Manage Teams

The following article exclusively pertains to a Graylog Enterprise feature or functionality. To learn more about obtaining an Enterprise license, please contact the Graylog Sales team.

Teams in Graylog let you easily assign permissions to multiple users who need the same access. You create teams with specific roles, then assign users to teams. Users in a team receive all the roles assigned to that team.

Graylog provides two methods for team management:

  • Integration with your organization’s authoritative identity source

  • Manual team management

For information about the identity sources Graylog can sync with as well as how to integrate these sources, see Single Sign-On.

This article explains how to create and manage teams in the Graylog web interface if you are not synchronizing with an identity source.

Prerequisites

Before proceeding, ensure that the following prerequisites are met:

  • You must be a Graylog administrator to create and manage teams.

Create Teams

In the Graylog web interface, you perform team management on the Teams Overview tab of the System > Users and Teams page. This page lists existing teams and allows you to view details about each team.

To create a new team:

  1. Click Create team.

  2. Enter a Name and Description in the Profile section to identify the team.

  3. Select users to assign to the team from the Assign Users drop-down menu. Assign multiple users by continuing to select users. Note that you can filter the list by typing in the field, which is useful when you have a large user list.

  4. Click Assign User. The users you selected are displayed in the Selected Users section.

  5. Select roles to assign to the team from the Assign Roles drop-down menu. Assign multiple roles by continuing to select roles. Note that you can filter the list by typing in the field. Selected roles are added automatically the to Selected Roles section.

  6. Click Create team.

The new team is added to the list on the Teams Overview page.

Edit Teams

To edit an existing team:

  1. Find the team in the list on the Teams Overview page, then click Edit in the Actions column. Note that you can use the search bar to filter the list, which is useful if you have many teams.

  2. Update the profile, assigned users, or assigned roles, as necessary. Note that you must save changes to each section independently of the others.

Hint: Teams created by integration with an organization’s identity source cannot be manually managed in Graylog. Specifically, you cannot add or remove members from the team within Graylog or set or change roles for the team. Any such changes must be managed in the original identity provider. When you establish your integration with your identity source, you can (and should) configure the roles the team brings with it. If you need to make changes, you need to update the integration. See Single Sign-On for more information.

Further Reading

Explore the following additional resources and recommended readings to expand your knowledge on related topics: