Data Permissions

Updated
  • Updated on Sep 24, 2025
  • Published on Jun 10, 2021
  • 1 minute(s) read
  • AH
  • AC
 Prev Next

Overview

Data permissions allow administrators to control user access to different types of data within the system by assigning permissions to User Groups. Users can only view dashboard results that align with the combined permissions from all their assigned user groups.

There are two primary data types for which permissions can be configured:

  • Session data.
  • Capture (or per-packet intel) data.

Session Data Access

Session data permissions utilize metadata filtering to control user access.

The following logical operators apply:

  • Multiple values within the same metadata category: OR logic.
  • Different metadata categories: AND logic.

Example: (region = east OR central) AND (customer = Roger)

image.png

Restrictions apply based on user group membership; end users are not notified when filters limit what they see.

IMPORTANT

By default, session data access is not restricted. If no metadata-based permissions are provisioned, users will have unrestricted access to all session data.

Capture Data Access

Capture or per-packet intel data permissions can be configured based on:

  • Capture sensor device.
  • Zone.
  • Applications.

image.png

IMPORTANT

By default, capture data permissions are restrictive. If no permissions are granted, users will not be able to access any capture data due to the sensitivity of information.

Provisioning Data Access

To configure data access for a user group:

  1. Go to Accounts > User groups.
  2. Select the user group. The details sidebar appears.
  3. Configure Capture data access:
    • Check the Enabled box.
    • For Capture device allowlist, Zone allowlist, and Application allowlist:
      • Click the filter icon.
      • Search for and select the relevant capture data.
      • Click the checkmark to confirm your selection.
Grant Access to All Capture Data

Tip: To grant access to all capture data, select the Enabled checkbox and do not apply any restrictions.
image.png

  1. Configure Session data access. For Session metadata allowlist:
    • Click the filter icon.
    • Search for and select the desired metadata filters.
    • Click the checkmark to confirm your selection.
  2. Click the checkmark icon in the upper-right corner of the details sidebar to save and apply your changes.

© 2025 Cisco and/or its affiliates. All rights reserved.

For more information about trademarks, please visit: Cisco trademarks
For more information about legal terms, please visit: Cisco legal terms
For legal information about Accedian Skylight products, please visit: Accedian legal terms and trademarks