Is your feature request related to a problem? Please describe.
We are using Graylog in its open source version with an open search backend. For easy scalability on affordable storage Quickwit would be a good alternative. Replacing Graylog entirely with Quickwit is missing permissions at the moment (Have a user only see records with certain field values that is).
Describe the solution you'd like
Either
find some way of limited access to records by user or
support Graylog as a frontend so it handles user permissions. Since Graylog does alerting as well and is configured already this approach is preferred.
Describe alternatives you've considered
Grafana as far as I can see would not support record level permissions but only limiting access to data sources entirely. But this only applies for enterprise versions of Grafana.
starting up Graylog targeting it to Quickwit as a storage returns version errors.
similar to the previous one OpenSearch Dashboard does not even start up. If it would it likely does not provide the permission feature on its own.
Additional context
I have seen some mentions of tenants in the documentation but no way of utilizing it as a permission tool inside Quickwit directly. Our Idea is having a single scalable system used by many users / teams to send there application logs to. This entails potentially sensitive data and therefore has to be protected against leakage.
Thanks, @scMarkus, for reporting this. Supporting GrayLog would be awesome, would love to have a quick chat with you to see how we can do this, you can join our discord server and ping me (@fmassot)
Is your feature request related to a problem? Please describe. We are using Graylog in its open source version with an open search backend. For easy scalability on affordable storage Quickwit would be a good alternative. Replacing Graylog entirely with Quickwit is missing permissions at the moment (Have a user only see records with certain field values that is).
Describe the solution you'd like Either
Describe alternatives you've considered
Additional context I have seen some mentions of tenants in the documentation but no way of utilizing it as a permission tool inside Quickwit directly. Our Idea is having a single scalable system used by many users / teams to send there application logs to. This entails potentially sensitive data and therefore has to be protected against leakage.