Edit Extractor Permissions

(Bashere1) #1

I’m have attempted to create a Power user type role though the API, but am having difficulties locating the proper permissions for allowing a power user to edit extractors. I’ve already tried to set the following permissions with no luck. I should add that create and delete work, but edit always redirect the user back to streams overview page.

     "name": "Power",
     "description": "Grants Power User permissions",
     "permissions": [
     "read_only": false

(Jochen) #2

The required permission is inputs:edit:<input-id>:

Are there any error messages in the console of your web browser or in the logs of your Graylog node(s), if a user with the “Power” role tries editing an input?

(Bashere1) #3

Shouldn’t the wildcard on (“inputs:edit:*”) work to allow permission then? It’s getting a 403 on the following url, but no errors in the graylog log.


(Bashere1) #4

I think I’m making this harder then it really is. I’ve tried every combination I can think of and it seems like using the wildcard is hit or miss on applying permissions. I’ll try to provide some examples. None of the settings besides #1 even get close. I’m not understanding how the “*” works when applying permissions.

  1. This is the only configuration that actually shows and will allow you to at-least see the drop down link (system/inputs) and extractors on /system/inputs/58ee78e8dd5e93d0889137e3/extractors". This is the config that gets the 403 when clicking on the edit button.
    “name”: “test”,
    “description”: “test”,
    “permissions”: [

    “read_only”: false

  2. Does not show the edit button /system/inputs

  3. Does not show the edit button /system/inputs


  4. Does not show the edit button under /system/inputs


(Tobias) #5

I’d like to take that up again.
I think there’s a bug here.
I have a role with rights like
"inputs: create: *",
“inputs: edit: *”,
“inputs: read: *”,
“extractor: create.”
“extractor: delete.”
“extractor_order: update”,
“extractor: update”,
I can see the extractors, but when I go to Edit, the NotFound page appears.
Have tried several combinations, but without success.

I would have liked to be able to create and edit the extractors.
However, without modifying or creating inputs.
If I remove inputs: create, you can’t create pipelines anymore.
Am I doing it a little wrong, or is it a bug?

thank you