Security - QuickQueries

All permissions must be set in the configuration file of the groups (either using the console or editing the <groupname>.conf files in $PRODUCT_HOME/security.

Permission Name	Expected Value	Description
Configure	0 or 1	Access the module configuration (requires access to InfoModule as well)
EnableLegacyDashboards	0 or 1	If set, enables legacy dasbhoards. The permission is NOT exposed by default and must be manually added. Only customers upgrading from versions prior to 3.5 should enable legacy dashboards as the feature is deprecated.
ExcludedConditionSlots	A comma separated list of slot names	The list of slots provided here is excluded from the list of slots that are available to define quick queries advanced conditions. This list adds to the list of slots excluded by the ExcludedConditionsSlots parameter value of the module configuration.
ExcludedGraphsSlots	A comma separated list of slot names	The list of slots provided here is excluded from the list of slots that are available as pivots (e.g. displayed as bars) in quick queries. This list adds to the list of slots excluded by the ExcludedGraphSlots parameter value of the module configuration.
HideQueryDetails	0 or 1	Controls whether query details are shown in the graph results window
ManageAllDB	0 or 1	If set, provides entire, unrestricted access to the dashboards defined in the system This is typically an administrator level permission.
ManageAllCA	0 or 1	If set, provides entire, unrestricted access to the carousels defined in the system, This is typically an administrator level permission.
ManageAllRE	0 or 1	If set, provides entire, unrestricted access to the reports defined in the system This is typically an administrator level permission.
ManageAllQQ	0 or 1	If set, provides entire, restricted access to the quick queries (QQ) defined in the system, regardless of other conditions about quick queries below. This is typically an administrator level permission.
ManageAllTS	0 or 1	If set, provides entire, unrestricted access to the table slots (TS) defined in the system, regardless of other conditions about table slots below. This is typically an administrator level permission.
ManageGlobalCA	0 or 1	If set, allows the user to create and modify global carousels.
ManageGlobalDB	0 or 1	If set, allows the user to create and modify global dashboards. Implicity grants “ManageGroupDB” and “ManagePrivateDB”.
ManageGlobalQQ	0 or 1	If set, allows the user to create and modify global quick queries. Implicity grants “ManageGroupQQ” and “ManagePrivateQQ”.
ManageGlobalRE	0 or 1	If set, allows the user to create and modify global reports
ManageGlobalTS	0 or 1	If set, allows the user to create and modify global table slots. Implicity grants “ManageGroupTS” and “ManagePrivateTS”.
ManageGroupCA	0 or 1	If set, allows the user to create and modify group carousels.
ManageGroupDB	0 or 1	If set, allows the user to create and modify group dashboards. Implicity grants “ManagePrivateDB”.
ManageGroupQQ	0 or 1	If set, allows the user to create and modify group quick queries. Implicity grants “ManagePrivateQQ”.
ManageGroupRE	0 or 1	If set, allows the user to create and modify group reports.
ManageGroupTS	0 or 1	If set, allows the user to create and modify group table slots. Implicity grants “ManagePrivateTS”.
ManagerPrivateCA	0 or 1	If set, allows the user to create, modify and run private carousels
ManagePrivateDB	0 or 1	If set, allows the user to create, modify and run private dashboards
ManagePrivateQQ	0 or 1	If set, allows the user to create, modify and run private quick queries.
ManagerPrivateRE	0 or 1	If set, allows the user to create, modify and run private reports
ManagePrivateTS	0 or 1	If set, allows the user to create, modify and use private table slots.
NumberOfQueryCond	0 or a positive integer	If set to 0, there is no restriction on the data that can be queried. If set to 1 or more the parameters StartCond(i), CondSlotName(i), Operator(i), CondValue(i), EndCond(i) where I goes from 1 to the value of NumberOfQueryCond, must be set. See paragraph below for more details.
QQAllowedSources	Comma separated list of cells or DBType	List of data sources (cell(s), database) that the user is authorized to use for quick queries. To specify the database, use the values MySQL, MSSQL or ORACLE, PostgreSQL as appropriate.
QQAllSources	0 or 1	If set, allows all sources (all declared cells and the database if in use) configured for the system. If unset, the list of allowed sources (cell and/or database) must be listed under QQAllowedSources
QQMaxQueryWindow	0 or a positive integer	If set to 0, there is no limit to the size of the timewindow that can be used for a quick query. If set to a positive integer, this integer determines the maximum size (in seconds) of the quick query time window.
Run	0 or1	Provides access to the custom context menu, if it is configured.
RunGlobalDB	0 or 1	If set, allows the user to use global dashboards and reports.
RunGlobalQQ	0 or 1	If set, allows the user to use global quick queries.
RunGlobalTS	0 or 1	If set, allows the user to use global table slots.
RunGroupDB	0 or 1	If set, allows the user to use run group dashboards and reports.
RunGroupQQ	0 or 1	If set, allows the user to use run group quick queries.
RunGroupTS	0 or 1	If set, allows the user to use group table slots.
StartCond1 CondSlotName1 Operator1 CondValue1 EndCond1	(can be empty) A slot name An operator A value (can be empty)	See paragraph below for more details

