I have several different projects that write logs through different Inputs.
For authorization of users I use AD, with the default role Reader.
But the section in Search, the user from project №1 can see the logs of project №2.
I would like to make sure that the User who is responsible for project №1 does not see the logs from project №2.
I tried to make a custom role, but I can’t limit it to Search.
I’ve read the documentation but haven’t found how to do it.
I would like to know what are the best practices for implementing this solution
Access to specific entities is managed via sharing.
So you could create streams for project1 and project2; and then share these with appropriate users or groups.
Roles now only govern what actions someone can take, but do not themselves state on which entities these actions can take place. The latter is done through the sharing dialog.
