This documentation includes content for releases that might not be available on-premises. For the latest on-premises Console documentation, see the PDF version of Tanium™ Console User Guide version 3.4.59.
When multiple users work with the same saved question, the following factors control which users can see the question, and which question settings and results the users can see:
- User role permissions: To view and edit a saved question, a user must have the required role permissions for the content set to which the question is assigned (see Manage saved questions). Additionally, the following settings in the question configuration interact with role permissions to affect which users can see the question and which other settings they can see::
- Visibility: Determines whether the question is visible only to the owner (question creator) and administrators or to any user who has the required role permissions.
- User-specific configuration changes: When a user saves changes to the question configuration,
Tanium Cloud the Tanium Serversaves a copy of the question. When users sign in to Tanium Cloud the server, the users see only the copy with their own changes.
- Computer group management rights: The computer groups assigned to users, user groups, and personas determine the visibility of the saved question Reissue interval and recent question results.
The following sections describe how these factors determine the visibility of a question and its settings and results, using an example scenario. All the users in this example have the role permissions required to read, create, and edit the question Installed Applications on Windows Workstation. The following table lists the users in the order that they made changes to the question configuration.
To see the question settings described in the following sections, go to Administration > Content > Saved Questions, select a question, and click Edit.
Whether a saved question is visible to users depends on their role permissions and the Visibility option that is selected in the question configuration:
According to RBAC: All users who have the necessary role permissions can see the question. In this example, all the users have the role permissions required to read and edit saved questions in the content set that contains this question. Therefore, this option enables all the users to see the question.
Only the Owner and Admins can see this object: Only users with the Administrator or Content Administrator reserved role, and the question owner (creator), can see the question. In this example, this option enables only Admin1 and Admin2 to see the question.
Figure 1: Saved question Visibility options
Last updated: 9/26/2023 10:15 AM | Feedback