Skip to main content

I have assigned admin permission to one of my team member and Still he is getting permission issue

  • July 19, 2023
  • 4 replies
  • 29 views
spawar_apex
Forum|alt.badge.img+4

Hello Secopians, I have a question, I have assigned a Chronicle Service admin permission to one of my team member. Still he is getting this permission issue
Missing permissions:
chroniclesm.gcpLogFlowFilters.get
I'm sure that this permission isn't somewhere in GCP IAM roles & attached permissions. Can someone help me understand where is this coming from? is this something that need to be manage for chronicle SecOps tenant side for our org env?

OR Does it require Org admin permission to Manage it?

Any assistance would be greatly appreciated.

    4 replies

    spawar_apex
    Forum|alt.badge.img+4
    • spawar_apexBronze 2
    • Author
    • Bronze 2
    • July 19, 2023

    After troubleshooting, found that this is the permission that was missing from the Chronicle Service Admin role policy. We have to custom add it by creating custom role from Chronicle service admin. No where in the documentation, it is mentioned about the chronicle log filters permissions.

    S
    Staff
    Forum|alt.badge.img+12
    • shakedtal
    • Staff
    • July 31, 2023

    Hi @spawar_apex thank you for the feedback, I have forwarded it to the team.

    A
    Staff
    Forum|alt.badge.img+3
    • adam9
    • Staff
    • July 31, 2023

    Opened bug 291561756 to investigate this issue. Thanks for letting us know!

    spawar_apex
    Forum|alt.badge.img+4
    • spawar_apexBronze 2
    • Author
    • Bronze 2
    • July 31, 2023

    Thanks @shakedtal & @adam9 for your quick response & taking action to remediate.

    Terms & ConditionsCookie settingsAccessibility statement
    Privacy Policy Terms of Service Gen AI Policy Community Guidelines Cookie Settings

    © 2025 Google. All rights reserved.