Skip Navigation

Restrict access to the API connector

To restrict access to the API connector, you can create a role in the console and set permissions in
Splunk
. If an SOC or IR role exists within
Splunk
, you can skip this section.
  1. Under
    Users and Authentication
    , click
    Settings > Access Controls
    .
  2. Next to
    Roles
    , click
    Add New
    .
  3. For the Role Name, type
    CylanceAPI
    .
  4. With the proper role created, you can set permissions for the role. On the Dashboard, click
    Settings > All Configurations
  5. In the search field, type
    api_connector
    , then click
    Search
    .
  6. Under
    Sharing
    , click
    Permissions
    . The role permissions display.
  7. For the
    Everyone
    role, make sure Read and Write are not selected.
  8. For the
    CylanceAPI
    role, make sure Read is selected. If the role name is different, make sure Read is selected for that role.
  9. Click
    Save
    .