Application Permissions

Applications can request a fixed set of access permissions to your data.
Apps ask for different permissions, depending on the services that an app provides. The following table identifies all possible permissions that an app could ask you to grant.
Permission
Description
Read Logging Service
Allows the app to read any log data stored in your Cortex
Cortex
Data Lake instance.
Write Logging Service
Allows the app to write log data to your Cortex Data Lake instance. This permission allows apps to write custom logs to Cortex Data Lake.
This permission does not allow the app to delete log data stored in Cortex Data Lake. The app can modify log data only if the data was written by the app and cannot modify log data written to Cortex Data Lake by your next-generation firewalls.
Read Event Service
Allows the app to use your Event Service.
The Event Service enables event-driven consumption of your log data. When a log record that matches criteria defined by the app arrives in Cortex Data Lake, the Event Service sends the record to a queue so that the app can retrieve it.
Read Directory Sync Service
Allows the app to use your Directory Sync Service.
The Directory Sync Service allows you to cache a copy of your Active Directory data on Cortex platform. Apps can use this data to provide more detailed information, such as computer names instead of IP addresses and user full names instead of user login names.
For information about the Directory Sync Service, see the Directory Sync Service Getting Started Guide.

Recommended For You