so, just to confirm. if I want to allow all the logs that coming to an input port 1514 that can not be allow read access to a non-admin user without configuring it via REST API ?
no - it wasn’t your question, of if you did not wrote that clearly …
Route the messages from that single source into a stream, than create a role that has read access to this stream in the Graylog UI and add the user to that role …