Admin roles and Detailed Log View (spyglass)

Reply
Highlighted
L2 Linker

Admin roles and Detailed Log View (spyglass)

Hello Community!

I'm trying to create an admin role that gives a user access to the Monitoring functionality. 
But with full access to Monitoring only, they are not able to open the details for each log entry - Detailed Log View.

I've granted Privacy access too, but that didn't help.

Anyone know what specific access is needed to be able to click on the spyglass for all log entries?

 

Thanks!

Tags (2)
Highlighted
Cyber Elite

@pred-martin,

The only access you need to grant for detailed log entry within the logs is enabling access to the logs you wish the user to access, if you turn everything else off the account still has access to detailed log view. The XML would look like the following for the admin-role:

      <entry name="test">
        <role>
          <device>
            <webui>
              <monitor>
                <logs>
                  <traffic>enable</traffic>
                  <threat>enable</threat>
                </logs>
              </monitor>
            </webui>
            <xmlapi/>
          </device>
        </role>
      </entry>
Highlighted
L2 Linker

webui {
974	
                         webui {
973	
                             monitor {
975	
                             monitor {
974	
                                 logs {
976	
                                 logs {
975	
                                     traffic enable;
977	
                                     traffic enable;
976	
                                     threat enable;

This is what I have for the admin role when doing a config audit. Am I missing something here?
The user is not able to get the detailed logs.

 

This is what devconsole is outputting when clicking a spyglass:

spyglass_debug.png

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Highlighted
L0 Member

I had the exact same issue. After trial and error for a couple of hours (and double digits of commits), the solution was enabling Read-Only on Device->Setup->Content-ID (everything else under Setup is still disabled). I don't see the logic in this, but it works

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!