WAZUH | Switch Tenant
314 views
Skip to first unread message
Syafeera Azeera Rahim
Sep 19, 2022, 10:03:06 PM9/19/22
to Wazuh mailing list
Hi
Is anyone here how to configure switch tenant. For your information, i have enable the switch tenant. I am stuck to saperate my other customer to other dashboard. Also, how to configure the security?
Thanks
Jesus Linares
Sep 20, 2022, 1:30:50 AM9/20/22
to Wazuh mailing list
Hello,
Could you describe the steps that you followed to enable the tenant? What component are you using, wazuh-dashboard?
Tenants (in wazuh-dasbhoard) are a type of "space" for saving visualizations, dashboards, and other objects. This in combination with roles allows you to control who can access a tenant.
For example, you can use the "private tenant" to create your own visualizations and the "executive tenant" to create a summary dashboard for the corporate leadership.
In general, the steps that you need to perform for working with tenants are:
- Enable tenants
- Create the corresponding tenants
- Give role access to tenant
- Assign the role to the proper users
In this documentation, you can find more information: https://opensearch.org/docs/latest/security-plugin/access-control/multi-tenancy/.
I hope it helps.
Syafeera Azeera Rahim
Sep 23, 2022, 5:52:32 AM9/23/22
to Jesus Linares, Wazuh mailing list
HI
I have several log in one wazuh-manager such as Fortigate and sophos log. What i want to do is
Custom A : Fortigate Log
Customer B: Sophos Log
Customer B: Sophos Log
Both of the Customers cannot see other logs from other customers.
Thanks
--
You received this message because you are subscribed to a topic in the Google Groups "Wazuh mailing list" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/wazuh/rErb8U8uKZc/unsubscribe.
To unsubscribe from this group and all its topics, send an email to wazuh+un...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/wazuh/f9d90944-8cb0-4105-9ea8-500b2c63060an%40googlegroups.com.
Regards,
Nursyafeera Azeera binti Rahim
Nursyafeera Azeera binti Rahim
Network Engineer
ECode Technologies Sdn. Bhd
ECode Technologies Sdn. Bhd
Jesus Linares
Sep 26, 2022, 2:12:12 AM9/26/22
to Wazuh mailing list
Hello,
Well, what you want to achieve is not "tenant" at least in the context that OpenSearch Dashboards:
> Tenants in OpenSearch Dashboards are spaces for saving index patterns, visualizations, dashboards, and other OpenSearch Dashboards objects.
> Tenants in OpenSearch Dashboards are spaces for saving index patterns, visualizations, dashboards, and other OpenSearch Dashboards objects.
What you need is to control who has access to certain documents inside the wazuh-alerts index. For that, you need to define a role per customer:
- Role - customer A: Restrict the subset of documents belonging to customer A in the wazuh-alerts index
- Role - customer b: Restrict the subset of documents belonging to customer B in the wazuh-alerts index
Then, assign the role to the proper user.
You can create the role using the interface (Security/Roles/Create Role) or via the rest api.
Also, it could be convenient to have an index per customer:
- wazuh-alerts-customerA
- wazuh-alerts-customerB
Then, limit the role per index instead of per document in the index.
I hope it helps.
Reply all
Reply to author
Forward
0 new messages