Multi Tenancy

[Kbayero]

Describe the feature

📦 Feature: Support Multi Tenants

🧩 Overview

This feature introduces multi-tenancy support in the platform, available only for Enterprise instances. It includes the creation of a new UI section for managing tenants, integration with supported data sources, log tagging, agent installation customization, and centralized feature configuration.

---

✅ Feature Breakdown (Check Tasks)

1. Tenants Management UI (Enterprise only)

• [ ] Create new View section Tenants (same level as Integrations or DataSources)
• [ ] Only show Tenants section if instance is Enterprise
• [ ] Create backend model for Tenant with:
  • id (valid UUID)
  • tenantName
  • description
• [ ] Add CRUD UI to manage tenants (create/edit/delete)
• [ ] Secure all tenant-related endpoints and views to Enterprise instances only

---

2. Tenant Selection in Integrations

• [ ] In supported integrations (BDGZ, GCP, AWS, Azure, M365, Sophos Central), allow tenant selection when creating a Configuration Group
• [ ] Only show tenantID select input if:
  • Instance is Enterprise
  • At least one tenant is configured
• [ ] Make tenantID a required field if shown
• [ ] Hide the select completely for Open Source or if no tenant is configured
• [ ] Store selected tenantID in the Configuration Group
• [ ] Ensure plugins use tenantID when sending logs
• [ ] If no tenant is assigned, use a default tenantID

---

3. Alert View Enhancements

• [ ] Add ability to filter alerts by tenantName
• [ ] Add ability to filter alerts by dataSource

---

4. Agent Installation – Tenant Injection

• [ ] In agent installation guides (Linux, macOS, Windows), add a tenant selector if:
  • Instance is Enterprise
  • At least one tenant exists
• [ ] Inject selected tenantID in the installation command
• [ ] Agent uses that tenantID when sending logs
• [ ] If not specified, use default tenantID

---

5. DataSources View – Agent and Collector Tenant Assignment

• [ ] In DataSources panel, when opening an agent, show TenantName field as a dropdown
• [ ] Show dropdown only if:
  • Instance is Enterprise
  • Tenants are configured
• [ ] Allow user to change the agent's tenant
• [ ] On tenant change, send update to Agent Manager via RPC
• [ ] Agent Manager receives the request and sends it to the agent
• [ ] Agent receives updated tenant info and starts tagging logs with new tenantID
• [ ] Implement the same behavior for AS400 Collector

---

⚙️ Agent Feature Configuration

In the agent installation wizard, introduce a feature checklist:

6. Installation Features (CheckBoxes)

• [ ] Add the following checkboxes in the installation wizard (all checked by default):

  • [ ] Incident Response Capability (allow instance to run commands on agent)
  • [ ] Install Filebeat (for modules like nginx, postgres, etc.)
  • [ ] Allow Remote Configuration from the instance
  • [ ] Serve as Syslog Proxy (open ports to receive logs from switches/syslog sources)

• [ ] When unchecked, feature is not installed in the agent

• [ ] Agent reports installed features during registration to Agent Manager

• [ ] Backend syncs agent feature status from Agent Manager

---

7. Feature-based Integration Support

• [ ] When user attempts to configure integrations like nginx (Filebeat module):
  • [ ] Show list of agents with:
    • Install Filebeat enabled
    • Allow Remote Config enabled
• [ ] If no agent supports these features, display a note explaining:
  • Agent doesn't support remote configuration
  • User can enable the feature manually from the agent

Use Case

Users request a multi-tenancy feature

Proposed Solution

No response

Other Information

No response

Acknowledgements

• [ ] I may be able to implement this feature request
• [ ] This feature might incur a breaking change