« Cases Open and manage cases »
Elastic Docs Kibana Guide [8.18] Stack Management Cases

Configure access to cases

edit
A newer version is available. Check out the latest documentation.

Configure access to cases

edit

To access cases in Stack Management, you must have the appropriate Kibana privileges:

Action Kibana privileges

Give full access to manage cases and settings
  • All for the Cases feature under Management.
  • All for the Actions and Connectors feature under Management.

The Actions and Connectors feature privilege is required to create, add, delete, and modify case connectors and to send updates to external systems.

By default, All for the Cases feature allows you to have full control over cases, including deleting them, editing case settings, and more. You can customize the sub-feature privileges to limit feature access.

Give assignee access to cases

All for the Cases feature under Management.

Before a user can be assigned to a case, they must log into Kibana at least once, which creates a user profile.

This privilege is also required to add case actions to rules.

Give view-only access to cases

Read for the Cases feature under Management.

You can customize sub-feature privileges for deleting cases and comments, editing case settings, adding case comments and attachments, and re-opening cases.

Revoke all access to cases

None for the Cases feature under Management.

For more details, refer to Kibana privileges.

If you are using an on-premises Kibana deployment and you want the email notifications and the external incident management systems to contain links back to Kibana, you must configure the server.publicBaseUrl setting.

« Cases Open and manage cases »