How to Manage Permissions in Log Analytics with NetEye 4
NetEye 4 Log Manager, as already presented in this blog post, allows you to easily manage the collection, navigation, visualization and analysis of large numbers of logs.
For many reasons, I as a user may want to limit log access to a subset of users. For example a network administrator should only see the logs of switches, routers…
One of the possible solutions supported by NetEye 4 is to manage the user-specific permissions leveraging the Director hostgroup, which each host can be configured to belong to.
Let’s assume a very simple scenario: two users (network-admin, database-admin) who must have different authorizations:
The former is responsible for the network devices that are in network-hostgroup
The latter is responsible for the database servers that are in database-hostgroup
Neither user should see monitoring data and logs from the other group, just those under his/her responsibility.
The configuration of these permissions requires defining two roles in the Authentication section under the Configuration menu item:
Those roles serve to limit the permissions based on the hostgroup which each role can see as follows:
Director: limit the visibility of host configurations
Monitoring: show only the status of the hosts
Logs Analytics: map the roles between Log Analytics and those just configured in the screenshot above
Log Analytics must be configured in Search Guard to limit access to logs belonging to the hostgroup by following these steps:
In an upcoming release, Log Analytics configurations will be simplified via the automated creation of Search Guard roles based on the hostgroupsavailable in Director.
Hi, my name is Michele Santuari and I am a Telecommunication engineer felt in love with OpenFlow, the first attempt of centralized network management, provisioning, and monitoring. I embraced the Software Defined Networking approach to discover a passion for programming languages. Now, I am into Agile methodologies and crazy development process management.
Author
Michele Santuari
Hi, my name is Michele Santuari and I am a Telecommunication engineer felt in love with OpenFlow, the first attempt of centralized network management, provisioning, and monitoring. I embraced the Software Defined Networking approach to discover a passion for programming languages. Now, I am into Agile methodologies and crazy development process management.
The R&D Team is currently working on the integration of the new Elastic Fleet management tool in NetEye 4. Once Elastic Fleet is fully integrated in NetEye 4, all of the Log Management features currently supported will also need to Read More
In the enormous world of Log Collection, quite often customers need to collect logs from various systems in remote locations, like from an office in another country. For Icinga we know that the latest NetEye 4.20 release fully supports distributed Read More
Beginning with NetEye 4.17, the NetEye Log Management module has been able to rely on the new Real Time Log Signing architecture, which aims to overcome some weaknesses in the previous Log Management implementation based on rsyslog. One of the Read More
Meeting the highest security standards is an absolute priority in NetEye. For this reason, in the continuous process of improving security in NetEye 4, we brought an important architectural improvement in the Log Manager module in the NetEye 4.17 release. Read More
One of the features introduced in the 4.15 NetEye release is the Command Orchestrator. The aim of this newly introduced feature module is to allow limited-access NetEye users to execute predefined commands on hosts, without needing full access to the Read More