Setting data restriction conditions on QuickQueries.

The advanced permissions let you restrict data access when running QuickQueries. You can e.g. specify that user group “Oracle” can only query events where “SupportGroup equals ORACLE”. You can also define multiple conditions.

To proceed, follow the procedure below.

1. As an “unrestricted” user, create a QuickQuery and specify, as advanced conditions, the restriction conditions that you want to apply. In our case, run a QuickQuery with the advanced condition “SupportGroup equals ORACLE”.

2. Run then save this query.

3. Open the file containing this Quick Query. You will find it under $PRODUCT_HOME/data/QuickQueries/saved_queries with the name query_<queryname>.ini

4. Copy all the following parameters from that file. (i) represents one or more integer values starting at 1 and ending at the value of the NumberOfQueryCond parameter

a. NumberOfQueryCond

b. StartCond(i)

c. CondSlotName(i)

d. Operator(i)

e. CondValue(i)

f. EndCond(i)

g. JoinCond(i)

For example, to express “SupportGroup equals ORACLE” the values from the file would be as follows:

NumberOfQueryCond=1

StartCond1=””

CondSlotName1=”SupportGroup”

Operator1=”equals”

CondValue1=”ORACLE”

EndCond1=””

JoinCond1=””

5. Paste the copied contents into the file corresponding to the user group where the restriction applies, under the “[QuickQueries]” section. Make sure there are no duplicates. The user group file can be found under $PRODUCT_HOME/security/<groupname>.conf

6. Save the modified file.

7. Delete (or not) the query created for the purpose of this manipulation.

Legal notice

Release Notes

Concepts

Architecture

Deployment options

General HW and SW Prerequisites

Additional prerequisites by module

Required network ports

Installation

Upgrading from version 21.05 and above

Upgrading from earlier versions

Configuration basics

Console usage

General administration procedures

General configuration

Security

Overview

Creating Quick Queries

Creating Query Sets

Scheduling Queries and Reports

TrueSight dashboard integration

Database import

Virtual slots

Cross-launch

Module Reference - QuickQueries

Security - QuickQueries

Overview

Creating a calendar

Module Reference - Calendar for TrueSight

Security - Calendar for TrueSight

Overview

Managing the host list

Advanced configuration

Custom blackouts

Managing blackouts using the event API

Blackout profiles

CI blackouts

Module reference - Blackout for TrueSight

Security - Blackout for TrueSight

Overview

Creating a new module

Configuring Data Editor

Excel import/export

Backup/Restore

Module Reference - Data Editor for TrueSight

Security - Data Editor for TrueSight

Overview

Running replications

Module Reference - DDA Replication for TrueSight

Security - DDA Replication for TrueSight

Overview

Creating a calendar

Module Reference - Calendar for BHOM

Security - Calendar for BHOM

Overview

Creating a new module

Configuring Data Editor

Test Events

Module Reference - Data Editor for BHOM

Security - Data Editor for BHOM

Overview

Module reference - Blackout for BHOM

Security - Blackout for BHOM

Overview

Creating a new module

Configuring Enrichment maps

Module Reference - Enrichment maps for BigPanda

Security - Enrichment maps for BigPanda

Overview

Creating a new module

Configuring Alert tags

Module Reference - Alert Tags for BigPanda

Security - Alert Tags for BigPanda

Overview

Module reference - Blackout for BigPanda

Security - Blackout for BigPanda

Overview

Initial configuration

Reporting

Monitoring Configuration