User Roles and Permissions

In LightBeam Playbooks Alerts 2.1, user roles and permissions have been enhanced to provide a role-based approach to alert management which enhances security, productivity, and collaboration in handling alerts and resolving potential issues. The two primary user roles are "Admin" and "Alert Owner," each with their dedicated views and permissions. The division of views and permissions ensures a structured and efficient approach to alert management.

Admin View

The Admin View is designed for administrators with overarching control and visibility over the entire alert management system. Administrators have access to a centralized interface that allows them to manage and oversee all alerts and sub-alerts across the organization.

Permissions and Capabilities

Access to all data sources: Administrators have unrestricted access to all connected data sources, enabling them to monitor and manage alerts originating from any source.
Full visibility of alerts: The Admin View provides a comprehensive overview of all alerts generated within the system, regardless of their assignment or status.
Management of sub-alerts: Administrators can view and manage sub-alerts across all data sources and users. They can assign sub-alerts to specific alert owners, reassign them as needed, and track their progress.
Bulk actions on sub-alerts: The Admin View supports bulk actions, allowing administrators to perform actions on multiple sub-alerts simultaneously. This includes reassigning, resolving, muting, or adding sub-alerts to the permit list or no-scan list.
User management: Administrators have the ability to onboard new users, assign roles (including the "Alert Owner" role), and manage user permissions and access rights.
Configuration and settings: The Admin View provides access to system-wide configuration options, such as alert assignment settings, notification preferences, and integration with external systems.

Learn more about the Admin View.

Alert Owner View

The Alert Owner View is a dedicated interface for users who have been assigned the "Alert Owner" role. This view focuses on the specific sub-alerts assigned to each alert owner, providing a streamlined and personalized experience for managing and resolving alerts.

Permissions and Capabilities

Access to assigned sub-alerts: Alert owners have access to a personalized view that displays only the sub-alerts specifically assigned to them.
Detailed sub-alert information: The Alert Owner View provides detailed information about each assigned sub-alert, including the affected data source, rule set, and impacted objects.
Actions on assigned sub-alerts: Alert owners can perform various actions on their assigned sub-alerts, such as resolving them, reassigning them to other users, adding them to the permit list or no-scan list, or muting them temporarily.
Collaboration and communication: Alert owners can add comments and notes to sub-alerts, facilitating collaboration and communication with other team members involved in the resolution process.
Progress tracking: The Alert Owner View allows alert owners to update the status and progress of their assigned sub-alerts, providing visibility into the resolution lifecycle.

Learn more about the Alert Owner View.

PreviousLevels of Actions on Alerts NextAdmin View

Last updated 1 year ago

User Roles and Permissions

Admin View

Permissions and Capabilities

Access to all data sources: Administrators have unrestricted access to all connected data sources, enabling them to monitor and manage alerts originating from any source.
Full visibility of alerts: The Admin View provides a comprehensive overview of all alerts generated within the system, regardless of their assignment or status.
Management of sub-alerts: Administrators can view and manage sub-alerts across all data sources and users. They can assign sub-alerts to specific alert owners, reassign them as needed, and track their progress.
Bulk actions on sub-alerts: The Admin View supports bulk actions, allowing administrators to perform actions on multiple sub-alerts simultaneously. This includes reassigning, resolving, muting, or adding sub-alerts to the permit list or no-scan list.
User management: Administrators have the ability to onboard new users, assign roles (including the "Alert Owner" role), and manage user permissions and access rights.
Configuration and settings: The Admin View provides access to system-wide configuration options, such as alert assignment settings, notification preferences, and integration with external systems.

Learn more about the Admin View.

Alert Owner View

Permissions and Capabilities

Access to assigned sub-alerts: Alert owners have access to a personalized view that displays only the sub-alerts specifically assigned to them.
Detailed sub-alert information: The Alert Owner View provides detailed information about each assigned sub-alert, including the affected data source, rule set, and impacted objects.
Actions on assigned sub-alerts: Alert owners can perform various actions on their assigned sub-alerts, such as resolving them, reassigning them to other users, adding them to the permit list or no-scan list, or muting them temporarily.
Collaboration and communication: Alert owners can add comments and notes to sub-alerts, facilitating collaboration and communication with other team members involved in the resolution process.
Progress tracking: The Alert Owner View allows alert owners to update the status and progress of their assigned sub-alerts, providing visibility into the resolution lifecycle.

Learn more about the Alert Owner View.

PreviousLevels of Actions on Alerts NextAdmin View

Last updated 1 year ago