wazuh dashboard division

[Khem Raj Bhatta]

Hi everyone,

I am stuck in a situation where I wanted to restrict agents shows in wazuh dashboard based on different groups as each group can see only the agent that is their agents and will not able to see agents of other group. Is this possible if it is can you please guide me through ?

[Federico Gustavo Caffieri]

Hello Khem, 

if I understood your need, you want to create users that only view groups of agents, right?

So to do this you must in principle create agent groups and assign the agents to these groups. For this, I leave you the following documentation.
https://documentation.wazuh.com/current/user-manual/agents/grouping-agents.html#grouping-agents

Then you must create users and give them permission to read and manage a group of these agents. For this point, you have in the following link a practical example of the use case.
https://documentation.wazuh.com/current/user-manual/kibana-app/wazuh-rbac.html#use-case-give-a-user-permissions-to-read-and-manage-a-group-of-agents

If you have any questions or problems, do not hesitate to contact us again.

Thank you.

[Khem Raj Bhatta]

Hi Federico,

Thank you for your response. The process that mentioned above in that link was clear where I already have created the agent group as mentioned in the documentation but in case of configuration of RBAC I could not find options like 

Cluster Permission :

Index:

Index permission:

What's wrong that I am doing can you point out please.

[Federico Gustavo Caffieri]

Hello Khem Raj Bhatta,

I have a series of questions:
What version of wazuh are you using?
Did you login with administrator user?

To create the roles, you must enter from the left panel in the "OpenSearch Plugins" section to the "Security -> Roles" menu
Then click the "Create role" button, which is on the right.
I leave you a couple of screenshot to guide you:

First step: Go to security menu, view Security-Menu.png image.

Second: go to menu Roles and click boton Create role, view Menu-Roles.png image.

Final: Configure new role, view Menu-create-rol.png image.

Thanks

[Khem Raj Bhatta]

Hello federico

Yes i did login using the administration user as by default when surfing with kibana i used the elastic username and password resulting the wazuh to open in an administration mode.

Secondly I am using wazuh version 4.0.4 with the kibana and elastic version 7.9.1

[Federico Gustavo Caffieri]

Hello Khem Raj Bhakta,
In the version of wazuh you are using, access to the menu changed. 

You must go to Management -> Security and then from the menu on the left to Roles and finally click on the Create Role button on your right. 

Here are some screenshots to guide you.

Thanks

[Khem Raj Bhatta]

Hi Federico,

I was so foolish that I was trying it in a stable release and was not able to find out the security option but as I moved to open distro it was right there.

Now, it perfectly and I was able to achieve the desired result. Thank You for your guidance and patience along the way.

Thank You,

Warm Regards,

Khem Raj Bhatta SIEM Engineer phone: +97714441540 mobile: 9829477950

Baluwatar, Kathmandu Nepal vairav.net

--
You received this message because you are subscribed to the Google Groups "Wazuh mailing list" group.
To unsubscribe from this group and stop receiving emails from it, send an email to wazuh+un...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/wazuh/5089c260-bf87-4740-be7a-f69481be9847n%40googlegroups.com.