2 Replies Latest reply on Feb 20, 2012 12:23 PM by nicole pauls

    FEATURE REQUEST - Role-based access to Log & Event Manager

    bornf

      Case number 302917

      In order to get better value out of Log and Event Manager, we would like to give more invididuals in IT access to LEM so they can make better sense of the logs originating from the devices they administer.

      Unfortunately, there are certain types of logs we do not wish to give access to.  In order to prevent inappropriate access to logs, it would be great if we could control access for a particular LEM user on a per-source-device basis.  The end result would be, for example, a network administrator who can only see logs which originate from a list of network devices and not access any Active Directory related logs.

        • Re: FEATURE REQUEST - Role-based access to Log & Event Manager
          phil3

          Hi there.

          Someone might have already suggested this, but, as an interim solution, you can set your IT users up as "Monitor" users in the LEM Console and modify their filter set according to what you do and don't want them to see. For more information, check out the following KB article:

          Modifying Filters for "Monitor" Users [3544]

          As you're setting up those users' filters, consider deleting all of their filters except for the "All Alerts" filter, and then modifying their "All Alerts" filter to show only the alerts from their devices, etc. REMEMBER, as stated in the KB article, you'll have to do all of this on the user's computer, logged into their Windows profile.

          I hope this helps for now. Let me know if you have any questions.

          Thanks.

            • Re: FEATURE REQUEST - Role-based access to Log & Event Manager
              nicole pauls

              Just wanted to mention that in addition to Phil's comment about using Monitor to accomplish this for real-time data, we have also received this request for searches (as it stands, Monitor users cannot perform searches) and other data access. We'll continue to keep an eye on that and will probably have questions for customers like yourselves when it comes time to look at implementing that feature.