Controlling access to the log data
As an administrator, leverage BMC Helix Log Analytics to restrict user access to specific data by using data-level access control.
The following video (2:00) provides an overview of data-level access control.
Log events are generated in BMC Helix Operations Management when the collection and alert policies are aligned. Assigning the same user group to both policies ensures consistent data handling and accurate correlation between logs and alerts for efficient event management.
- Collection policy: Determines which logs are gathered from your applications.
- Alert policy: Defines the conditions that trigger alerts based on the collected log data.
Benefits of using data-level access control
You can enhance security by ensuring that policies and data are accessible only to authorized users and user groups.
Scenario: Apex Global achieves data security
Tina is a tenant administrator at Apex Global. The company uses BMC Helix Log Analytics to collect and analyze logs. Apex Global has implemented data-level access control to manage access to the data based on user groups.
Tina has created the following policies:
- Collection policy 1
- Collection policy 2
- Alert policy 1
- Alert policy 2
Let's see how data-level access control works for Jane and Otto, two operators at Apex Global.
Jane: Service operator
Jane is a member of the Service operators user group, which is linked to Collection policy 1 and Alert policy 1 in BMC Helix Log Analytics.
When Collection Policy 1 runs, logs are generated in BMC Helix Log Analytics. You can see the logs on the Explorer page.
When Alert Policy 1 runs, log events are generated in BMC Helix Operations Management. You can see the events on the Events page.
Otto: IT operator
Otto is a member of the IT operators user group, which is linked to Collection policy 1 and Alert policy 2 in BMC Helix Log Analytics.
When Collection Policy 1 runs, logs are generated in BMC Helix Log Analytics. You can see the logs on the Explorer page.
When Alert Policy 2 runs, log events are not generated in BMC Helix Operations Management, because the IT operators user group is not linked with Collection Policy 2.
Workflow for implementing data security
The following table provides information about the steps involved in implementing data-level access for logs:
Task | Role | Action | Reference |
|---|---|---|---|
1 | Administrator | Configure a collection policy with an assigned user group. | |
2 | Administrator | Configure an alert policy with an assigned user group. |
Results
Log events are generated in BMC Helix Operations Management if you select the same user group in the collection and alert policies.