ESET Online Help

Select the category
Select the topic

The ESET PROTECT Permission Settings

In the ESET PROTECT, it is necessary to create a Static Group, where security engineers have access and full permission rights.

We recommend using pre-defined permission sets in the ESET PROTECT.

Refer to the ESET PROTECT documentation for more details on creating an ESET PROTECT Native User.

For the EI_SERVER_INSTALLER Web Console access user, the permission set should be:



The user with this permission set should be used during the ESET Inspect Server installation process. If there is an error, logs with diagnostics data is created too, which will help solve the problem better.


For the EI_ADMIN Web Console access user, the permission set should be:



For the EI_READ_ONLY Web Console access user, the permission set should be:


Custom permission sets

You can create custom permission sets (see the Permission Sets Online Help topic).

A given permissions set enables Read, Use or Write access. In general:

Read permissions are good for auditing users. They can view data but cannot make changes.

Use permissions allow users to use objects and run tasks but not modify or delete them.

Write permissions allow users to either modify respective objects and/or duplicate them.

Certain permissions (listed below) control a process, not an object. That is why they work globally, so it does not matter which static group the permission is applied to. It will work regardless. If the process is allowed to a user, it can use it only over objects with sufficient permissions.

Functionality types:

Access to ESET Inspect

Read—Allows logging into ESET Inspect Web Console.

Change Server Settings

Write—Allows changing ESET Inspect Server Settings in More > Admin > Settings.

Edit Notes/Comments

Write—Allows editing notes and comments through whole ESET Inspect.

Edit Tags

Write—Allows creating and editing tags in the ESET Inspect.

Create & Edit Incidents

Write—Allows creating and editing incidents in the ESET Inspect.

Add Objects to Incidents

Write—Allows working with objects within ESET Inspect incidents.

Assign Incidents

Write—Allows to assign incidents to specific user in the Incidents window.

Change Incident Status

Write—Allows to change the progress status of the incident report.

Block Modules

Write—Allows blocking executables based on the SHA-1 hash. The blocked executable will appear in the blocked hashes section. It also allows using the remediation option in detection details.

Clean Modules

Write—Allows to delete the executable file and add it to the blocked hashes section to prevent future occurrences. It also allows using the remediation option in detection details.

Kill Process

Use—Allows to kill the running process that triggered the detection.

Remote Shell Access

Use—Allows connecting to the Computer via remote Terminal.

Resolve Detection

Write—Allows changing the detection status.

Change Detection Priority

Write—Allows changing the detection priority levels.

Mark as Safe/Unsafe

Write—Allows marking executables as Safe/Unsafe.

Mark as Safe/Unsafe

Write—Allows marking scripts as Safe/Unsafe.

Create and Manage Rules

Write—Allows allows to create, save and manage rules.

Enable/Disable Rules

Write—Allows enabling or disabling rules.

Import/Export Rules

Read—Allows exporting the rule from ESET Inspect.

Write—Allows importing the rule into ESET Inspect.

Create and Manage Exclusions

Write—Allows creating, saving and managing exclusions.

Enable/Disable Exclusions

Write—Allows enabling or disabling exclusions.

Import/Export Exclusions

Read—Allows exporting the exclusion from ESET Inspect.

Write—Allows importing the exclusion into ESET Inspect.

Resolve Questions

Write—Allows resolving the question.

Create and Manage Tasks

Write—Allows to create and manage tasks.

Pause/Resume Tasks

Write—Allows to pause and resume tasks.

Download Executables

Use—Allows to download the executable file for further diagnostics.

Download Scripts

Use—Allows to download the script file for further diagnostics.

Audit Log

Read—Allows reading the audit log.