These docs are for Cribl Edge 4.9 and are no longer actively maintained.

See the latest version (4.13).

Members

Control access to Cribl products by inviting and managing Members.

Members work together with Teams and Permissions to enable fine-grained access control and authorization.

Availability

​

Member- and Permission-based access control is available on:

• On-prem Distributed deployments (Stream, Edge) with certain plan/license tiers.
• All Cribl.Cloud deployments, at the Organization level. (Cribl.Cloud with certain plan/license tiers also offers granular access control on products, Fleets, and lower-level resources.)

On on-prem Single-instance deployments, or Distributed deployments with other licenses, all users will have full Admin-level privileges.

Initial Permissions

​

When you first deploy Cribl Edge with the above prerequisites, you will be granted the Organization-level Admin Permission. Using this Permission, you can then assign additional Permissions to yourself and other Members.

Cross-Compatibility

​

Members and Permissions are available as the successors to Cribl’s original role-based access control (RBAC) model of Local Users and Roles/Policies. The earlier model is still supported across most of the Cribl product suite.

However, Cribl.Cloud invitations and Stream Projects have fully transitioned to the new model. For detailed differences between the two access control systems, see Which Access Method Should I Use?.

Known Issue

​

Existing Local Users display in Settings > Global > Members and Teams with the No Access Permission even if they’ve been assigned a higher Role. This is a display-only bug: These users’ original Roles still function as configured. For details and fix progress, please see Known Issues.

Organizations

​

The Members and Permissions model uses the concept of Organization as a container for the deployment of a whole suite of Cribl products (Stream, Edge, and Cloud-only Search and Lake).

In Cribl.Cloud, each account has one Organization. Use Workspaces for multi-tenancy within your Organization. Contact Cribl Support if you have a use case that requires more than one Organization.

To access the Organization-level Members as an Admin:

Invite Members

​

To invite new Members to your Organization:

Cribl.CloudOn-Prem Deployment

1. On the top bar, select Products, and then select Cribl.
2. In the sidebar, select Organization, and then select Members & Teams.
3. On the Members & Teams submenu, select Members.
4. Select Invite Member.

5. Enter the Email of the new user you want to invite.

6. Under Permissions, assign appropriate role on your Organization.

7. If you selected the User role, under Workspace Access, define access to specific Workspaces.

   Assigning the User role requires certain plan/license tiers. For details, see Pricing.

8. If you selected the Member Permission for any Workspace, additionally select product-level permissions for that Workspace.

9. Select Send Invite to send the invitation.

1. In the sidebar, select Settings, and then select Global.
2. Under Access Management submenu, select Members and Teams.
3. Select Add Member.

4. Enter the new Member’s information, email, and password.
5. Under Workspace permission, select the permission you want to grant to the new Member for the whole Organization.
6. If you chose the User permission, configure access for each Cribl product separately. An Admin permission automatically grants admin access to all products.
7. When finished, select Save.

Responding to Invites

​

When you send an invite from a Cribl.Cloud deployment, the new Member receives an email with an Accept Invitation link to either sign into their existing Cribl.Cloud account, or sign up to create an account and its credentials.

After a Member signs in, they’ll have access to your Organization and Cribl Edge instance at the Permission level you’ve specified.

Manage Cribl.Cloud Invites

​

While an invite is pending, the Members & Teams page offers you these options in the Action column to deal with commonly encountered issues:

• Resend Invite: If your invited Member didn’t receive your invitation email, you can select this button to resend it.
• Copy Invite Link: If emails aren’t getting through at all, select this button to copy and share a URL that will take the invitee directly to the signup page. This target page encapsulates the same identity, Organization, and Permission you specified in the original email invite.
• Revoke Invite: This is for scenarios where you need to revoke a pending invite. (You sent someone a duplicate invite, your invitee is spending too much time in space to be a productive collaborator, etc.) After selecting this button, you’ll see a confirmation dialog.

An invite expires after seven days if it has been neither accepted nor revoked. It must then be resent.

Remove Members

​

To remove a Member from your Organization:

Removing SSO Members

​

If your Cribl.Cloud Organization is using SSO integration, the IDP (identity provider) admin manages Members in the IDP system. When you remove such a Member from the IDP, they will still be left in the Members list in the UI.

After removing the Member from the IDP, you also need to manually delete them from the Members list in the Cribl.Cloud Portal to completely remove them from the UI.

Members and Local Users

​

In on-prem deployments, Members and Local Users are interchangeable: Members can be reconfigured using legacy Roles instead of Permissions, and anyone you add to Local Users will also show in Members.