We've recently changed out our servers and when I use the searches against these new hosts using my user I am not getting the log results like I was with the old servers. We are definitely getting the log data but my user just can't access it. However, the admin user is getting the results. Furthermore any searches that are owned by my user do not get the results when they send out scheduled e-mail alerts, but the ones owned by the admin user do get results.
Is there a setting somewhere for these new hosts that I need to change?
Does your ordinary user role have the right to access the index where the events get stored?
Have a look under
manager -> access controls -> roles -> <your_user_role>
Near the bottom of the page are the two settings for "indexes searched by default" and "indexes".
There may also be "search restrictions" added for that user role, see the top of the page, just under "default application".
The interesting thing is whether there is a difference between what indexes the admin role and your ordinary user role has access to. If the access rights are the same, are the same indexes searched by default? Also, are there any search restrictions for your ordinary user role (usually there are no restrictions on placed on the admin role).
Hope this helps,
I tried that and found that my user does have the admin user role. I had a couple of other user roles as well and tried removing them, logging out and back in, and searching again but the results are the same.
In regards to your update, as I said before I had tried removing my additional user roles so that my user only has the admin user role. (which the actual admin user has)
you could look for any "Private" items owned by "admin" in the Manager GUI, perhaps under the "All Configurations" section.