http://docs.graylog.org/en/latest/pages/users_and_roles/permission_system.html
This will create a power user role that has permissions to do searches and create/edit dashboards (it's not necessary to include permissions already in the Reader role because Graylog will by default assign that role to all users):
curl -v -XPOST -u 'ADMIN:PASSWORD' -H 'Content-Type: application/json' 'http://graylog.example.org:9000/api/roles' -d '{"name":"Power user","description":"Dashboard and search permissions","permissions":["dashboards:create","dashboards:edit:*","dashboards:read:*","searches:absolute","searches:keyword","searches:relative"],"read_only":false}'
(Replace ADMIN, PASSWORD, and the URL as appropriate)
Here's the un-minified JSON for the Power user role:
{
"name": "Power user",
"description": "Dashboard and search permissions",
"permissions": [
"dashboards:create",
"dashboards:edit:*",
"dashboards:read:*",
"searches:absolute",
"searches:keyword",
"searches:relative"
],
"read_only": false
}
And here's the Reader role for comparison (retrieved using curl -XGET -u 'ADMIN:PASSWORD' 'http://graylog.example.org:9000/api/roles/Reader?pretty=true'
):
{
"name": "Reader",
"description": "Grants basic permissions for every Graylog user (built-in)",
"permissions": [
"buffers:read",
"clusterconfigentry:read",
"decorators:read",
"fieldnames:read",
"indexercluster:read",
"inputs:read",
"journal:read",
"jvmstats:read",
"messagecount:read",
"messages:analyze",
"messages:read",
"metrics:read",
"savedsearches:create",
"savedsearches:edit",
"savedsearches:read",
"system:read",
"throughput:read"
],
"read_only": true
}