Home
EN
Location
Documentation Home
Palo Alto Networks
Support
Live Community
Knowledge Base
MENU
Home
Security Operations
Cortex XSOAR
Cortex XSOAR Administrator’s Guide
Incidents
Incident Management
Incident Access Control Configuration
Limit Access to Investigations using RBAC
Document:
Cortex XSOAR Administrator’s Guide
Limit Access to Investigations using RBAC
Download PDF
Last Updated:
Sat Mar 05 23:12:46 PST 2022
Current Version:
6.0 (EoL)
Version 6.6
Version 6.5
Version 6.2
Version 6.1 (EoL)
Version 6.0 (EoL)
Version 5.5 (EoL)
End-of-Life (EoL)
Previous
Next
Limit Access to Investigations using RBAC
Follow these steps to limit access to investigations using Role-based Access Control.
When you define access to an investigation according to Cortex XSOAR’s roles, only users with that role can view and access the investigation.
In the
Incident
page, select the incident you want to restrict access.
In the CLI, type
/incident_set roles=
name of the role
.
To check that the role was assigned to the incident, click the
War Room
tab.
(
Optional
) For automations:
Use the
setIncident
command in a playbook.
Specify the roles that you want to have access to the incident investigation.
Previous
Next
Recommended For You
Recommended Videos
Recommended videos not found.
