Collector Security / View Permissions

Question

Right now there seems to be little security around viewing the collectors installed in our account. If i create a "demo"&nbsp;user and give them access to a single host group and view only rights "View hosts and subgroups", then login as that user, i can still right click on a host, go to edit, click on the collector list and view every single collector on the account. These collector names often contain the computer name or customer name they belong to which means that my demo user can now see other customers names and collectors.

Ideally what i would like to see is a collector view or security settings. Maybe on the users screen there is a setting that says "Collector Permissions"&nbsp;and then you can set which collectors the user can see and use. So if i set them as a "View only"&nbsp;user they could see their collector only. If i set them as a "View and Manage"&nbsp;type user, they could view only their collector but also add their own hosts.

Whatever you can come up with in the short term to limit the collector views would be great. The two spots i noticed this most was when you right click on a host and chose edit, and when you use the wizard to add a host. From both spots, regardless of your users permission level you can see all collectors. This is not ideal for an MSP type environment when I would need logins for different customers or user groups.

Please email or call me if you need any clarification or a demo. Kwoodhouse@curvature.com, 805-690-3735

tom_lasswell · Answer

I want to second this. Were an MSP and have several clients in host groups, the exact same problem exists (especially if we want to give them manage rights to add devices) where all the collectors are present. I would say there needs to be a way to add security to a role for which collectors this role can access and also include a level where collectors are assigned to specific host groups.

thanh_rodke · Answer

I wish to second both of these options. I run a completely vertical MSP offering, where many of my customers are direct competitors with each other. Being able to see each other in the list is bad for business.rnI noticed that the Add Hosts, New Host (wizard) says access is disabled, but yet the Add Hosts, New Host (expert) opens just fine. This particular issue seems to be a security bug.

bruce_berger · Answer

Ill third it.

brian_dagan · Answer

Fourth... we've got a couple hundred Collectors in our instance, and we'd really like to give Customers the ability to add their own devices; however, seeing the list of Collectors (which are named on a per-Customer basis) is decidedly not cool, so we have to add devices through the Service Desk (which is time-consuming and unnecessary workload, if LogicMonitor would fix this Collector visibility scoping issue).

steve_francis · Answer

And with the February 2016 release - you can do this via Collector groups.

http://www.logicmonitor.com/release-notes/v-72-collector-groups-and-service-now-integration/

Forum Discussion

Collector Security / View Permissions

Related Content

Important Security Announcement

LogicMonitor Portal Security

vmWare vCenter Server - permissions

Issue with threshold permissions in new UI

"Enable Test Script" UIv4 security experiences?

Recent Discussions

Dashboard Sharing – An Inline Framing Method

2021-12-15 US Office Hours

Live Training - Tuning Datapoints and Alerts - 15th JUNE 2022 - APAC

Live Training - Introduction to Dashboards - 18th MAY 2022 - APAC

2022-05-11- APAC Product Overview -Collectors, Resources/Groups, Dashboards