You can create or modify roles to allow users to perform certain tasks and access specific content.
Verify that you are logged in to the vRealize Log Insight web user interface as a Super Admin user, or a user associated with a a role that has the Access control permission with Edit access level. The URL format of the web user interface is https://log-insight-host, where log-insight-host is the IP address or host name of the vRealize Log Insight virtual appliance.
- Expand the main menu and navigate to Management > Access Control.
- Click Roles.
- Click New Role or the pencil icon to edit an existing role.
- Modify the Name and Description text boxes.
- Select one or more permissions and their corresponding access levels from the Permissions list. Permissions have main categories and sub-categories within each main category.
The following access levels are available:
Note: Some permissions do not have all access levels due to absence of use cases. For example, you do not have the Edit access level for content pack dashboards. Similarly, you do not have the No Access access level for extracted fields in Explore Logs.The following permissions are available:
- Full Access
- Provides view and edit access to all the sub-categories for a permission. For example, if you select the Full Access check box against the Management permission, the users associated with the role can view and edit clusters, hosts, agents, and the rest of the sub-categories under Management.
- No Access
- Does not provide view or edit access to the corresponding sub-category in a permission.
- Provides view access to the corresponding sub-category in a permission.
- Provides view and edit access to the corresponding sub-category in a permission.
Permission Description Management Can view or modify information corresponding to the selected sub-categories, under the Management section:
- System monitor
- Access control
Configuration Can view or configure information corresponding to the selected sub-categories, under the Configuration section:
- General Configuration
- Authentication Configuration
- Time Configuration
- SMTP Configuration
- SSL Configuration
- Proxy Configuration
Log Management Can view or manage information corresponding to the selected sub-categories, in the Log Management page:
- Log Masking
- Log Filtering
- Log Forwarding
- Index Partitions
Integrations Can view or configure the integration of vRealize Log Insight with the products corresponding to the selected sub-categories, under the Integration section:
- vSphere Integration
- vROps (vRealize Operations)) Integration
- NSX Integration
- Cloud Integration
Content Packs Can view or manage content packs in the Content Packs page. Alerts Can view, create, or modify alerts in the Alerts page or perform alert-related activities from the Explore Logs page. Explore Logs Can view or modify information corresponding to the selected sub-categories in the Explore Logs page:
- Explore Logs
- Extracted Fields
Dashboards Can view or modify information corresponding to the selected sub-categories in the Dashboards page:
- User Dashboards
- Shared Dashboards
- Content Pack Dashboards
- Shared Dashboard URLs
- Scheduled Reports
- (Optional) From the Data Sets list, select a data set to associate with the user role.
- Click Save.
- To view the user accounts associated with any role, click Show Users against the role.
- To view the permissions associated with any role, click Show Permissions against the role.