This article addresses the following conditions:
Release : 6.x
Component : Privileges
Portal user access to view DIM incidents and events (Authentication, Endpoint Protection, Web Activity) can be controlled by events scoping privileges assigned to users and roles. A portal user must have access to an incident's organization, country, and policy in order to view the incident. For example, if a user has access to view all organizations and all countries but only policy x, the user can only view DIM incidents generated by policy x.
Likewise, incident dashboards based on Analyzer views will return a count of only those incidents to which a portal user has sufficient privileges.
If a portal user is unable to view an incident that is otherwise available to an unrestricted or admin user, or if incident counts in dashboards differ between users, check the privileges for the affected portal user's account and role by navigating in the console to Admin > Privileges > Portal Users. Edit the user and navigate to the Events Scoping section of the Edit Portal User window. Compare the scoping enabled for the user under Organizations, Countries, and Policies to the organization, country, and policy or policies associated with the incident in question. After confirming these settings, navigate to the Portal Roles tab and review the same settings for any role currently assigned to the user.
For more information on events scoping and privileges, refer to the following section of the ICA Administrator Guide:
User and Role Configuration