cancel
Showing results for 
Search instead for 
Did you mean: 
ITSec1
Level 7
Report Inappropriate Content
Message 1 of 9

Permission set for purge server task log and compliance history

Jump to solution

Hello, 

I'm using ePO 5.9.1.

I have a server task that purge old events, including server task log and compliance history.

I'm trying configure special permission set for user, so he can run this task, without administrator permission.

"Create, edit, view, run, and terminate any Scheduler task; view Scheduler tasks results in the Server Task Log"  -  for Server Tasks page isn't enough.

What permission is needed to purge server task log and compliance history ?

Thank you.

1 Solution

Accepted Solutions
Highlighted
McAfee Employee LKS
McAfee Employee
Report Inappropriate Content
Message 8 of 9

Re: Permission set for purge server task log and compliance history

Jump to solution

Hi ITSec1,

I checked internally your permission set issue, we do not have specific entry to provide access to purge server task log.

Reason :

Only Global admin account have a permission for them. it make sense that so many things write into server task log.... like run client tasks, automatic response, all server tasks, wakeup call, etc…  if anyone purges server task log, it means sometimes, it deletes evidence as well.  So ePO is designed in this specific purpose. When we do not have separate entry for server task log purge permission, we cannot give that permission to any particular group.

So it is working as per design.. If you would like to change the way it works, then it will be a PER (Product Enhancement Request).

https://kc.mcafee.com/corporate/index?page=content&id=KB60021

Was my reply helpful?

If you find this post useful, please give it a Kudos! Also, please don't forget to select "Accept as a Solution" if this reply resolves your query!

View solution in original post

8 Replies
McAfee Employee LKS
McAfee Employee
Report Inappropriate Content
Message 2 of 9

Re: Permission set for purge server task log and compliance history

Jump to solution

Hi ITSec1,

Additionally you have to provide access to Client event and Threat event log under permission set. Providing access only to Server task is not enough. You have to provide access to associated action to the task.  However if i add "Purge Server Task log" along with above task, am not able to run the task from the particular user. Without purge server task log am able to run the task.

Let me play around with permission sets and get back to you. 

task.JPG

Was my reply helpful?

If you find this post useful, please give it a Kudos! Also, please don't forget to select "Accept as a Solution" if this reply resolves your query!

ITSec1
Level 7
Report Inappropriate Content
Message 3 of 9

Re: Permission set for purge server task log and compliance history

Jump to solution

Permissions for Client event and Threat event log -  it's obvious.

My problem is permission for:

1. purge server task log

2. purge compliance history

McAfee Employee LKS
McAfee Employee
Report Inappropriate Content
Message 4 of 9

Re: Permission set for purge server task log and compliance history

Jump to solution

May i know what  compliance history are you referring. Is it a queries and report or are you referring any specific server task.

ITSec1
Level 7
Report Inappropriate Content
Message 5 of 9

Re: Permission set for purge server task log and compliance history

Jump to solution

Purge compliance history is build-in server task action, you can find it on drop down menu.

McAfee Employee LKS
McAfee Employee
Report Inappropriate Content
Message 6 of 9

Re: Permission set for purge server task log and compliance history

Jump to solution

This is really interesting. I tested myself in my ePO, i gave maximum permissions to that specific user, still i do not get "edit" or "run" option for "purge server task log" task. I added the user to Global Viewer/Group Admin even created a new permission set and provided maximum permission as well, nothing worked. 

@cdinet  any idea on this permission set. Do we require any additional privileges. 

Moreover i do not have built-in Purge compliance history task in my ePO. There are only two built-in task which is 

* Generate Records for McAfee Agent Compliance History Reporting

* VSE: Compliance Over the Last 30 Days

@ITSec1  I will check internally and update you shortly. You may need to log a support ticket to check with Dev. 

Was my reply helpful?

If you find this post useful, please give it a Kudos! Also, please don't forget to select "Accept as a Solution" if this reply resolves your query!

ITSec1
Level 7
Report Inappropriate Content
Message 7 of 9

Re: Permission set for purge server task log and compliance history

Jump to solution
Highlighted
McAfee Employee LKS
McAfee Employee
Report Inappropriate Content
Message 8 of 9

Re: Permission set for purge server task log and compliance history

Jump to solution

Hi ITSec1,

I checked internally your permission set issue, we do not have specific entry to provide access to purge server task log.

Reason :

Only Global admin account have a permission for them. it make sense that so many things write into server task log.... like run client tasks, automatic response, all server tasks, wakeup call, etc…  if anyone purges server task log, it means sometimes, it deletes evidence as well.  So ePO is designed in this specific purpose. When we do not have separate entry for server task log purge permission, we cannot give that permission to any particular group.

So it is working as per design.. If you would like to change the way it works, then it will be a PER (Product Enhancement Request).

https://kc.mcafee.com/corporate/index?page=content&id=KB60021

Was my reply helpful?

If you find this post useful, please give it a Kudos! Also, please don't forget to select "Accept as a Solution" if this reply resolves your query!

View solution in original post

McAfee Employee cdinet
McAfee Employee
Report Inappropriate Content
Message 9 of 9

Re: Permission set for purge server task log and compliance history

Jump to solution

The rule of thumb you can follow with permission sets is this - if you enable everything possible in a permission set for a non-global admin user and they still can't access a specific function, then that function requires global admin rights.  The audit or orion log may show "user does not have permission" entries.

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

More McAfee Tools to Help You

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community