Skip to main content
Skip table of contents

RBAC Individual Role Breakdown Matrix

The following contains a breakdown of the individual RBAC roles and the actions they are allowed to perform on the sub-urls they relate to.

🔖 Sub-urls in this context would be a hashed url redirect to the sub-module after logging into the main web interface. e.g. when logging into site https://demo.siemonster.io and then proceeding to the XDR module the final url will look like https://demo.siemonster.io/modules/cQK685FFM . In the example /modules/cQK685FFM is the sub-url.These roles and the HTTP function that can be performed on said said sub-url based on the role is shown below.

Service Name: Access Manager

System Name: siemonster-access-manager
Allowed to be viewed in WebUI as Module: false

Role

HTTP Method

policy::read

GET

OPTION

policy::create

POST

policy::modify

PUT

policy::delete

DELETE

main::modify

PATCH

Service Name: Alert Manager

System Name: alertmanager
Allowed to be viewed in WebUI as Module: false

Role

HTTP Method

main::read

GET

OPTION

main::create

POST

main::modify

PUT

PATCH

main::delete

DELETE

Service Name: Alerting

System Name: siemonster-alerting
Allowed to be viewed in WebUI as Module: false

Role

HTTP Method

main::read

GET

main::modify

POST

GET

GET

PUT

main::create

POST

main::delete

DELETE

Service Name: Alerts

System Name: praeco
Allowed to be viewed in WebUI as Module: false

Role

HTTP Method

main::read

GET

OPTION

main::create

POST

main::modify

PUT

PATCH

main::delete

DELETE

Service Name: Attack Map

System Name: attack-map
Allowed to be viewed in WebUI as Module: true

Role

HTTP Method

main::read

GET

OPTION

main::create

POST

main::modify

PUT

PATCH

main::delete

DELETE

Service Name: Auth Gateway

System Name: siemonster-auth-gateway
Allowed to be viewed in WebUI as Module: false

Role

HTTP Method

main::read

GET

OPTION

main::create

POST

main::modify

PUT

PATCH

main::delete

DELETE

Service Name: Backup Manager

System Name: siemonster-backups-manager
Allowed to be viewed in WebUI as Module: false

Role

HTTP Method

main::read

GET

OPTION

main::create

POST

main::modify

PUT

PATCH

main::delete

DELETE

Service Name: Main DB

System Name: mongo
Allowed to be viewed in WebUI as Module: false

Role

HTTP Method

main::read

GET

OPTION

main::create

POST

main::modify

PUT

PATCH

main::delete

DELETE

Service Name: Elastalerting

System Name: elastalert
Allowed to be viewed in WebUI as Module: false

Role

HTTP Method

event::read

GET

OPTION

event::create

POST

event::modify

PUT

event::delete

DELETE

main::modify

PATCH

Service Name: Elastic Monitor

System Name: comrade
Allowed to be viewed in WebUI as Module: true

Role

HTTP Method

main::read

GET

OPTION

main::create

POST

main::modify

PUT

PATCH

main::delete

DELETE

Service Name: Event Processor

System Name: vector
Allowed to be viewed in WebUI as Module: false

Role

HTTP Method

main::read

GET

POST

OPTION

main::modify

PUT

PATCH

main::delete

DELETE

Service Name: Event Search

System Name: kibana
Allowed to be viewed in WebUI as Module: true

Role

HTTP Method

main::read

GET

POST

OPTION

main::modify

PUT

PATCH

main::delete

DELETE

Service Name: Events Db

System Name: alerta-db
Allowed to be viewed in WebUI as Module: false

Role

HTTP Method

event::read

GET

OPTION

event::create

POST

event::modify

PUT

event::delete

DELETE

main::modify

PATCH

Service Name: Hunting Leads

System Name: alerta
Allowed to be viewed in WebUI as Module: false

Role

HTTP Method

event::read

GET

OPTION

event::create

POST

event::modify

PUT

event::delete

DELETE

main::modify

PATCH

Service Name: Exporter

System Name: siemonster-exporter
Allowed to be viewed in WebUI as Module: false

Role

HTTP Method

main::read

GET

OPTION

main::create

POST

main::modify

PUT

PATCH

main::delete

DELETE

Service Name: Incident Response

System Name: thehive
Allowed to be viewed in WebUI as Module: true

Role

HTTP Method

main::read

GET

POST

OPTION

main::modify

PUT

PATCH

main::delete

DELETE

Service Name: Jaeger

System Name: jaeger
Allowed to be viewed in WebUI as Module: false

Role

HTTP Method

main::read

GET

OPTION

main::create

POST

main::modify

PUT

PATCH

main::delete

DELETE

Service Name: Main DB Backup

System Name: mgob
Allowed to be viewed in WebUI as Module: false

Role

HTTP Method

main::read

GET

OPTION

main::create

POST

main::modify

PUT

PATCH

main::delete

DELETE

Service Name: Bucket Management API

System Name: minio
Allowed to be viewed in WebUI as Module: false

Role

HTTP Method

main::read

GET

OPTION

main::create

POST

main::modify

PUT

PATCH

main::delete

DELETE

Service Name: MTAPI

System Name: siemonster-multitenant-api
Allowed to be viewed in WebUI as Module: false

