Audit and Remediation user action permissions

Search for	Example	Results
A single word	`cat`	Topics that contain the word "cat". You will also find its grammatical variations, such as "cats".
A phrase. You can specify that the search results contain a specific phrase.	`"cat food"` (quotation marks)	Topics that contain the literal phrase "cat food" and all its grammatical variations. Without the quotation marks, the query is equivalent to specifying an OR operator, which finds topics with one of the individual words instead of the phrase.

Search for	Operator	Example
Two or more words in the same topic	`AND` `and` `+` (plus symbol) `&` (ampersand)	`cat AND dog` `"cat food"+milk` `"cat food"&"dog food"`
Either word in a topic	`OR` `or` `\|` (pipe)	`cat OR dog` `cat \| dog`
Topics that do not contain a specific word or phrase	`NOT` `not` `!` (exclamation point)	`NOT cat` `! dog`
Topics that contain one string and do not contain another	`^` (caret)	`cat ^ mouse`
A combination of search types	`( )` parentheses	`cat + (dog \| mouse)` `cat \| dog + (! mouse)`

Server Automation10.50

Audit and Remediation user action permissions

The following table lists typical Audit and Remediation user actions and the permissions required to perform them.

Audit and Remediation Permissions Required for User Actions
User Action	Action Permission	OGFS Permission	Server Permission (Customer, Facility, Device Group)
Snapshot Specification
View contents of Snapshot Specification	Manage Snapshot Specification: Read & Write	N/A	Read & Write
Schedule and run a Snapshot Specification	Manage Snapshot Specification: Read & Write	N/A	Read & Write
Create Snapshot Specification	Manage Snapshot Specification: Read & Write	N/A	Read & Write
Create Application Configuration Rule	Manage Snapshot Specification: Read & Write	Write Server File System	Read & Write
Create COM+ Rule	Manage Snapshot Specification: Read & Write	Read COM+ Database	Read & Write
Create Custom Script Rule	Manage Snapshot Specification: Read & Write Allow Create Custom Script Policy Rules: Yes.	Write Server File System	Read & Write
Create Files	Manage Snapshot Specification: Read & Write	Write Server File System	Read & Write
Create IIS Metabase Rule	Manage Snapshot Specification: Read & Write	Read IIS Metabase	Read & Write
Create Registry Rule	Manage Snapshot Specification: Read & Write	Read Server Registry	Read & Write
Link Audit Policy into Snapshot Specification	Manage Snapshot Specification: Read & Write Manage Audit Policy: Read Library Folder: Read	N/A	Read & Write
Import Audit Policy into Snapshot Specification	Manage Snapshot Specification: Read & Write Manage Audit Policy: Read Library Folder: Read	N/A	Read & Write
Save As Audit Policy	Manage Snapshot Specification: Read & Write Manage Audit Policy: Read & Write Library Folder: Read & Write	N/A	Read & Write
Snapshots
View, list contents of a Snapshot	Manage Snapshot: Read Manage Snapshot Specification: Read	N/A	Read
Create Audit from Snapshot	Manage Snapshot: Read Manage Snapshot Specification: Read Manage Audit: Read	N/A	Read
View Archived Snapshot	Manage Snapshot: Read	N/A	Read
Create Audit from archived Snapshot	Manage Snapshot: Read Manage Audit: Read	N/A	Read
