cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Host Group settings

Mizső
DynaMight Guru
DynaMight Guru

Hi Folks,

I would like bind a policy to a user group to Allow the host group level log ingest and custom log source settings. This group has only MZ level change monitoring settings (whit this they have individual settings on host level eg. log ingest, but they not have host group settings :-().

What is the problem with this policy  

ALLOW settings:schemas:read WHERE settings:schemaId = "builtin:logmonitoring.log-storage-settings";
ALLOW settings:schemas:read WHERE settings:schemaId = "builtin:logmonitoring.custom-log-source-settings";
ALLOW settings:objects:read, settings:objects:write WHERE settings:entity.hostGroup = "HOST_GROUP-XXXXXXXX" AND settings:schemaId = "builtin:logmonitoring.log-storage-settings" AND settings:schemaId = "builtin:logmonitoring.custom-log-source-settings";

Thanks in advance.

Best regards,

Mizső

Dynatrace Community RockStar 2024, Certified Dynatrace Professional
2 REPLIES 2

dannemca
DynaMight Guru
DynaMight Guru

You mention they have MZ access, have you added the hostgroup (as an entity) to their MZ settings?

Site Reliability Engineer @ Kyndryl

Yeeep. I did not konw about this possibility. I have never added host group to MZ. I am going to try it with the clinet. In this case policy will not require...it would be more simple...Thanks for the tip. 😉

Dynatrace Community RockStar 2024, Certified Dynatrace Professional

Featured Posts