Users and authorization

To access the web interface and its API, Seer Box allows you to create users and user groups through which you can manage permissions to view and edit different sections and objects.

Each endpoint exposed by Seer Box requires authentication, except for firewall feeds which are otherwise freely accessible (see the Firewall Management section for more details).

On first startup Seer Box will automatically create the admin user and the admins user group to which it will belong. The credentials for such user are:

Username

admin

Password

SeerBox_4dm1n

warning

After the first login, it is recommended to change the default password of the admin user.

The admins group cannot be edited or deleted. Users in this group will have maximum administrative privileges.

Permissions

Seer Box enables you to assign different permissions to each group, granting access to specific sections and control over various software components.

The available permissions are categorized into two groups: the Generic Permissions*, which are not linked with one or more domain groups, and the Domain Group Permissions*, which are associated with them instead. See the Domain groups section for more details.

Generic permissions

• Handle assets: it allows the user to view, add, edit, or delete hosts or domain groups.
• Handle traffic sources: it allows the user to view, add, edit, or delete traffic sources.
• Handle users: it allows the user to view, add, edit, or delete users.
• Handle groups: it allows the user to view, add, edit, or delete user groups.
• Handle firewalls: it allows the user to view, add, edit, or delete firewalls.
• Handle notifications: it allows the user to view, add, edit, or delete notifications.
• Load application rules: it allows translation and sending of application rules to the enabled WAF.
• Load network rules: it allows translation and sending of network rules to the enabled firewall.

Domain group permissions

• Explore alerts: it allows the user to view alerts related to one or more domain groups.
• Handle rules: it allows the user to view, add, edit, or delete rules related to one or more domain groups, as well as those not associated with any of them.
• Explore transactions: it allows the user to view HTTP traffic related to one or more domain groups.
• Explore trends: it allows the user to view metrics and trends related to one or more domain groups.
• Handle reports: it allows the user to view, add, or delete report schedules related to one or more domain groups, as well as view or delete resulting reports. Each user has visibility only to their own schedules and related reports.

The admins group

The admins group is automatically created by the system upon first startup and cannot be modified or removed.

It possesses the highest administrative privileges, which include all the permissions mentioned so far, plus:

• Ability to view audit logs related to the management of alerts, rules and legitimates.
• Ability to modify system settings found in the Settings - General, Settings - Detection, and Settings - Network rules sections.
• Ability to add or modify the license.

Additionally, users belonging to the admins group will be able to manage the scheduling and related reports associated with any user.

Users

User management (creation, modification, or deletion) is only allowed for users in the admin group or users belonging to a group with permissions to manage users (Handle users).

Create a user

From Seer Box web interface

1. Access the Settings - Users section: in this page you can view the list of already created users.

2. Click on the Create user button in the top right corner of the page.

3. Enter data:

   • Enable user - switch to enable or disable a user. If disabled, the user will not be able to authenticate.
   • Username - user's username. It can contain alphanumeric characters and the following symbols . _. It must be different from the usernames of existing users.
   • E-mail - user's email. It must be different from the emails of existing users.
   • First name - user's first name, useful for identification. Not mandatory.
   • Last name - user's last name, usefule for identification. Not mandatory.
   • Authentication type - user's type.
   • Password/Password confirmation - user's password. It must be between 10 and 72 characters long and contain at least one lowercase letter, one uppercase letter, one number, and one symbol from the following ! ? @ # $ % ^ & * _.

4. Click on the Save button in the upper right corner of the page.

The new user will be listed on the summary page.

Edit a user

From Seer Box web interface

1. Access the Settings - Users section: in this page you can view the list of already created users.

2. Click on the Edit button with a pencil icon located on the right end of the user you want to edit.

3. Edit the chosen fields.

4. Click on the Save button in the upper right corner of the page.

Delete a user

warning

Deleting a user is an irreversible operation: once done it is necessary to repeat the creation operation to restore the item.

If you want to disable the user without deleting the configuration, it is enough to modify the item by unchecking the Enable user switch.

From Seer Box web interface

1. Access the Settings - Users section: in this page you can view the list of already created users.

2. Select one or more users to delete by clicking on the checkbox located at the left end of each item.

3. As soon as at least one item is selected, the Delete button with a trash can icon appears in the upper right corner of the users' list.

4. Clicking this button displays a modal summarizing the operation. Click the Confirm button to confirm.

User groups

User groups management (creation, modification, or deletion) is only allowed for users in the admin group or users belonging to a group with permissions to manage groups (Handle groups).

Create a user group

From Seer Box web interface

1. Access the Settings - Authorization section: in this page you can view the list of already created user groups.

2. Click on the Create group button in the top right corner of the page.

3. Enter data:

   • Name - the name of the user group. It must be different from existing groups.
   • Description - a description that provides additional information about the group.
   • Users - a set of user's usernames associated with the group.
   • Generic permissions - a set of switches that allow assigning the group various permissions of that type.
   • Domain group permissions - a pair of fields that allows assigning permissions of that type by associating them with one or more domain groups. The Add permission button confirms the associations, which are summarized in the table below. Multiple permissions can be selected and associated with same domain groups.

4. Click on the Save button in the upper right corner of the page.

The new user group will be listed on the summary page.

Edit a user group

From Seer Box web interface

1. Access the Settings - Authorization section: in this page you can view the list of already created user groups.

2. Click on the Edit button with a pencil icon located on the right end of the group you want to edit.

3. Edit the chosen fields.

4. Click on the Save button in the upper right corner of the page.

Delete a user group

warning

Deleting a user group is an irreversible operation: once done it is necessary to repeat the creation operation to restore the item.

Deleting a group does not delete individual users that belong to the group.

From Seer Box web interface

1. Access the Settings - Authorization section: in this page you can view the list of already created user groups.

2. Select one or more groups to delete by clicking on the checkbox located at the left end of each item.

3. As soon as at least one item is selected, the Delete button with a trash can icon appears in the upper right corner of the groups' list.

4. Clicking this button displays a modal summarizing the operation. Click the Confirm button to confirm.