Hi Jesse, you could achieve something like you've described with streams (see http://docs.graylog.org/en/1.0/pages/streams.html) where every stream contains the messages of one tenant. For this to work, you'd have to create each stream for each tenant explicitly, there's no automatism for it yet. Users/tenants can be granted access to one or more streams so they can only search within their own log messages.
Cheers, Jochen On Tuesday, 14 April 2015 18:04:56 UTC+2, Jesse Skrivseth wrote: > > Hello world. I have just started working with graylog2. I have it running > in Docker and I'm capturing Windows Event Logs as Syslog UDP. It works very > well so far! > > I have a few questions about visibility and scoping. Imagine you want to > capture log data from numerous tenants and you don't want the tenants to > see each other's data. Does graylog2 support this? I suppose it could work > by directing data to different receiver nodes and having them both push up > to a shared parent. This hierarchy would mean each tenant would have to > search their local node, but the parent server would have all the data. I > assume that graylog2 allows for such a hierarchy, but I'm not sure just > yet. Even so, are there features or plugins that support this kind of > isolation at the user level? > > Any advice is much appreciated. > -- You received this message because you are subscribed to the Google Groups "graylog2" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
