We have developed a custom process which retrieves events, notifications, and performance metrics from Graylog via the REST API. We have assigned a read-only user to retrieve the information. It works great, except today it was demonstrated that non-administrative users are unable to retrieve system notifications.
How can we assign permission to retrieve notifications without making the read-only API user an administrator? I don’t see a way to do it in the documentation. Does it involve directly modifying a configuration stored in MongoDB?