Since you also asked this question internally and got an answer, why not propagate the answer here
In general, you can restrict the logs a given user sees in SmartView.
You cannot currently restrict read access to all policies in SmartConsole.
In order to apply a “hardcoded” filter which the user will not be able to edit (in order to restrict the ability to see logs not relevant), perform the following steps.
- Edit a file called users.xml which exists under $RTDIR/smartview/db/domains/XXXXX
- If you have several domains you can look at the file domain.txt under each domain folder in order to know the name of the domain
- In the users.xml file you’ll see <user> tags
- You can add a filter tag to the corresponding user tags which will be added to every query the user will send.
- An Example of a filter which will display only Application Control logs of a specific user:
- Restart SmartView by running the commands: