https://community.splunk.com/t5/Security/Readonly-access-to-view-access-controls/m-p/27071#M904 <P>Hi,</P> <P>The IT security guy here wants to review the splunk roles/users. I there any way by which I can give him access to Access Controls without giving the admin role.</P> <P>Thanks</P> Wed, 07 Aug 2013 02:48:52 GMT saad_siddiqi 2013-08-07T02:48:52Z https://community.splunk.com/t5/Security/Readonly-access-to-view-access-controls/m-p/27071#M904 <P>Hi,</P> <P>The IT security guy here wants to review the splunk roles/users. I there any way by which I can give him access to Access Controls without giving the admin role.</P> <P>Thanks</P> Wed, 07 Aug 2013 02:48:52 GMT https://community.splunk.com/t5/Security/Readonly-access-to-view-access-controls/m-p/27071#M904 saad_siddiqi 2013-08-07T02:48:52Z https://community.splunk.com/t5/Security/Readonly-access-to-view-access-controls/m-p/27072#M905 <P>You could simply use "splunk cmd btool authorize.conf list" and give him the output of that, which will show the role definitions.</P> Wed, 07 Aug 2013 05:28:53 GMT https://community.splunk.com/t5/Security/Readonly-access-to-view-access-controls/m-p/27072#M905 gkanapathy 2013-08-07T05:28:53Z https://community.splunk.com/t5/Security/Readonly-access-to-view-access-controls/m-p/27073#M906 <P>For a self-service solution, maybe giving him read access to <A href="http://splunk-base.splunk.com/apps/29008/sos-splunk-on-splunk">Splunk on Splunk</A> would work; its Configuration File Viewer feature is great and it would allow him to see config files for search peers as well.</P> <P>However, it's not clear whether some of the scripts in S.o.S might expose some undesirable functions; maybe someone from Splunk can comment on how safe it is to present S.o.S to non-admin users. On my installs it defaulted to "Everyone" read/write; I later changed that, but hopefully it is safe by default.</P> Thu, 08 Aug 2013 03:13:10 GMT https://community.splunk.com/t5/Security/Readonly-access-to-view-access-controls/m-p/27073#M906 jtacy 2013-08-08T03:13:10Z