About Organizations Sharing Rules#
Sharing rules determine how cases, along with their tasks and observables, are shared with linked organizations.
This topic explains how sharing rules work and interact.
Global sharing rules#
Required permissions for managing organizations
- Only users with an admin-type profile that has the
manageOrganisationpermission can create, link, or lock organizations in TheHive. - Only users with the
manageUserpermission can assign users to organizations in TheHive.
Global sharing rules define how newly created cases and their related tasks and observables are shared at the organization level with linked organizations. The configuration determines whether this sharing occurs automatically.
You must set global sharing rules:
- For cases when linking organizations
- For tasks and observables when creating an organization
Managing sharing rules for existing cases
Global sharing rules apply only to newly created cases. Existing cases and their related tasks and observables remain unaffected. To apply sharing rules to existing cases, you must configure them manually, one case at a time.
Local sharing rules#
Local sharing rules let you customize sharing settings with linked organizations for both new and existing cases, including their related tasks and observables. They override the global sharing rules set at the organization level when linking organizations and creating organizations.
Local sharing rules are useful in the following scenarios:
- You have defined global sharing rules for newly created cases but want to apply the same rules to an existing case.
- You need to apply different sharing rules to one or more cases instead of following the global sharing rules.
Required permissions for setting local sharing rules
Only users with the manageCase/update and manageShare permissions can modify sharing rules of an existing case in TheHive.
Follow these step-by-step instructions to see:
- How to set up local sharing rules for an existing case
- How to set up local sharing rules for a new case
Manual sharing of tasks and observables in a shared case#
You can manually share tasks and observables in a shared case.
This is useful when task and observable sharing rules are set to manual, ensuring that users share only the relevant tasks and observables.
Follow these step-by-step instructions to learn how to:
How sharing rules work together#
| Cases ↓ \ Tasks and observables → | manual | autoShare |
|---|---|---|
| default | New cases aren't automatically shared. | New cases aren't automatically shared, and neither are their tasks and observables. |
| supervised | New cases are automatically shared without their linked tasks and observables. | New cases are automatically shared with their linked tasks and observables. |
| notify | New cases are automatically shared without their linked tasks and observables. | New cases are automatically shared with their linked tasks and observables. |