Permission Role for Outputs not working

(Tobias) #1

i created a Role with the permissions for the Output
Like that one (the original i use has all permissions without the User Authentication:


I can see the Output menue under System, but if i click on it, i’m getting an error.
Any Ideas?


(Jochen) #2

What error do you get when clicking on the “Outputs” menu item?

You can try using the permission stream_outputs:create (without the trailing :*).

(Tobias) #3


i’m getting this error:

Could not load outputs
Loading outputs failed with status: Error: cannot GET (403)

Also when i have the permission like this:

      "name": "Moderator",
      "description": null,
      "permissions": [
      "read_only": false

(Jochen) #4

The /system/outputs/available resource currently requires the user to have the streams:read permission.

(Jochen) #5

Follow up:

(Tobias) #6

Thanks, that was the missing permission.
But with that one, i can see and access all Streams without giving a permission to them.

I want to make a a permission set, where someone can only see a his Stream an can do only a ouput on this.
Would this work?

(Jochen) #7

I don’t know this out of my head, you’d have to try it out yourself or check the respective code locations.

(Tobias) #8

i think there is a permission issue.
I have a role and a user without any read or edit rights for a stream.
If i set the “streams:read” permission by the role, the user can see and join every stream.
So if i need the “streams:read” permission for the Outputs, i give that role access to any stream.
can you confirm that?

(Jochen) #9

Yes, that’s correct (as of Graylog 2.3.1).

(Tobias) #10

So If i set the permission like this “streams:read:59b138fb2f969905ddecb310”, then is the Outputs not working again.
Could it be, that it will changed in further Versions? more granular?
Thanks again

(Jochen) #11

Correct, because the required permission is streams:read, not streams:read:{id} or streams:read:*.

Yes, please subscribe to the aforementioned GitHub issues for updates.

(system) closed #12

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.