Search access for Custom Role


(Nav) #1

Hi Folks,

I have created a custom role where by users can access read-only dashboards however I don’t see an option where I can grant access to Search function.

Is it possible to grant Search function or is it only available to admins?

Thanks,
navdeep


(Jochen) #2

(Nav) #3

kindly shed some light with brief on it. I am not sure what exactly to do with the provided info.


(Jochen) #4

These are the permissions required to use the universal search.


(Nav) #5

so what i need to do exactly? i find the source file and change those lines?


(Jochen) #6

You’ll have to create a role which has these permissions if you want the users to be able to use the universal search (i. e. not inside a stream).

See http://docs.graylog.org/en/2.4/pages/users_and_roles.html for details.

Ideally, the dashboard widgets would’ve been created from a query to a stream which the users already have access to. Then the users wouldn’t require permission to use the universal search.


(Nav) #7

I have used custom roles but i don’t see an option to make search available to the users. If readers group user try to replay the search, they get gorilla with banana (404) page.


(Jochen) #8

Please refer to the aforementioned chapter in the Graylog documentation.


(Nav) #9

Hi Jochen,

I got it, i have provisioned the new role and it works fine. Just a quick question, what does read_only keyword for?

sudo curl -v -XPOST -u admin:graylog -H ‘Content-Type: application/json’ ‘https://graylog.domain.com:9000/api/roles’ --insecure -d ‘{“read_only”: false,“permissions”: [“savedsearches:read”,“searches:relative”,“searches:absolute”,“searches:keyword”],“name”: “Allow Searches”,“description”: “Permission to Search on Graylog nodes”}’


(Jochen) #10

read_only marks accounts which cannot be modified online, e. g. the administrator account.


(system) #11

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.