FWIW my solution to this was to create a second graylog virtual machine where all users are admin level. The second instance uses the elasticsearch index of the primary. This gives users full search ability without any way to go deleting the inputs by mistake. So far it appears to be a workable solution. For the most part the primary server is never logged into. It exists for compliance and archiving, and all of my audit logs go there too. Most of the time I probably don't even need to keep the graylog-web service running on the primary.
On Monday, May 18, 2015 at 10:40:19 AM UTC-7, Roddy Rodstein wrote: > > Greetings, > > Could you please assist us with our GrayLog 1.0 read only users setup and > allowing them to search? We realize that by default read only users are not > able to search, but they can use streams. > > *Option 1: create a stream which matches all messages* > This post below and a couple others mentioned creating a stream which > matches all messages, and give access to this stream to read only users. > > https://groups.google.com/forum/#!searchin/graylog2/read$20only$20users$20search/graylog2/Iv7x3BKnhPI/3F_EIXCmCPUJ > > Could you please assist with a the steps to create a stream which matches > all messages? We have been unsuccessful in all our attempts to create a > stream which matches all messages. > > *Option 2: update the non-admin user permissions through the USER API. * > This post has a solution but does not really show how to implement. > https://github.com/Graylog2/graylog2-web-interface/issues/620 > > This option really looks great, could you please assist with the steps to > implement? > > Thank you in advance for you support! > -- You received this message because you are subscribed to the Google Groups "graylog2" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
