Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist
Cohesity

COHESITY Documentation

Explore our documentation to get started, discover products & new features, access troubleshooting guides, register sources, platforms support.

Products
Data Security Alliance
Visit Cohesity.com
Demos
Support
Blogs
Developers
Partner Portals
Cohesity Community
© 2026 Cohesity, Inc. All Rights Reserved.
Terms of Use|
Privacy Policy|
Legal|
  1. Home
  2. IT Analytics Data Collector Installation and Configuration Guide for Cohesity NetBackup
  3. Centralized Data Collector for NetBackup - Prerequisites, Installation, and Configuration
  4. Step-4: Create NetBackup Data Collector Role, Service Account, and API Key
IT Analytics Data Collector Installation and Configuration Guide for Cohesity NetBackup

Step-4: Create NetBackup Data Collector Role, Service Account, and API Key

A Data Collector Service Account and API key is used while configuring the Cohesity NetBackup Data Collector policy. This must be configured to enable complete collection from NetBackup. Create a Data Collector Service Account and add an RBAC custom role in the NetBackup Web UI.

Custom role

To create the custom role within the NetBackup Web UI:

  1. On the left, click Security > RBAC.
  2. Under the Roles tab, click Add.
  3. Select Custom role and click Next.
  4. Enter the Role Name and Role Description.
  5. Under Permissions, click Assign.
    • Select all the View  permissions for all the objects under  NetBackup Management,  Protection, and  Storage sections of the NetBackup web UI.

    • From the  NetBackup Management  >  CLI Sessions section, enable  CLI Execute.

    • From the  NetBackup Management  >  Malware  section, enable  View scan results.

    • From the  RBAC  >  (Edit RBAC customs role)  >  Global Permission  tab >  Security  > enable  View  permission for  Global Security Settings.

    • From the  RBAC  >  (Edit RBAC customs role)  >  Global Permission tab >  Security  > enable View permission for Security Events.

  6. Select Users tab and Add to List service account to be associated with this role.
API key

Copy the API key generated with these steps for future use. It will be required while configuring the NetBackup Collection Policy.

To add an API key:

  1. Select Security > Access keys on the NetBackup Web UI.
  2. Enter the Username and Description.

    The service account associated with the API key and the Role, must be the same service account that is associated with the Veritas NetBackup Collection Policy in IT Analytics.

  3. Click ADD.

If you are configuring a Centralized Data Collector with SSH access to the NetBackup primary, then you must create a second user in addition to the account created in the steps above. This second user must be an OS user with an identical username, same as the account you just created. See the section Linux Centralized Data Collector: SSH for instructions on how to create the second account.

See Linux Centralized Data Collector: SSH.

Feedback

Was this page helpful?
Previous

Step-3: Add Data Collector on IT Analytics Portal

Next

Step-5: SSH/WMI

Feedback

Was this page helpful?