Delete Snapshot results	Manage Snapshot: Read & Write	N/A	Read & Write
Detach Snapshot from a server	Allow General Snapshot Management: Yes Manage Snapshot: Read & Write Manage Snapshot Specification: Read	N/A	Read
Remediate Snapshot results	Manage Snapshot: Read Manage Snapshot Specification: Read Allow Remediate Audit/Snapshot Results: Yes	N/A	Read & Write
Remediate Snapshot Results: Application Configuration	Manage Snapshot: Read Allow Remediate Audit/Snapshot Results: Yes Manage Snapshot Specification: Read	Write Server File System	Read & Write
Remediate Snapshot Results: COM+	Manage Snapshot: Read Allow Remediate Audit/Snapshot Results: Yes Manage Snapshot Specification: Read	Read COM+ Database	Read & Write
Remediate Snapshot Results: Custom Scripts	Manage Snapshot: Read Allow Remediate Audit/Snapshot Results: Yes Manage Snapshot Specification: Read	Write Server File System	Read & Write
Remediate Snapshot Results: File System	Manage Snapshot: Read Allow Remediate Audit/Snapshot Results: Yes Manage Snapshot Specification: Read	Write Server File System	Read & Write
Remediate Snapshot Results: Metabase	Manage Snapshot: Read Allow Remediate Audit/Snapshot Results: Yes Manage Snapshot Specification: Read	Read IIS Metabase	Read & Write
Remediate Snapshot Results: Registry	Manage Snapshot: Read Allow Remediate Audit/Snapshot Results: Yes Manage Snapshot Specification: Read	Read Server Registry	Read & Write
Audits
View an Audit	Manage Audit: Read	N/A	Read & Write
Run an Audit	Manage Audit: Read	N/A	Read & Write
Schedule an Audit	Manage Audit: Read	N/A	Read & Write
Create an Audit	Manage Audit: Read & Write	N/A	Read
Create Application Configuration Rule	Manage Audit: Read & Write	Write Server File System	Read & Write
Create COM+ Rule	Manage Audit: Read & Write	Read COM+ Database	Read & Write
Create Custom Script Rule	Manage Audit: Read & Write Allow Create Custom Script Policy Rules: Yes	Write Server File System	Read & Write
Create Discovered Software Rule	Manage Audit: Read & Write Manage Server Modules: Read	N/A	Read & Write
Create Files Rule	Manage Audit: Read & Write	Write Server File System	Read & Write
Create Hardware Rule	Manage Audit: Read & Write	N/A	Read & Write
Create IIS Metabase Rule	Manage Audit: Read & Write	Read IIS Metabase	Read & Write
Create Internet Information Server Rule	Manage Audit: Read & Write	N/A	Read & Write
Create Registered Software Rule	Manage Audit: Read & Write Manage Server Modules: Read	N/A	Read & Write
Create Software Rule	Manage Audit: Read & Write	N/A	Read & Write
Create Weblogic Rule	Manage Audit: Read & Write Manage Server Modules: Read	N/A	Read & Write
Create .NET Framework Configurations Rule	Manage Audit: Read & Write Manage Server Modules: Read	N/A	Read & Write
Create Windows Registry Rule	Manage Audit: Read & Write	Read Server Registry	Read & Write
Create Windows Services Rule	Manage Audit: Read & Write	N/A	Read & Write
Create Windows/UNIX Users and Groups Rule	Manage Audit: Read & Write Manage Server Modules: Read	N/A	Read & Write
Link an Audit Policy into an Audit	Manage Audit: Read & Write Manage Audit Policy: Read SA Client Library Folder: Read	N/A	Read & Write
