DX Application Performance Management

Hi,

I have a requirement to give "CEM Analyst" rights to different groups ideally on a business Application level.

ie :      Group A can run CEM reports for Business Application A (and all underlying Business Services)

          Group B can run CEM reports for Business Application B (and all underlying Business Services)

and So on ..

We already use EEM to grant groups access to Domains in Introscope.

Looking into whether that can be achieved for CEM - reading the following documentation Securing Introscope using CA EEM - CA Application Performance Management - 9.7 - CA Technologies Documentation im still not clear on the process or whether its possible ?

There is no mention of Business Applications but there is info regarding Business Services, so it looks like the way forward would be to create new EEM policies? - however i'm uncertain about the resource class name for CEM ..

something along the lines of :

<Policy name="Business Application Group A Read" folder="/Policies">

        <Description>Grant Group A access to their Business Applications in CEM for Reporting.</Description>

        <ResourceClassName>???</ResourceClassName>

        <Action>read</Action>

        <Identity>ug:CEM Analyst</Identity>

</Policy>

Am i on the right track here ?

Thanks.

Hi Andy,

If you log into EEM you will see the APM Access Policies & ResourceClassName being used for each.

There is only one for Business Application which has action of "write" and as far as I know there is no way to add any more actions i.e. when you try to add another access policy for Business Application only the "write" action is available.

There may be a design reason for this restriction, but if you can live with just stopping write access to the BusApp you can use it.

Alternatively to stop read you would need to look at the Business Service level which has more granularity

Hope it helps.

Regards,

Lynn

Hi Andy:

Does Lynn's answer help or are there followup questions?

Thanks

Hal German