Previous Topic: Sample Policies for Custom IntegrationsNext Topic: Services and CA Adapters

Administration GuideCustom Roles and PoliciesSample Policies for Suppression and Summarization Rules

Sample Policies for Suppression and Summarization Rules

You can authorize non-Administrators to create custom suppression rules and custom summarization rules by creating one custom role, one CALM policy and one scoping policy. You can give other non-Administrators the ability to view custom suppression rules and custom summarization rules by creating an additional custom role with an associated scoping policy. You add both custom roles to the CALM Application Access policy and assign users to these roles.

The following example procedure shows you how to do this.

  1. Create an application user group called Create-SUP-SUM-Rules.
  2. Create an application user group called View-SUP-SUM-Rules.
  3. Grant both roles access to the CA User Activity Reporting Module product.

    CALM application access for both groups.

  4. Create a CALM policy that grants Create-SUP-SUM-Rules users the ability to create summarization and suppression rules or import them while logged on to CA User Activity Reporting Module.

    EventGrouping-Create policy

  5. Create a scoping policy that grants Create-SUP-SUM-Rules users the ability to view or edit custom summarization or suppression rules that have been saved to the EEM folder, /CALM_Configuration/Content/Rules/Suppression or /CALM_Configuration/Content/Rules/Summarization.

    View-Edit-SUP-SUM-Rules policy.

    Filter for View-Edit-SUP-SUM Rules.

  6. Create a scoping policy that grants View-SUP-SUM-Rules users the ability to view custom summarization or suppression rules.

    View-SUP-SUM-Rules policy grants read only access.

    Filter for View-Edit-SUP-SUM Rules.

  7. Test the policies
  8. Assign users to the new roles. For example, external auditors may want to be able to view your summarization and suppression rules. To permit this, you could assign a role similar to View-Sup-Sum-Rules to such users.

An alternative to creating two new roles explicitly for the create/edit/view task and the view-only task is to expand the roles of the predefined Analyst and Auditor roles. For example, you could eliminate steps 1, 2, 3, and 8 of the previous procedure and instead assign the Analyst as the identity to EventGrouping Create policy and View-Edit-SUP-SUM-Rules and assign the user group Auditor as the identity to View-SUM-SUP-Rules.

More information:

Create an Application User Group (Role)

Grant a Custom Role Access to CA User Activity Reporting Module

Test a New Policy

Assign a Role to a Global User