Hi Beau,
The documentation regarding NWA can be found here:
https://help.sap.com/saphelp_nwce10/helpdata/en/45/2bdafff14003c3e10000000a1553f6/content.htm
And I quote:
"For authorization, the SAP NetWeaver Administrator uses the User Management Engine (UME) and the Java Management Extension™ (JMX) security features. The following security roles are defined from an authorization point of view:
● NWA_READONLY
● NWA_SUPERADMIN
The roles include the permissions that enable/disable certain elements in the UI, as well as permissions to access the data in the managed system. The read-only role does not allow making any changes in the managed system such as starting/stopping, changing the configuration and so on, whereas the other role allows full control."
For your purpose, just assign the NWA_READONLY Role to the user and he will have read-only access to
<portal>/nwa/logs.
Best regards,
Etay