Blocking Graylog access for normal users

Hey, is it possible to block access to the graylog logs for users in librenms?
I have users set up that only have access to some devices via a dynamic group. That works fine.
They can only see the events and such for the devices that belong to the group, but when they open the graylog tab, they can see the logs for all devices.
Actually, they don’t need to see any logs from the graylog, so it would be fine to deny them full access to the graylog tab.

Is this possible?

not currently, there is a new roles system in LibreNMS, but someone needs to write additional code to help with your problem.

Okay, thanks for the information.

I found a workaround.
I added a location for /graylog in my nginx librenms vhost and added a .htpasswd and an allow rule for an internal network to accomplish what I wanted.
It’s not great, but so far it seems to work.

Here’s what I did.

location /graylog {
        satisfy any;
        deny all;
        auth_basic "closed site";
        auth_basic_user_file .htpasswd;
        try_files $uri $uri/ /index.php?$query_string;
1 Like

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.