- Advanced Analytics
- Understand the Basics of Advanced Analytics
- Configure Log Management
- Set Up Admin Operations
- Set Up Authentication and Access Control
- Additional Configurations
- Configure Rules
- Exabeam Threat Intelligence Service
- Threat Intelligence Service Prerequisites
- View Threat Intelligence Feeds
- Threat Intelligence Context Tables
- View Threat Intelligence Context Tables
- Assign a Threat Intelligence Feed to a New Context Table
- Create a New Context Table from a Threat Intelligence Feed
- Check ExaCloud Connector Service Health Status
- Exabeam Cloud Telemetry Service
- Manage Security Content in Advanced Analytics
- Health Status Page
Migrate to Universal Role-Based Access
If you are an existing Exabeam Security Operations Platform customer, you are encouraged to migrate from the individualized identity and access management (IAM) of your Exabeam products to universal role-based access. You can continue to use legacy authentication until your organization is prepared to migrate.
Warning
Migration to universal role-based access cannot be reversed.
Prerequisites
Unlike the legacy IAM, universal role-based access requires a unique email address for each user account. If your legacy account configurations do not include email addresses, you need to be prepared to add email addresses to the accounts to complete their migration.
For customers using a third-party identity provider (IdP), you need to have an IdP administrator available to modify the IdP configuration for it to authenticate with universal role-based access.
Universal role-based access does not support migration from LDAP directories. If LDAP is enabled, it needs to be disabled.
You should see a notification about centralizing identity management up the upper-left side of the home page, along with a button to add missing emails. If you do not see this notification, try clearing your cookies or logging in with your browser in incognito/private mode. If the notification still does not appear, contact customer support.
To migrate to universal role-based access:
In the centralized identity management notification banner, click Add missing emails.
The Add Missing Emails page opens. The page lists any accounts that do not have email addresses attached to them.
Click the name of each of the listed users to either add their unique email addresses or delete their accounts.
Important
You should delete the accounts of former employees and/or inactive users.
Click Next and repeat step 2 if needed.
When all of the accounts are ready for migration, the Enable Unified Login page appears.
To proceed with the migration, click Enable.
An email is sent to the migrated users to welcome them to the Exabeam Security Operations Platform. The email includes a link for them to confirm their accounts and set their passwords.
Verify the permissions for your users in the Exabeam Security Operations Platform.
The Exabeam Security Operations Platform provides tailored roles for Advanced Analytics users such as Administrator, Tier 3 Analyst, and Data Privacy Officer. To see all roles, view the Settings > Roles page.
For each user that should have access to Advanced Analytics, review and adjust any roles as desired. For more information, see Administrative Users in the Exabeam Security Operations Platform Guide.