cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Policy DQL read SQL extension logs

AntonPineiro
DynaMight Guru
DynaMight Guru

Hi,

We would like to create a policy to execute DQL queries only to read SQL extension logs.

Do you know which IAM policies are required to limit query only to those logs?

This is not working:

 

ALLOW storage:buckets:read WHERE storage:bucket-name = "dt_system_events";
ALLOW storage:system:read WHERE storage:event.provider = "com.dynatrace.extension.sql-server";

 

Thank you!

Best regards

❤️ Emacs ❤️ Vim ❤️ Bash ❤️ Perl
1 REPLY 1

p_devulapalli
Champion

Hi @AntonPineiro , can you please try changing your second policy statement as below and see if that helps?

 

ALLOW storage:buckets:read WHERE storage:bucket-name = "dt_system_events";
ALLOW storage:logs:read WHERE storage:log.source = "com.dynatrace.extension.sql-server";

 

Phani Devulapalli

Featured Posts