I’m trying to use the REST API to retrieve auditlog messages. Right now I’m struggling though to figure out which permissions are nessecary to be able to use that endpoint.
I’ve tried giving the user “plugin:read” but according to this it is not even a valid endpoint. An admin user with “*” permissions can access the auditlog endpoint just fine.
What am I doing wrong here?
I’m using Graylog 2.3.2