This article addresses the following conditions:

1. A user with portal access to the Information Centric Analytics (ICA) console performs a search using the Global Search field for a specific data in motion (DIM) incident or event ID. No results are returned. A user with administrative privileges is able to successfully perform the same search and view the incident's or event's details.
2. A dashboard widget based on an Analyzer view displays a different incident or event count for different portal users.

Release : 6.x

Component : Privileges

Portal user access to view both DIM incidents and other event types (Authentication, Endpoint Protection, Web Activity) can be controlled by events scoping privileges assigned to users and roles. A portal user must have access to an incident's organization, country, and policy in order to view the incident. For example, if a user has access to view all organizations and all countries but only policy x, the user can only view DIM incidents generated by policy x.

Likewise, incident dashboards based on Analyzer views will return a count of only those incidents to which a portal user has sufficient privileges.

If a portal user is unable to view an incident that is otherwise available to an unrestricted or administrator user, or if incident counts in dashboards differ between users, check the privileges for the affected portal user's account and role by following this procedure:

1. Navigate in the Risk Fabric console to Admin > Privileges > Portal Users
2. Edit the user in question
   The Edit Portal User window opens
3. Navigate to the Events Scoping section of the Edit Portal User window
4. Compare the scoping enabled for the user under Organizations, Countries, and Policies to the organization, country, and policy or policies associated with the incident in question
5. After confirming these settings, navigate to the Portal Roles tab and review the same settings for any role currently assigned to the user

For more information about events scoping and privileges, refer to the User and Role Configuration section of the Symantec ICA Administrator Guide.