Thanks! I will be setting up an eval instance of GL2 to get some hands-on.
A few questions: - I started reading about logstash and GL2 and it seems both have overlapping functionality. Based on your experience, is there any reason why I should be choosing one over the other? Given this is a GL2 forum, I am hoping to hear why GL2 is superior than logstash than the other way :) I understand that logstash can forward data to GL2 but the lesser components I have, the easier to maintain them in a production setup (eventually). - What is the typical release cycle or how soon GL2 typically supports new Elasticsearch versions? I see from GL2 release notes that it supports v0.90 of Elasticsearch and the latest version seems to be v1.3.2 (seems like a big delta). Thanks again! On Wednesday, August 20, 2014 8:15:54 AM UTC-4, Brantley Hobbs wrote: > I would add that while Graylog's web UI offers some level of security (by > using streams and granting permissions on that stream), Kibana offers none. > If someone has access to Kibana, they have access to every piece of data > in every open index in the entire Elasticsearch cluster. The reason is > that Kibana connects directly to Elasticsearch, which, as you say, offers > no authentication mechanism. > > It may be possible to set up an Elasticsearch node that mirrors only the > "safe" data, and allow Kibana to connect only connect to that node. > > Brantley > > > > > On Wed, Aug 20, 2014 at 4:16 AM, Jochen Schalanda <[email protected] > <javascript:>> wrote: > >> Hi, >> >> - is LDAP authentication supported when logging onto graylog2 GUI? >>> >> >> Yes! The Graylog2 web interface is basically just a visualization and UI >> layer on top of graylog2-server and if you've configured LDAP for the >> server, the web interface will automatically authenticate against that >> source. >> >> >> >>> - does graylog2 offer any mechanism to maintain a mapping i.e., a user >>> in "group A" (be it UNIX or Windows) can query the indexes IA and IB and a >>> user in "group B" can query indexes IB and ID? Elasticsearch doesn't >>> implement any security (yet or so I was told), but we have some data >>> that shouldn't be visible to everyone who has access to UI (be it graylog2 >>> or Kibana). I am wondering if graylog2 helps implement any of this >>> filtered queries out of the box and if not lets us extend this >>> functionality. >>> >> >> You can do this indirectly by creating streams and allowing certain users >> to see and query these streams. It is currently not possible to fetch this >> authorization information from LDAP/ActiveDirectory directly. >> >> >> Cheers, >> Jochen >> >> -- >> You received this message because you are subscribed to the Google Groups >> "graylog2" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected] <javascript:>. >> For more options, visit https://groups.google.com/d/optout. >> > > -- You received this message because you are subscribed to the Google Groups "graylog2" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
