Skip to content

Commit 32faddb

Browse files
nastasha-solomonnastasha-solomon
authored
[9.0 & Serverless] New privs for Timelines and notes (elastic#832)
Partially addresses elastic/security-docs#6302 Previews: - [Notes | Grant access to notes](https://docs-v3-preview.elastic.dev/elastic/docs-content/pull/832/solutions/security/investigate/notes#notes-privileges) - New section that explains how to set role access to notes. - [Timeline | Grant access to Timeline](https://docs-v3-preview.elastic.dev/elastic/docs-content/pull/832/solutions/security/investigate/timeline#timeline-privileges) - New section that explains how to set role access to Timeline. Corresponding 8.0 docs: elastic/security-docs#6642
1 parent 736ac42 commit 32faddb

File tree

2 files changed

+6
-0
lines changed

2 files changed

+6
-0
lines changed

solutions/security/investigate/notes.md

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -16,7 +16,9 @@ Incorporate notes into your investigative workflows to coordinate responses, con
1616
Configure the `securitySolution:maxUnassociatedNotes` [advanced setting](/solutions/security/get-started/configure-advanced-settings.md#max-notes-alerts-events) to specify the maximum number of notes that you can attach to alerts and events.
1717
::::
1818

19+
## Grant access to notes [notes-privileges]
1920

21+
You can control access to notes by setting the [{{kib}} privileges](../../../deploy-manage/users-roles/cluster-or-deployment-auth/kibana-privileges.md) for the **Notes** feature under **Security**.
2022

2123
## View and add notes to alerts and events [notes-alerts-events]
2224

solutions/security/investigate/timeline.md

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -22,6 +22,10 @@ You can drag or send fields of interest to a Timeline to create the desired quer
2222
In addition to Timelines, you can create and attach Timeline templates to [detection rules](/solutions/security/detect-and-alert.md). Timeline templates allow you to define the source event fields used when you investigate alerts in Timeline. You can select whether the fields use predefined values or values retrieved from the alert. For more information, refer to [Timeline templates](/solutions/security/investigate/timeline-templates.md).
2323

2424

25+
## Grant access to Timeline [timeline-privileges]
26+
27+
You can control access to Timeline by setting the [{{kib}} privileges](../../../deploy-manage/users-roles/cluster-or-deployment-auth/kibana-privileges.md) for the **Timeline** feature under **Security**.
28+
2529
## Create new or open existing Timeline [open-create-timeline]
2630

2731
To make a new Timeline, choose one of the following:

0 commit comments

Comments
 (0)