Chat now with support
Chat with Support

syslog-ng Store Box 6.1.0 - Administration Guide

Preface Introduction The concepts of SSB The Welcome Wizard and the first login Basic settings User management and access control Managing SSB Configuring message sources Storing messages on SSB Forwarding messages from SSB Log paths: routing and processing messages Configuring syslog-ng options Searching log messages Searching the internal messages of SSB Classifying messages with pattern databases The SSB RPC API Monitoring SSB Troubleshooting SSB Security checklist for configuring SSB

Managing user rights and usergroups

In SSB, user rights can be assigned to usergroups. SSB has numerous usergroups defined by default, but custom user groups can be defined as well. Every group has a set of privileges: which pages of the SSB web interface it can access, and whether it can only view (read) or also modify (read & write/perform) those pages or perform certain actions.

Figure 50: AAA > Access Control — Managing SSB users

 NOTE:

Every group has either read or read & write/perform privileges to a set of pages.

The admin user is available by default and has all privileges, except that it cannot remotely access the shared logspaces. It is not possible to delete this user.

Assigning privileges to usergroups for the SSB web interface

The following describes how to assign privileges to a new group.

To assign privileges to a new group

  1. Navigate to AAA > Access Control and click .

  2. Find your usergroup. If you start typing the name of the group you are looking for, the autocomplete function will make finding your group easier for you.

  3. Click located next to the name of the group. The list of available privileges is displayed.

  4. Select the privileges (pages of the SSB interface) to which the group will have access and click Save.

    		 NOTE:

    To export the configuration of SSB, the Export configuration privilege is required.

    To import a configuration to SSB, the Import configuration privilege is required.

    To update the firmware and set the active firmware, the Basic settings > System privilege is required.

  5. Select the type of access (read or read & write) from the Type field.

  6. Click Commit.

Modifying group privileges

The following describes how to modify the privileges of an existing group.

To modify the privileges of an existing group

  1. Navigate to AAA > Access Control.

  2. Find the group you want to modify and click . The list of available privileges is displayed.

  3. Select the privileges (pages of the SSB interface) to which the group will have access and click Save.

    Figure 51: AAA > Access Control — Modifying group privileges

    		 Caution:

    Assigning the Search privilege to a user on the AAA page grants the user search access to every logspace, even if the user is not a member of the groups listed in the Access Control option of the particular logspace.

  4. Select the type of access (read or read & write) from the Type field.

  5. Click Commit.

Finding specific usergroups

The Filter ACLs section of the AAA > Access Control page provides you with a simple searching and filtering interface to search the names and privileges of usergroups.

Figure 52: AAA > Access Control — Finding specific usergroups

  • To select usergroups starting with a specific string, enter the beginning of the name of the group into the Group field and select Search.

  • To select usergroups who have a specific privilege, click , select the privilege or privileges you are looking for, and click Search.

  • To filter for read or write access, use the Type option.

Related Documents