Hi there I want to set up graylog (ldap auth) so that there's a group who have full READ access (audit team). ie instead of creating a Stream and giving them access to that, I want them to be able to access all the data - but not be admins. I have Roles working well for other groups - but this corner case doesn't sit well.
I want to use the LDAP groups to do this - so I have a group and can map it to a Role. But the Role needs to be assigned to a Stream - and the "default" Stream of "all" doesn't exist. I could go through and assign all the Streams to the Role - but then I'd have to remember every time we added a new Stream to go and update the Role... Alternatively I could create a new Stream called "Read-Only" that has no filter - and assign that to the Role - but that seems excessive. These Streams are not cheap (in terms of resources) - so you shouldn't create more than are needed Wouldn't it be sensible to always have a "default" Stream named "All data" (would probably have to be hard-wired as readonly) - so that it can be allocated to Roles? It's really a "virtual" Stream, consisting of everything -- Cheers Jason Haar Information Security Manager, Trimble Navigation Ltd. Phone: +1 408 481 8171 PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1 -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/CAFChrgJ2YuaaAiuNOHoAHM8eT0T%3D-ppNajE9kkevQwKjQv_Fng%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.