deactivate user

      You cannot deactivate a user that has an Account Admin role.

    • Remove user role

    • Hide User

      This is useful, for example, when you have users, who are not related to Cortex Xpanse and are designated with a role, such as CSP Super Users. If you deselect Show User Subset, these users are hidden in the table.

    • Copy text to clipboard

    • Copy entire row

  3. Save the settings.