Role

HTTP Method

main::read

GET

OPTION

main::create

POST

main::modify

PUT

PATCH

main::delete

DELETE

Service Name: Prometheus

System Name: prometheus
Allowed to be viewed in WebUI as Module: false

Role

HTTP Method

main::read

GET

OPTION

main::create

POST

main::modify

PUT

PATCH

main::delete

DELETE

Service Name: RabbitMQ

System Name: rabbitmq
Allowed to be viewed in WebUI as Module: false

Role

HTTP Method

main::read

GET

OPTION

main::create

POST

main::modify

PUT

PATCH

main::delete

DELETE

Service Name: Redis

System Name: redis
Allowed to be viewed in WebUI as Module: false

Role

HTTP Method

main::read

GET

OPTION

main::create

POST

main::modify

PUT

PATCH

main::delete

DELETE

Service Name: Scylla Controller

System Name: scylla
Allowed to be viewed in WebUI as Module: false

Role

HTTP Method

main::read

GET

OPTION

main::create

POST

main::modify

PUT

PATCH

main::delete

DELETE

Service Name: Service Manager

System Name: siemonster-services-manager
Allowed to be viewed in WebUI as Module: false

Role

HTTP Method

main::read

GET

OPTION

main::create

POST

main::modify

PUT

PATCH

main::delete

DELETE

Service Name: SIEMonster

System Name: siemonster
Allowed to be viewed in WebUI as Module: false

Role

HTTP Method

URI Path

main::read

POST

^/api/v2/getSettings

GET

^/api/v2/getSettings

POST

^/api/v2/ping

POST

^/api/v2/healthz

POST

^/api/v2/about

POST

^/api/v2/refreshCaptcha

POST

^/api/v2/getTimezones

GET

^/api/v2/saml/login

POST

^/api/v2/saml/login/callback

POST

^/api/v2/saml/getUrl

POST

^/api/v2/account/login

POST

^/api/v2/account/ping

POST

^/api/v2/account/logout

POST

^/api/v2/account/checkToken

GET

^/api/v2/account/checkToken

POST

^/api/v2/account/my/info

POST

^/api/v2/account/my/update

POST

^/api/v2/account/my/updatePassword

POST

^/api/v2/account/my/update2faState

POST

^/api/v2/account/my/pastLoginAttempts

POST

^/api/v2/account/restore

POST

^/api/v2/account/restore/newPassword

POST

^/api/v2/account/state

POST

^/api/v2/license/offline/trial/request

GET

^/api/v2/license/offline/trial/request/file

POST

^/api/v2/license/offline/trial/activate

POST

^/api/v2/license/offline/request

GET

^/api/v2/license/offline/request/file

POST

^/api/v2/license/offline/activate

POST

^/api/v2/license/info

POST

^/api/v2/license/activate

POST

^/api/v2/license/proxy/set

POST

^/api/v2/license/proxy/clear

POST

^/api/v2/feeds/getAll

POST

^/api/v2/feeds/getData

POST

^/api/v2/reporting/checkLicense

POST

^/api/v2/scylla-controller/checkLicense

POST

^/api/v2/widgets-manager/checkLicense

POST

^/api/v2/auth-gateway/checkLicense

POST

^/api/v2/backups-manager/checkLicense

POST

^/api/v2/services-manager/checkLicense

POST

^/api/v2/praeco/getTenants

POST

^/api/v2/praeco/share

POST

^/api/v2/setup/run

POST

^/api/v2/sites/getModulesProbes

POST

^/api/v2/theme/getAll

POST

^/api/v2/theme/palette/getAll

POST

^/api/v2/timezones/search

POST

^/api/v2/assets/getGroups

main::modify

POST

^/api/v2/admin/cluster/nodes

POST

^/api/v2/admin/cluster/namespaces

POST

^/api/v2/admin/feeds/getAll

POST

^/api/v2/admin/feeds/update

POST

^/api/v2/admin/theme/palette/update

POST

^/api/v2/admin/settings/update

POST

^/api/v2/admin/sites/ldap/set

POST

^/api/v2/admin/sites/ldap/test

POST

^/api/v2/admin/sites/ldap/der2pem

POST

^/api/v2/admin/sites/mailgun/set

POST

^/api/v2/admin/sites/mailgun/test

POST

^/api/v2/admin/sites/slack/set

POST

^/api/v2/admin/sites/slack/test

POST

^/api/v2/admin/sites/smtp/set

POST

^/api/v2/admin/sites/smtp/test

POST

^/api/v2/admin/sites/saml/set

POST

^/api/v2/admin/sites/tenant/list

POST

^/api/v2/admin/sites/tenant/get

POST

^/api/v2/admin/sites/tenant/jobs

POST

^/api/v2/admin/sites/tenant/deploy

POST

^/api/v2/admin/sites/tenant/redeploy

POST

^/api/v2/admin/sites/updateSettings

POST

^/api/v2/admin/theme/update

