API Security adds Continuous Discovery and Risk Scoring PLUS a Free Version | LEARN MORE>

Graylog V4-Users-Permissions for Open Deployments

This is a transcript of Graylog V4-Users-Permissions for Open Deployments.

In this video, we’re going to take a look at how to manage users and permissions in version 4.0 in open deployments of Graylog. Graylog version 4.0 maps our users from LDAP Active Directory into Graylog. From there, managing users and permissions requires a couple of steps to get started. One, assigning roles and, two, adding permissions to streams and dashboards. With that, let’s dive in.

Product Demo

Here, you’ll see my Active Directory service under system authentication. I’ve got to connect it and I have three users synchronized. Currently, “E Dusk” username has been given admin role. What we’re going to do is we’re going to modify the B Bitt role or Brad Bitt role and add some roles. From here, you’ll see that this individual only has readers. We’re going to edit this user and we’re going to add Alerts manager. We’re going to add an Event definition creator, and we are going to add a User inspector to this particular role. Okay?

Next, you’ll see here under users, Brad Bitt now has these roles assigned as you can see here. However, he doesn’t have access to streams or dashboards. What we’re going to do is we’re going to streams and we’re going to share the all messages. We’re going to share it to Brad Bitt, and we’re going to make him manager. Add and save. We’re going to go to the GELF HTTP stream, share that out to Brad Bitt, and we’re going to make him also a manager. Hit save.

If we go back to users, you will notice that Brad Bitt still has the same roles, but the view of knowing what’s shared, you need to click on Brad Bitt, here you’ll see at the bottom, the streams are shared for this individual user.

Now, we need to add dashboards and we’re going to share a dashboard. If we go to dashboards, this one dashboard, we’ll click share, do the same thing, set it up for Brad Bitt. We’re going to make him a manager and add a collaborator and save. Now, if we go back to users and we click on Brad Bitt, now you’re going to see the dashboard is now another entity that’s been shared out, the two streams and the dashboard. From there, it’s all self-managed which takes the burden off the IT administrators and puts the control of the administration within Graylog, within the users within Graylog. That’s all we have for today.

 

Happy logging with Graylog.