cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
ITSec1
ITSec1
Level 7
Report Inappropriate Content
Message 1 of 9
‎11-24-2019 02:00 AM

Permission set for purge server task log and compliance history

Jump to solution

Hello, 

I'm using ePO 5.9.1.

I have a server task that purge old events, including server task log and compliance history.

I'm trying configure special permission set for user, so he can run this task, without administrator permission.

"Create, edit, view, run, and terminate any Scheduler task; view Scheduler tasks results in the Server Task Log"  -  for Server Tasks page isn't enough.

What permission is needed to purge server task log and compliance history ?

Thank you.

0 Kudos
Reply
1 Solution

Accepted Solutions
Highlighted
LKS
LKS McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 8 of 9
‎11-25-2019 10:46 PM

Re: Permission set for purge server task log and compliance history

Jump to solution

Hi ITSec1,

I checked internally your permission set issue, we do not have specific entry to provide access to purge server task log.

Reason :

Only Global admin account have a permission for them. it make sense that so many things write into server task log.... like run client tasks, automatic response, all server tasks, wakeup call, etc…  if anyone purges server task log, it means sometimes, it deletes evidence as well.  So ePO is designed in this specific purpose. When we do not have separate entry for server task log purge permission, we cannot give that permission to any particular group.

So it is working as per design.. If you would like to change the way it works, then it will be a PER (Product Enhancement Request).

https://kc.mcafee.com/corporate/index?page=content&id=KB60021

Was my reply helpful?

If you find this post useful, please give it a Kudos! Also, please don't forget to select "Accept as a Solution" if this reply resolves your query!

View solution in original post

0 Kudos
Reply
8 Replies
LKS
LKS McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 9
‎11-24-2019 03:32 AM

Re: Permission set for purge server task log and compliance history

Jump to solution

Hi ITSec1,

Additionally you have to provide access to Client event and Threat event log under permission set. Providing access only to Server task is not enough. You have to provide access to associated action to the task.  However if i add "Purge Server Task log" along with above task, am not able to run the task from the particular user. Without purge server task log am able to run the task.

Let me play around with permission sets and get back to you. 

task.JPG

Was my reply helpful?

If you find this post useful, please give it a Kudos! Also, please don't forget to select "Accept as a Solution" if this reply resolves your query!

0 Kudos
Reply
ITSec1
ITSec1
Level 7
Report Inappropriate Content
Message 3 of 9
‎11-24-2019 04:35 AM

Re: Permission set for purge server task log and compliance history

Jump to solution

Permissions for Client event and Threat event log -  it's obvious.

My problem is permission for:

1. purge server task log

2. purge compliance history

0 Kudos
Reply
LKS
LKS McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 4 of 9
‎11-24-2019 11:00 PM

Re: Permission set for purge server task log and compliance history

Jump to solution

May i know what  compliance history are you referring. Is it a queries and report or are you referring any specific server task.

0 Kudos
Reply
ITSec1
ITSec1
Level 7
Report Inappropriate Content
Message 5 of 9
‎11-25-2019 12:11 AM

Re: Permission set for purge server task log and compliance history

Jump to solution

Purge compliance history is build-in server task action, you can find it on drop down menu.

0 Kudos
Reply
LKS
LKS McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 6 of 9
‎11-25-2019 02:21 AM

Re: Permission set for purge server task log and compliance history

Jump to solution

This is really interesting. I tested myself in my ePO, i gave maximum permissions to that specific user, still i do not get "edit" or "run" option for "purge server task log" task. I added the user to Global Viewer/Group Admin even created a new permission set and provided maximum permission as well, nothing worked. 

@cdinet  any idea on this permission set. Do we require any additional privileges. 

Moreover i do not have built-in Purge compliance history task in my ePO. There are only two built-in task which is 

* Generate Records for McAfee Agent Compliance History Reporting

* VSE: Compliance Over the Last 30 Days

@ITSec1  I will check internally and update you shortly. You may need to log a support ticket to check with Dev. 

Was my reply helpful?

If you find this post useful, please give it a Kudos! Also, please don't forget to select "Accept as a Solution" if this reply resolves your query!

0 Kudos
Reply
ITSec1
ITSec1
Level 7
Report Inappropriate Content
Message 7 of 9
‎11-25-2019 02:50 AM

Re: Permission set for purge server task log and compliance history

Jump to solution

task.jpg

credits to: https://community.mcafee.com/t5/ePolicy-Orchestrator/Automate-deploy-agent-using-Query/td-p/632163 

 
0 Kudos
Reply
Highlighted
LKS
LKS McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 8 of 9
‎11-25-2019 10:46 PM

Re: Permission set for purge server task log and compliance history

Jump to solution

Hi ITSec1,

I checked internally your permission set issue, we do not have specific entry to provide access to purge server task log.

Reason :

Only Global admin account have a permission for them. it make sense that so many things write into server task log.... like run client tasks, automatic response, all server tasks, wakeup call, etc…  if anyone purges server task log, it means sometimes, it deletes evidence as well.  So ePO is designed in this specific purpose. When we do not have separate entry for server task log purge permission, we cannot give that permission to any particular group.

So it is working as per design.. If you would like to change the way it works, then it will be a PER (Product Enhancement Request).

https://kc.mcafee.com/corporate/index?page=content&id=KB60021

Was my reply helpful?

If you find this post useful, please give it a Kudos! Also, please don't forget to select "Accept as a Solution" if this reply resolves your query!

View solution in original post

0 Kudos
Reply
cdinet
cdinet McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 9 of 9
‎11-26-2019 06:18 AM

Re: Permission set for purge server task log and compliance history

Jump to solution

The rule of thumb you can follow with permission sets is this - if you enable everything possible in a permission set for a non-global admin user and they still can't access a specific function, then that function requires global admin rights.  The audit or orion log may show "user does not have permission" entries.

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

Reply
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community


Corporate Headquarters
2821 Mission College Blvd.
Santa Clara, CA 95054 USA

Consumer Support   |   Enterprise Support   |   McAfee.com

Legal   |   Privacy   |   Copyright © 2019 McAfee, LLC