Manage Users

Each person that accesses your Graylog environment needs to have a user account created with authentication credentials and assigned roles. Graylog provides two methods for user management:

  • Integration with your organization’s authoritative identity source

  • Manual user management

For information about integrating identity sources with Graylog, see Single Sign-On.

This article explains how to manually create and manage users in the Graylog web interface.

Prerequisites

Before proceeding, ensure that the following prerequisites are met:

  • You must be a Graylog administrator to create and manage users.

Hint: Non-Admin users can view and update their own profile but cannot create or update other users or view the Users and Teams page.

Create Users

In the Graylog web interface, you perform user management on the Users Overview tab of the System > Users and Teams page. This page lists existing users and allows you to view details about each user.

To create a new user:

  1. Click Create user.

  2. Enter the user profile:

    First name

    Enter the user's first name

    Last name

    Enter the user's last name
    Username

    Select a unique username for the user to log in with. As a best practice, establish a consistent naming practice for usernames.

    E-Mail Address

    Enter the user’s email address.

  3. Enter or adjust the user settings:

    Session Timeout

    Set the length of time before a user is logged out due to inactivity, or select the check box to prevent the user’s session from timing out.

    Time Zone

    Choose the local time zone for the user.

    Service Account

    Select this check box only if you want a service account. These accounts cannot access the web interface and are limited to API access. Service accounts are typically used to run automations or back end processes.

  4. Assign roles the user needs. Note that the Reader role is selected by default. The Reader role contains the basic permissions a user needs to access entities within the Graylog web interface. See Permission Management for complete information about roles and permissions in Graylog.

  5. Set the user’s initial password. Follow your organization’s security guidelines for establishing and changing passwords. Graylog recommends using only strong passwords.

  6. Click Create user.

The new user is added to the list on the Users Overview page.

Edit User Details

To edit an existing user:

  1. Find the user in the list, then click Edit in the Actions column. Note that you can use the search bar to filter the list, which is useful when you have many pages of users.

    Hint: The Edit User detail page has six sections, and you can update and save each separately. While some settings are the same as for new user creation, you can also set some options here that are not available for new users.

  2. Update the Profile.

    The information in this section is the same as for new user creation. Note that you cannot change the username. Click Update Profile if you make any changes in this section.

  3. Update the Settings.

    The information in this section is generally the same as for new user creation, but you can also set a Start page by selecting available entities from the drop-down menus. Note that a user must have permission for the entity type and the entity must be shared with them for it to appear in the menus. Click Update Settings if you make any changes in this section.

  4. Update the Password.

    An Admin user can change a user’s password without knowing the user’s current password. For instance, you could use this process if a user forgets their password. A non-Admin user can change their own password by first entering their current password, then entering a new password. Click Change Password to complete the change.

  5. Update Preferences.

    This section allows you to control certain behaviors of the Graylog web interface:

    • Search auto-completion: Provides auto-complete suggestions as you type in the search bar.

    • Search sidebar: Pins the search sidebar open on the Search page.

    • Dashboard sidebar: Pins the dashboard sidebar open on dashboards.

    • Theme mode: This section is informational, showing whether you have light mode or dark mode set for the web interface. To set the mode, use the toggle in the user drop-down menu at the upper-right side of the screen.

  6. Update the user Roles.

    Use this section to add or remove roles. Remember that at minimum every user must have the Reader role. See Permission Management for more information about roles.

  7. Update Team assignment.

    Assign the user to teams or remove current team assignments. Use Quick Create Team to create a new team and assign the user to it. Note that this option allows you only to enter a name and description for the team. To assign roles through the team, you must edit the team on the Teams Overview page. For more information, see Manage Teams.

    Hint: The Teams feature requires a Graylog Enterprise license. Contact the Graylog Sales team to learn more.

Further Reading

Explore the following additional resources and recommended readings to expand your knowledge on related topics: