How to secure graylog?

Hi,

I am using graylog-sidecar with nxlog.
If I well understood, each sidecar needs a token to use REST api. I want that every operation is forbidden for that token except for pushing events into graylog.
How should I set the role permissions for the sidecar token?

Kind Regards,

Bruno

when you choose the user graylog-sidecar this user has only the limited ressources/access levels that this specific function needs.

https://yourgraylogurl/system/authentication/users/tokens/graylog-sidecar

Great! Many Thanks for your help Jan.

I have another question for you.

Once I created an ad-hoc user with the proper permissions, I need to update the sidecar.yml with the new token.
However, I have a number of installed machines and this operation will take a long time. My idea is to move the token from the old (wrong) user to the new one. I cannot find a way to set the value of the token on creation. It there any way to do that?

Kind Regards,

Bruno

he @Bruno

we do not include the option to write the token yourself. Just to avoid weak tokens.

Sorry that this kind of operation is not possible.

Hi Jan,

I understand your point.
Many thanks for your reply.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.