Layout permissions

Abstract

Configure Layout permissions under Objects.

Controls access within Object Setup (SettingsConfigurationsObject Setup) to the following:

  • Case layouts (CasesLayouts): Visual layout definitions that determine how case data is presented when viewing a case. Layouts define which fields are shown, their arrangement in sections/tabs:

  • Case layout rules (CasesLayout Rules): Rules that determine which layout is applied to a given case based on conditions (e.g., case type, source, severity).

  • Issue layouts (IssuesLayouts): Visual layout definitions that determine how alert data is presented when viewing an issue. Layouts define which fields are shown, their arrangement in sections/tabs, and widget configurations.

  • Issue layout rules (IssuesLayout Rules): Rules that determine which layout is applied to a given issue based on conditions (e.g., issue type, source, severity).

Permission

Description

Roles Example

None

Users have no access to layout configurations or rules. They can see data rendered in assigned layouts, but cannot modify the definitions

  • SOC Tier-1 Analyst: Layout configuration is an administrative function.

  • Threat Hunter: Layout configuration is outside the threat hunting scope.

View

Read-only access to all layout definitions and rules. The user can browse the layouts table (cases and issues) and browse layout rules and conditions.

SOC Tier-2 and 3 Analysts: May need to understand the layout structure for reporting purposes and to know what data is available in different views.

View/Edit

Full read/write access to create, edit, copy, and delete custom layouts and layout rules.

Security Engineer: Designs and implements custom layouts for alerts and incidents; builds the visual experience.