POST

^/api/v2/admin/theme/generate

POST

^/api/v2/admin/users/getAll

POST

^/api/v2/admin/users/update

POST

^/api/v2/admin/users/pastLoginAttempts

POST

^/api/v2/admin/users/reset2fa

POST

^/api/v2/sites/getAll

POST

^/api/v2/tenants/getAll

POST

^/api/v2/assets/getForGroup

POST

^/api/v2/assets/getItem

main::create

POST

^/api/v2/admin/feeds/add

POST

^/api/v2/admin/theme/palette/add

POST

^/api/v2/admin/sites/add

POST

^/api/v2/admin/theme/add

POST

^/api/v2/admin/users/create

main::delete

POST

^/api/v2/admin/feeds/delete

POST

^/api/v2/admin/theme/palette/delete

POST

^/api/v2/admin/sites/tenant/delete

POST

^/api/v2/admin/sites/delete

POST

^/api/v2/admin/theme/delete

POST

^/api/v2/admin/users/delete

Service Name: SOAR

System Name: shuffle
Allowed to be viewed in WebUI as Module: true

Role

HTTP Method

main::read

GET

OPTION

main::create

POST

main::modify

PUT

PATCH

main::delete

DELETE

Service Name: Elasticsearch (system)

System Name: elasticsearch
Allowed to be viewed in WebUI as Module: false

Role

HTTP Method

main::read

GET

OPTION

main::create

POST

main::modify

PUT

PATCH

main::delete

DELETE

Service Name: System Monitor

System Name: grafana
Allowed to be viewed in WebUI as Module: true

Role

HTTP Method

main::read

GET

POST

OPTION

main::modify

PUT

PATCH

main::delete

DELETE

Service Name: Redis (system)

System Name: redis
Allowed to be viewed in WebUI as Module: false

Role

HTTP Method

main::read

GET

OPTION

main::create

POST

main::modify

PUT

PATCH

main::delete

DELETE

Service Name: Threat Analysis

System Name: cortex
Allowed to be viewed in WebUI as Module: true

Role

HTTP Method

main::read

GET

POST

OPTION

main::modify

PUT

PATCH

main::delete

DELETE

Service Name: Threat Intel Db

System Name: misp-db
Allowed to be viewed in WebUI as Module: false

Role

HTTP Method

main::read

GET

OPTION

main::create

POST

main::modify

PUT

PATCH

main::delete

DELETE

Service Name: Threat Intel

System Name: misp
Allowed to be viewed in WebUI as Module: true

Role

HTTP Method

main::read

GET

OPTION

main::create

POST

main::modify

PUT

PATCH

main::delete

DELETE

Service Name: Threat Modeling

System Name: opencti
Allowed to be viewed in WebUI as Module: true

Role

HTTP Method

main::read

GET

POST

OPTION

main::modify

PUT

PATCH

main::delete

DELETE

Service Name: Vulnerability Management DB

System Name: defectdojo-db
Allowed to be viewed in WebUI as Module: false

Role

HTTP Method

main::read

GET

OPTION

main::create

POST

main::modify

PUT

PATCH

main::delete

DELETE

Service Name: Vulnerability Management

System Name: defectdojo
Allowed to be viewed in WebUI as Module: true

Role

HTTP Method

main::read

GET

OPTION

main::create

POST

main::modify

PUT

PATCH

main::delete

DELETE

Service Name: Wazuh Controller

System Name: wazuh
Allowed to be viewed in WebUI as Module: false

Role

HTTP Method

main::read

GET

OPTION

main::create

POST

main::modify

PUT

PATCH

main::delete

DELETE

Service Name: XDR

System Name: wazuh-dashboards
Allowed to be viewed in WebUI as Module: true

Role

HTTP Method

main::read

GET

POST

OPTION

main::modify

PUT

PATCH

main::delete

DELETE

Service Name: Webreporting

System Name: siemonster-webreporting
Allowed to be viewed in WebUI as Module: false

Role

HTTP Method

main::read

GET

POST

OPTION

main::modify

PUT

PATCH

main::delete

DELETE

Service Name: WebUI

System Name: siemonster-webui
Allowed to be viewed in WebUI as Module: false

Role

HTTP Method

main::read

GET

OPTION

main::create

POST

main::modify

PUT

PATCH

main::delete

DELETE

Service Name: Widget Manager

System Name: siemonster-widgets-manager
Allowed to be viewed in WebUI as Module: false

Role

HTTP Method

widget::read

GET

POST

DELETE

PUT

dashboard::read

GET

main::modify

PATCH

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close