Import an Audit Policy into an Audit	Manage Audit: Read & Write Manage Audit Policy: Read Library Folder: Read	N/A	Read & Write
Save as Audit Policy	Manage Audit: Read & Write Manage Audit Policy: Read & write Library Folder: Read & Write	N/A	Read & Write
Audit Results
View Audit Results	Manage Audit Results: Read Manage Audit: Read	N/A	Read
View Archived Audit Results	Manage Audit: Read	N/A	Read
Delete Audit Results	Manage Audit Results: Read & Write	N/A	Read & Write
Remediate Audit Results	Manage Audit: Read Manage Audit Results: Read & Write Allow Remediate Audit/Snapshot Results: Yes	N/A	Read & Write
Remediate Audit Results: Application Configuration	Manage Audit: Read Manage Audit Results: Read & Write Allow Remediate Audit/Snapshot Results: Yes	Write Server File System	Read & Write
Remediate Audit Results: COM+	Manage Audit: Read Manage Audit Results: Read & Write Allow Remediate Audit/Snapshot Results: Yes	Read COM+ Database	Read & Write
Remediate Audit Results: Custom Script Rule	Manage Audit: Read Manage Audit Results: Read & Write Allow Remediate Audit/Snapshot Results: Yes	Write Server File System	Read & Write
Remediate Audit Results: Discovered Software	Manage Audit: Read Manage Audit Results: Read & Write Allow Remediate Audit/Snapshot Results: Yes Manage Server Module: Read Allow Execute Server Modules: Yes	N/A	Read & Write
Remediate Audit Results: Files	Manage Audit: Read Manage Audit Results: Read & Write Allow Remediate Audit/Snapshot Results: Yes	Write Server File System	Read & Write
Remediate Audit Results: IIS Metabase	Manage Audit: Read Manage Audit Results: Read & Write Allow Remediate Audit/Snapshot Results: Yes	Read IIS Metabase	Read & Write
Remediate Audit Results: Remediate Internet Information Server	Manage Audit: Read Manage Audit Results: Read & Write Allow Remediate Audit/Snapshot Results: Yes	Read IIS Metabase	Read & Write
Remediate Audit Results: Remediate Discovered Software	Manage Audit: Read Manage Audit Results: Read & Write Allow Remediate Audit/Snapshot Results: Yes Manage Server Module: Read Allow Execute Server Modules: Yes	N/A	Read & Write
Remediate Audit Results: Remediate Software	Manage Audit: Read Manage Audit Results: Read & Write	N/A	Read & Write
Remediate Audit Results: Remediate Weblogic	Manage Audit: Read Manage Audit Results: Read & Write Allow Remediate Audit/Snapshot Results: Yes Manage Server Module: Read Allow Execute Server Modules: Yes	N/A	Read & Write
Remediate Audit Results: Remediate Windows .NET Framework Configurations	Manage Audit: Read Manage Audit Results: Read & Write Allow Remediate Audit/Snapshot Results: Yes Manage Server Module: Read Allow Execute Server Modules: Yes	N/A	Read & Write
Remediate Audit Results: Windows Registry	Manage Audit: Read Manage Audit Results: Read & Write Allow Remediate Audit/Snapshot Results: Yes	Read Server Registry	Read & Write
Remediate Audit Results: Windows Services	Manage Audit: Read Manage Audit Results: Read & Write Allow Remediate Audit/Snapshot Results: Yes	N/A	Read & Write
Remediate Audit Results: Remediate Windows/UNIX Users and Groups	Manage Audit: Read Manage Audit Results: Read & Write Allow Remediate Audit/Snapshot Results: Yes Manage Server Module: Read Allow Execute Server Modules: Yes	N/A	Read & Write

