I'm trying to create a user with access to the SIEM application as well as the machine learning detections. However I am incapable of coming up with a privilege combination that would allow this.
So far the only users that are able to create machine learning detections are with the role "superuser".
The user in question has the permissions:
read_ccr, read_ilm, read_slm, manage_ml, monitor_ml
read, write, create_doc, create
Image for reference:
The error message I receive says:
Your visualization has error(s) Machine learning permissions failure Not Found
This happens when the user initially navigates into the SIEM application. The user is furthermore not able to create any machine learning detections. The option is simply greyed out with the text "Unavailable" underneath it.
The Privilege Documentation also does not seem to have a privilege that could help here?
I feel like I'm missing something rather obvious. Any help is greatly appreciated!
There are pre-defined roles for this use-case, namely "machine_learning_user" and "machine_learning_admin"