While trying to generate report using Non Admin Account Users unable to see AuditingEvent NetObjectID in report, which shows as NULL. The privilege given to Non Admin group account users, are as below:
The privileges given to the "abc" non admin group is as below:
1. Account Enabled-Yes
2. Account Expires-Never
3. Disable Session Timeout-Yes
4. Allow Administrator Rights-No
5. Allow Node Management Rights-Yes
6. Allow management of Network Atlas Maps-No
7. Allow management of Orion Maps-Yes
8. Allow upload of images to Orion Maps-No
9. Manage Views-No
10. Manage Dashboards-Yes
Reports
1. Allow Report Management rights-No
2. Report Limitation Category-Default
Alerts
1. Allow Alert Management rights-No
2. Alert Limitation Category-No Limitation
3. Allow Account to Unmanage objects & Mute Alerts-Yes
4. Allow account to disable actions-No
5. Allow account to disable alerts-No
6. Allow account to disabled all actions-No
7. Allow account to clear/acknowledge Orion Messages-Yes
8. Allow browser integration-No
9. Number of items in the breadcrumb list-50
Account Limitations- Is not set yet.
We are building a custom table widget to show information about mute or/and unmanage. To be able to know who did that modification, a query is done in auditing.
I would be really nice if we can let members of non admin group "abc" be able to read Auditing Events, because we do not want to let people who are just doing an audit (Clients / External Company…),they will be able to break / see / change / execute Query over Powershell APM / Start-Stop services … anything … We are having a security problem here.