VMware Cloud Community
OnpointAPP
Contributor
Contributor
‎04-24-2014 04:19 PM

Read only role for user that also needs to view logs - what privilege?

I have an audit user that has read only role and they discovered that they can't view the logs (version 5.0 623373).

so I want to keep the read only role but add the privilege to view the VIC logs (home > admin > system logs) which more then likely creating a new Audit Role with read only with system log viewing.

what is the privilege that will give them as minimal as possible privilege that I can add to a new audit role to view the system logs?  (not ESXi host logs but virtual center logs).

Tags (3)
0 Kudos
1 Reply
bayupw
Leadership
Leadership
‎04-27-2014 04:22 PM

Hi

You will need to add privileges Global.Diagnostics as documented in vSphere 5 Documentation here - View System Logs: vSphere Documentation Center

You can clone the built-in Read-only role then rename to something like Audit Role.

Edit the audit role, add privileges Global.Diagnostics as shown in screenshot below

audit_role.jpg

Thanks,

Bayu

Bayu Wibowo | VCIX6-DCV/NV
Author of VMware NSX Cookbook http://bit.ly/NSXCookbook
https://github.com/bayupw/PowerNSX-Scripts
https://nz.linkedin.com/in/bayupw | twitter @bayupw
0 Kudos