Configure access to cases in Elastic Observability

To access and send cases to external systems, you need the appropriate license, and your role must have the Cases Kibana privilege as a user for the Observability feature.

For more details, refer to feature access based on user privileges.

×

Below are the minimum required privileges for some common use cases.

• All for the Cases feature under Observability.

• All for the Actions and Connectors feature under Management.

  Note

  Roles without All Actions and Connectors feature privileges cannot create, add, delete, or modify case connectors.

  By default, All for the Cases feature allows you to have full control over cases, including deleting them, editing case settings, and more. You can customize the sub-feature privileges to limit feature access.

• All for the Cases feature under Observability.

  Note

  Before a user can be assigned to a case, they must log into Kibana at least once, which creates a user profile.

• Read for the Cases feature under Observability.

  Note

  You can customize sub-feature privileges for deleting cases, deleting alerts and comments from cases, editing case settings, adding case comments and attachements, and re-opening cases.

• All for the Cases feature under Observability.
• Read for an Observability feature that has alerts.

• None for the Cases feature under Observability.