What is the minimum privilege for send sam rule from API? We don't want to do this with admin account. Is this possible?
Any advice about this issue would be appreciated.
As far as I know, the only way to set a SAM rule is to run a script on the gateway that executes fw sam (or similar).
In which case, I assume the permission that's required is for run-script, which I believe is the following:
GAIA users with "adminRole" can add SAM rules with CLISH.
Other options are:
- Automatic Reactions with SmartEvent - and then no one needs to manually do the SAM thing
- IOC API
Retrieving data ...