Restrict access for Search for role Reader

I have several different projects that write logs through different Inputs.
For authorization of users I use AD, with the default role Reader.

But the section in Search, the user from project №1 can see the logs of project №2.
I would like to make sure that the User who is responsible for project №1 does not see the logs from project №2.
I tried to make a custom role, but I can’t limit it to Search.

I’ve read the documentation but haven’t found how to do it.
I would like to know what are the best practices for implementing this solution

Graylog version: Graylog 4.2.8

Access to specific entities is managed via sharing.
So you could create streams for project1 and project2; and then share these with appropriate users or groups.

Roles now only govern what actions someone can take, but do not themselves state on which entities these actions can take place. The latter is done through the sharing dialog.

1 Like

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.