IMPORTANT: No additional bug fixes or documentation updates will be released for this version. For the latest information, see the current release documentation.
Elastic Docs Observability Guide [8.6] Cases
« Cases Open and manage new cases »

Configure access to casesedit

To access and send cases to external systems, you need the appropriate license, and your role must have the Cases Kibana privilege as a user for the Observability feature.

Here are the minimum required privileges:

Action Kibana Privileges

Give full access to manage cases
  • All for the Cases feature under Observability.
  • All for the Actions and Connectors feature under Management.

Roles without All Actions and Connectors feature privileges cannot create, add, delete, or modify case connectors.

Give assignee access to cases

All for the Cases feature under Observability.

Before a user can be assigned to a case, they must log into Kibana at least once, which creates a user profile.

Give view-only access for cases

Read for the Cases feature under Observability.

Give access to view and delete cases

Read for the Cases feature under Observability with the deletion sub-feature enabled.

These privileges also enable you to delete comments and alerts from a case.

Revoke all access to cases

None for the Cases feature under Observability.

If you are using an on-premises Kibana deployment and want your email notifications and external incident management systems to contain links back to Kibana, configure the server.publicBaseUrl setting.

For more details, refer to feature access based on user privileges.

cases privileges
« Cases Open and manage new cases »