You can create user accounts to provide access to the vRealize Log Insight web user interface.

Prerequisites

  • Verify that you are logged in to the vRealize Log Insight web user interface as a Super Admin user, or a user associated with a a role that has the Access control permission with Edit access level. The URL format of the web user interface is https://log-insight-host, where log-insight-host is the IP address or host name of the vRealize Log Insight virtual appliance.

  • Verify that you have configured VMware Identity Manager or Active Directory support if you are creating user accounts that use either of these types of authentication. See Activate User Authentication Through VMware Identity Manager and Activate User Authentication Through Active Directory.

Procedure

  1. Expand the main menu and navigate to Management > Access Control.
  2. Click Users.
  3. Click New User.
  4. Do either of the following:
    • If you are using the default, built-in authentication, enter a user name and an email address.
    • If you are using Active Directory or VMware Identity Manager authentication, enter the domain to which the user belongs, a user name, and optionally, the email address for the user name account.
  5. From the Roles list on the right, select one or more predefined or custom user roles.
    Option Description
    Dashboard User Dashboard users can only use the Dashboards page of vRealize Log Insight.
    Super Admin Super Admin users can access all the functionalities of vRealize Log Insight, can administer vRealize Log Insight, and can manage the accounts of all other users.
    User Users can access all the functionalities of vRealize Log Insight. Users can view log events, run queries to search and filter logs, import content packs into their own user space, view alerts, and manage their own user accounts to change a password or email address. Users do not have access to the administration options and cannot share content with other users, create or modify alerts, modify the accounts of other users, and or install a content pack from the Marketplace. However, they can import a content pack into their own user space which is visible only to them.
    View Only Admin View Only Admin users can view Admin information, have full User access, and can edit shared content.
    Custom Role A user with a custom role can view or modify information based on the permissions associated with the role.
    To view the permissions associated with a predefined or custom role, in the Access Control page, click the Roles tab and then click Show Permissions against the role.
  6. Click Save.
    • For built-in authentication, the information is saved locally. An email is sent to the user's email address with a link to finish the registration. The user can click the link and enter a password for their account. Before the user registers their account, the account status is pending. After registration, the account status is active.
      Note: A user must register their account within 24 hours of receiving the registration email. If they fail to do so, their account status remains pending, and they have to request the Super Admin user to unlock their account. For more information, see Unlock a User Account.
    • For authentication with VMware Identity Manager, vRealize Log Insight verifies whether the user's domain is linked to a group. If the domain does not belong to a group, vRealize Log Insight verifies whether the domain has established trust with a domain associated with a group. If cross-domain trust has been established, the user can log in to vRealize Log Insight, and the corresponding user account is added to the user table in Access Control > Users.