Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Response Ops] Scope Privilege for ServiceNow SIR #170165

Closed
XavierM opened this issue Oct 30, 2023 · 3 comments · Fixed by #173941
Closed

[Response Ops] Scope Privilege for ServiceNow SIR #170165

XavierM opened this issue Oct 30, 2023 · 3 comments · Fixed by #173941
Assignees
@lcawl
Labels
docs enhancement New value added to drive a business result Team:ResponseOps Label for the ResponseOps team (formerly the Cases and Alerting teams)

Comments

@XavierM
Copy link
Contributor

XavierM commented Oct 30, 2023

When testing a new SIR instance from service now, we realized that we need to add privilege's scope for our application Elastic for Security Operations. We should add in the documentation these steps to make sure that our Elastic for Security Operations app is working correctly under service now for our user.

First, you will need to pick the application scope: Elastic for Security Operations.
image

Then, in the ALL category you can search for sys_scope_privilege_list and type `ENTER
image

Verify that you have all the same privileges than below to have Elastic for Security Operations to work correctly
image
@XavierM XavierM added enhancement New value added to drive a business result Team:ResponseOps Label for the ResponseOps team (formerly the Cases and Alerting teams) docs labels Oct 30, 2023
@elasticmachine
Copy link
Contributor

Pinging @elastic/response-ops (Team:ResponseOps)

@XavierM XavierM mentioned this issue Oct 30, 2023
Open
@lcawl lcawl self-assigned this Oct 30, 2023
@cnasikas
Copy link
Member

cnasikas commented Nov 1, 2023
edited
Loading

You must search for sys_scope_privilege.list and press Enter to see the cross scope privilege table. Nevertheless, we should only document which cross scope privileges are needed. They can refer to the SN documentation of how to do it.

@lcawl
Copy link
Contributor

lcawl commented Dec 13, 2023

For the full table of privileges required, see #172533 (comment)

@lcawl lcawl mentioned this issue Dec 22, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@lcawl lcawl

Labels
docs enhancement New value added to drive a business result Team:ResponseOps Label for the ResponseOps team (formerly the Cases and Alerting teams)
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

[Connectors][ServiceNow SecOps] Automate screenshots, add cross-scope privileges lcawl/kibana
4 participants
@XavierM @cnasikas @elasticmachine @lcawl