Re: What does the Alert Assignment Supervisor permission do?
I don't see any documentation that explains what rights each of the Role Privileges grant, the only default role that I see with this Privilege is the Super User role, so you would guess it is not needed by most users.
It may be related to the Alert Assignment function available from the Other Actions menu in the Attack Log, but I'm just guessing here.
You should open an SR with Support to see if they can provide you with additional details.
On older NSM versions, when we used to have the RTTA (Real Time Threat Analyzer), we had the "Incidents" tab that was there for this function - to be able to track the analysis of specific alerts when assigned to a user.
I have just had a look and there does not seem to be the option of tracking analysis, other than adding some comments by the analyst. I've shared this internally to check if we really need this "role" and "feature" given the current options and the fact that most analytics are performed by the SOC analysts at the SIEM level, which provides further correlation capabilities with events coming in from other products/systems/networks.
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.
Community Help Hub
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.