I want the ability to grant a user access to his forwarder inputs on the configure server, so that he can add Windows event Logs, Files & Directories, Windows Performance Monitoring, TCP, UDP, & Scripts to his forwarder. However, I want to limit it where he does not have access to any other of the forwarders. How can I achieve this?
If you are talking about the data visibility, then forward the data to different indexes and set the user permission only to his index.
About the forwarders, are you setting up multiple forwarders on same machine? If not, the access restrictions should be at machine level
No, not just visibility, but manageability. Within the Configure server. I want to grant admin privileges to only 1 index. So that the team can manage their own forwarder, but not have access to others on the system.
I'm sorry I didn't get that quite clear. If i understand correctly, you have a config server and you have multiple forwarders on that for different teams and you want to separate it so that each team handles their own inputs.
So do you have multiple forwarders on the config server or just one forwarders which forwards data from different inputs?