RBAC Query

I wish to grant some users the ability to manage security alert statuses and create cases, but i dont want them to be able to change any security rule settings. From what i can see i can only either give them full rights over alerts and the rule, or no rights over alert statuses and rule configuration.

Can anyone advise ?

Many thanks

From Kibana to SIEM

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.