In the KUMA web interface, open Settings → Access → Users.
Click the Create new button and set the parameters as described below.
Selecting the Active check box makes the user account active. The toggle switch is turned on by default.
Only users with an Active account can log in to the KUMA web interface. The status of a user account can also change to Inactive automatically, for example, if the maximum allowed number of attempts to log in to the web interface of the application is exceeded and the Blockage period after failed authentication attempts (mins) is set to 0.
In the Name field, enter the user name. The length of the string must be 1 to 128 Unicode characters.
In the Login field, enter a unique user name for the user account. Must contain from 3 to 64 characters (only a–z, A–Z, 0–9, . \ - _).
In the Email field, enter the unique email address of the user. Must be a valid email address.
Select the Receive email notifications check box if you want the user to receive SMTP notifications from KUMA.
Select the Notify about alerts in web interface check box to display alert notifications in the KUMA web interface. Clear this check box if you want to disable notification display. This check box is selected by default.
Select the Display non-printable characters check box to display non-printing characters such as spaces, tab characters, and line breaks in the KUMA web interface. If the Display non-printable characters check box is selected, you can press Ctrl/Command+* to enable or disable the display of non-printing characters.
Spaces and tab characters are displayed in all input fields (except the Description field), in normalizers, correlation rules, filters and connectors, and in SQL queries for searching events in the Events section. Spaces are displayed as dots. A tab character is displayed as a dash in normalizers, correlation rules, filters and connectors. In other fields, a tab character is displayed as one or two dots.
Line break characters are displayed in all input fields that support multi-line input, such as the event search field.
In the New password field, enter a new password. You can enter a password or generate one by clicking the Generate password button. The password must satisfy the following requirements:
At least one special character from the list of special characters in the security policy.
No more than two identical characters in a row.
The password does not contain the login.
The user must change the password when logging in to the KUMA web interface for the first time and subsequently change the password at least once every three months. The General administrator can manage both of these settings in the security policy.
In the Confirm password field, enter the password again for confirmation.
If the User must change password on next login check box is selected, the next time the user attempts to log in to the KUMA web interface, the user must specify the old password and set a new password. After that, the user is allowed to log in to the KUMA web interface with the new password. By default, this check box is selected.
This setting is available only for Active accounts.
You can use this setting, for example, when creating a new user. You can assign a temporary password to the user and select this check box. After the user logs in with a temporary password, KUMA prompts the user to change the password.
You can also make users reset their passwords in the Settings → Access → Users section by selecting users from the list and clicking the Reset password on next login button.
Under Access, use the Add role buttons to assign roles to the user in specific tenants. A user can be assigned different roles in different tenants; multiple roles can be assigned within the same tenant.
In the Space sets drop-down list, select check boxes next to one or more space sets to which you want to grant access. If the user does not have a space set selected, access is granted to the default space set.
If the Do not limit password lifetime check box is selected, the Password lifetime setting does not apply to the user account.
We recommend enabling this setting for a service account, restricting the rights of such an account, and setting a password of maximum complexity. Typically, a user account with an unlimited password lifetime is used for monitoring. When migrating users, you can manually enable this setting for those service accounts that were previously used to display the dashboard.