The following table lists the actions that users can perform for each Audit and Remediation permission. It has the same data as the above table, but is sorted by action permission. Although it is not indicated in the following table, the Managed Servers and Groups permission is required for all Audit and Remediation actions.

For security administrators, he following table answers this question: If a user is granted a particular action Audit and Remediation permission, what actions can the user perform?

User Actions Allowed by Audit and Remediation Permissions
Action Permission	User Action	OGFS Permission	Server Permission (Customer, Facility, Device Group)
Allow Create Custom Script Rule Policy: No and Manage Audit: Read	View Custom Script Rule: Audit	N/A	Read
Allow Create Custom Script Rule Policy: Yes and Manage Audit: Read & Write	Create Custom Script Rule: Audit	Write Server File System	Read & Write
Allow Create Custom Script Rule Policy: No and Manage Snapshot: Read & Write	View Custom Script Rule: Snapshot	N/A	Read
Allow Create Custom Script Rule Policy: Yes and Manage Snapshot: Read & Write	Create Custom Script Rule: Snapshot	Write Server File System	Read & Write
Allow General Snapshot Management: Yes	Detach Snapshot from a server	N/A	Read
Manage Snapshot Specification: Read and Allow Remediate Audit/Snapshot Results: No and Manage Audit or Manage Snapshot: Read	View Audit or Snapshot, No Remediation	N/A	Read
Manage Snapshot Specification: Read and Allow Remediate Audit/Snapshot Results: Yes and Manage Audit or Manage Snapshot: Read & Write	Remediate Audit/Snapshot Results	N/A	Read & Write
Manage Snapshot Specification: Read and Allow Remediate Audit/Snapshot Results: Yes and Manage Audit or Manage Snapshot Results: Read & Write	Remediate Application Configuration Rule	Write Server File System	Read & Write
Remediate COM+ Rule	Read COM+ Database	Read & Write
Remediate Custom Script Rule Registry Rule	Write Server File System	Read & Write
Remediate File System Rule	Read IIS Metabase	Read & Write
Remediate IIS Metabase Rule	Read Server Registry	Read & Write
Remediate Windows Registry Rule	Write Server File System	Read & Write
Manage Audit: Read	View, schedule, run Audit	N/A	Read
View, schedule, run Audit with custom scripts in it	N/A	Read & Write
Manage Audit: Read & Write	Create, edit, delete Audit	N/A	Read & Write
Save Audit as Audit Policy	N/A	Read & Write
Link Audit Policy into Audit	N/A	Read & Write
Create Application Configuration Rule	Write Server File System	Read & Write
Create COM+ Rule	Read COM+ Database	Read & Write
Create File System Rule	Write Server File System	Read & Write
Create IIS Metabase Rule	Read IIS Metabase	Read & Write
Create Window Registry Rule	Read Server Registry	Read & Write
Manage Audit: Read & Write and Allow Create Custom Script Policy Rules: Yes	Create Custom Scripts Rule	Write Server File System	Read & Write
Manage Audit: Read & Write and Manage Server Module: Read	Create the following Audit Rules: Discovered Software Registered Software Windows .NET Framework Configurations Windows Users and Groups	N/A	Read & Write
Manage Audit Results: Read	View Audit Results	N/A	Read
Manage Audit Results: Read & Write	Delete Audit Results	N/A	Read & Write
Manage Snapshot Specification: Read & Write	View, schedule, run Snapshot Specification	N/A	Read
View, schedule, run Snapshot Specification with custom scripts in it	N/A	Read & Write
Manage Snapshot Specification: Read & Write	Create, edit, and delete Snapshot Specification	N/A
Save Snapshot Specification as Audit Policy (This action requires Read & Write for the library folder where policy lives.)	N/A
Link Audit Policy Into Audit	N/A	Read & Write
Create Application Configuration Rule	Write Server File System	Read & Write
Create COM+ Rule	Read COM+ Database	Read & Write
Create Discovered Software
Create File System Rule	Write Server File System	Read & Write
Create IIS Metabase Rule	Read IIS Metabase	Read & Write
Create Windows Registry Rule	Read Server Registry	Read & Write
Manage Snapshot Specification: Read & Write and Manage Server Module: Read	Create the following Snapshot Rules: Discovered Software Registered Software Windows .NET Framework Configurations Windows Users and Groups	N/A	Read & Write
Manage Snapshot Specification: Read & Write and Create Custom Script Policy Rule	Create Custom Rule for Snapshot Specification	Write Server File System	Read & Write
Manage Snapshot: Read	View contents of Snapshot	N/A	Read
Manage Snapshot: Read & Write	Delete Snapshot results	N/A	Read & Write
Manage Audit Policy: Read	View contents of Audits and Snapshot Specifications	N/A	Read
Manage Audit Policy: Read & Write	Create, edit Audit Policy	N/A	Read & Write
Create Application Configuration Rule	Write Server File System	Read & Write
Create COM+ Rule	Read COM+ Database	Read & Write
Create File System Rule	Write Server File System	Read & Write
Create IIS Metabase Rule	Read IIS Metabase	Read & Write
Create Windows Registry Rule	Read Server Registry	Read & Write
Manage Audit Policy: Read & Write Manage Server Module: Read	Create the following Snapshot Rules: Discovered Software Registered Software Windows .NET Framework Configurations Windows Users and Groups	N/A	Read & Write
Manage Audit Policy: Read & Write and Allow Create Custom Script Policy Rule	Create Custom Script Rule	Write Server File System	Read & Write

Send Help Center feedback