Configure permissions to use Jupyter and Observability applications.
The following permissions enable users to use Jupyter and Observability applications.
Caution
Usage and management: The permissions allow users to use and access existing application instances. If a user needs to manage, install, configure, or delete application instances, they must be granted the separate Apps permission under the Configurations menu. For more information, see Apps - Instance permissions.
Jupyter Notebook permissions
An interactive notebook environment for creating and running Python-based analyses and automations. Jupyter Notebooks let you explore security data, build custom analytics, and prototype detections.
Caution
Jupyter Data Access (SBAC): Granting access to Jupyter does not bypass dataset restrictions. Users must have the appropriate Scope-Based Access Control (SBAC) dataset permissions to query specific data via the Cortex SDK within their notebooks.
For more information, see Notebooks.
Component | Description | Roles Example |
|---|---|---|
None | No access to Jupyter Notebooks. |
|
View/Edit | Full access to Jupyter Notebooks, including installing, creating, editing, saving, and exporting notebooks. You can also execute Python code and access datasets. |
|
Observability
Observability provides infrastructure and application monitoring capabilities within Cortex XSIAM, leveraging Prometheus-based metrics collection, alerting, and visualization through Grafana integration.
Note
Observability is a Beta feature and is still subject to changes. To enable the feature in your tenant, contact your Customer Support Team.
Component | Description | Roles Example |
|---|---|---|
None | No access to Observability. | SOC Analyst Tier-1, 2, and 3, and Threat Hunters who do not need tool development. |
View/Edit | Full access to Observability, including access to the Observability interface, View Prometheus UI, and Alert Manager. | Security Engineers: Require full access for tool development and configuration. |