<?xml version="1.0" encoding="UTF-8"?>
<rss xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:taxo="http://purl.org/rss/1.0/modules/taxonomy/" version="2.0">
  <channel>
    <title>topic Re: NMON ADDON: permissions in Getting Data In</title>
    <link>https://community.splunk.com/t5/Getting-Data-In/NMON-ADDON-permissions/m-p/612075#M105950</link>
    <description>&lt;P&gt;&lt;span class="lia-unicode-emoji" title=":thinking_face:"&gt;🤔&lt;/span&gt;&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;... i'm using only 1 index for NMON,&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;LI-CODE lang="markup"&gt;index=*nmon* | dedup index | table index
nmon&lt;/LI-CODE&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;&lt;span class="lia-unicode-emoji" title=":thinking_face:"&gt;🤔&lt;/span&gt;&lt;span class="lia-unicode-emoji" title=":thinking_face:"&gt;🤔&lt;/span&gt;&lt;span class="lia-unicode-emoji" title=":thinking_face:"&gt;🤔&lt;/span&gt;&lt;/P&gt;</description>
    <pubDate>Tue, 06 Sep 2022 11:16:02 GMT</pubDate>
    <dc:creator>verbal_666</dc:creator>
    <dc:date>2022-09-06T11:16:02Z</dc:date>
    <item>
      <title>NMON ADDON: permissions</title>
      <link>https://community.splunk.com/t5/Getting-Data-In/NMON-ADDON-permissions/m-p/612051#M105943</link>
      <description>&lt;P&gt;Hi there.&lt;BR /&gt;As in subject, how to make NMON aggregated data available NOT ONLY TO ADMIN users?&lt;BR /&gt;I can query alla data from NMON since i'm admin in System, but i would like to make some metrics available to public normal users Dashboards, all query from normal users returns no data... how to? I tried to give read grant to ALL in all nmon eventtypes, but with no success. Should i have to edit ALL NMON objects??? &lt;span class="lia-unicode-emoji" title=":crying_face:"&gt;😢&lt;/span&gt;&lt;span class="lia-unicode-emoji" title=":crying_face:"&gt;😢&lt;/span&gt;&lt;span class="lia-unicode-emoji" title=":crying_face:"&gt;😢&lt;/span&gt;&lt;BR /&gt;Thanks &lt;span class="lia-unicode-emoji" title=":thumbs_up:"&gt;👍&lt;/span&gt;&lt;/P&gt;</description>
      <pubDate>Tue, 06 Sep 2022 08:42:59 GMT</pubDate>
      <guid>https://community.splunk.com/t5/Getting-Data-In/NMON-ADDON-permissions/m-p/612051#M105943</guid>
      <dc:creator>verbal_666</dc:creator>
      <dc:date>2022-09-06T08:42:59Z</dc:date>
    </item>
    <item>
      <title>Re: NMON ADDON: permissions</title>
      <link>https://community.splunk.com/t5/Getting-Data-In/NMON-ADDON-permissions/m-p/612071#M105946</link>
      <description>&lt;P&gt;You need to add the nmon indexes to your user roles, or create a new role for the nmon users.&lt;/P&gt;&lt;P&gt;Go to: Settings &amp;gt; roles &amp;gt; "your user role" &amp;gt; Indexes tab &amp;gt; "select indexes"&lt;/P&gt;&lt;P&gt;You should see the following indexes for the nmon data:&lt;BR /&gt;os-unix-nmon-config&lt;/P&gt;&lt;P&gt;os-unix-nmon-events&lt;/P&gt;&lt;P&gt;os-unix-nomon-internal&lt;/P&gt;&lt;P&gt;os-unix-nmon-metircs&lt;/P&gt;</description>
      <pubDate>Tue, 06 Sep 2022 11:02:34 GMT</pubDate>
      <guid>https://community.splunk.com/t5/Getting-Data-In/NMON-ADDON-permissions/m-p/612071#M105946</guid>
      <dc:creator>matt8679</dc:creator>
      <dc:date>2022-09-06T11:02:34Z</dc:date>
    </item>
    <item>
      <title>Re: NMON ADDON: permissions</title>
      <link>https://community.splunk.com/t5/Getting-Data-In/NMON-ADDON-permissions/m-p/612075#M105950</link>
      <description>&lt;P&gt;&lt;span class="lia-unicode-emoji" title=":thinking_face:"&gt;🤔&lt;/span&gt;&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;... i'm using only 1 index for NMON,&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;LI-CODE lang="markup"&gt;index=*nmon* | dedup index | table index
nmon&lt;/LI-CODE&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;&lt;span class="lia-unicode-emoji" title=":thinking_face:"&gt;🤔&lt;/span&gt;&lt;span class="lia-unicode-emoji" title=":thinking_face:"&gt;🤔&lt;/span&gt;&lt;span class="lia-unicode-emoji" title=":thinking_face:"&gt;🤔&lt;/span&gt;&lt;/P&gt;</description>
      <pubDate>Tue, 06 Sep 2022 11:16:02 GMT</pubDate>
      <guid>https://community.splunk.com/t5/Getting-Data-In/NMON-ADDON-permissions/m-p/612075#M105950</guid>
      <dc:creator>verbal_666</dc:creator>
      <dc:date>2022-09-06T11:16:02Z</dc:date>
    </item>
    <item>
      <title>Re: NMON ADDON: permissions</title>
      <link>https://community.splunk.com/t5/Getting-Data-In/NMON-ADDON-permissions/m-p/612077#M105951</link>
      <description>&lt;P&gt;Okay,&amp;nbsp; just add the nmon index to your user role that needs access.&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;</description>
      <pubDate>Tue, 06 Sep 2022 11:22:58 GMT</pubDate>
      <guid>https://community.splunk.com/t5/Getting-Data-In/NMON-ADDON-permissions/m-p/612077#M105951</guid>
      <dc:creator>matt8679</dc:creator>
      <dc:date>2022-09-06T11:22:58Z</dc:date>
    </item>
    <item>
      <title>Re: NMON ADDON: permissions</title>
      <link>https://community.splunk.com/t5/Getting-Data-In/NMON-ADDON-permissions/m-p/612084#M105954</link>
      <description>&lt;P&gt;Role still has "nmon" index access... i can query "nmon", but can't get all eventtypes and metrics... i think the first install of NMON ADDON gave all nmon objects only "admin" rights... &lt;span class="lia-unicode-emoji" title=":face_with_rolling_eyes:"&gt;🙄&lt;/span&gt; ... maybe i can see inside metadata path and correct all the "access =" parameter &lt;span class="lia-unicode-emoji" title=":pensive_face:"&gt;😔&lt;/span&gt;&lt;/P&gt;</description>
      <pubDate>Tue, 06 Sep 2022 11:38:33 GMT</pubDate>
      <guid>https://community.splunk.com/t5/Getting-Data-In/NMON-ADDON-permissions/m-p/612084#M105954</guid>
      <dc:creator>verbal_666</dc:creator>
      <dc:date>2022-09-06T11:38:33Z</dc:date>
    </item>
    <item>
      <title>Re: NMON ADDON: permissions</title>
      <link>https://community.splunk.com/t5/Getting-Data-In/NMON-ADDON-permissions/m-p/612087#M105955</link>
      <description>&lt;P&gt;Another method is to schedule an admin alert and log the data inside a public access index or a metric index, and then get nmon data from there, where "user role" can query... but i then need to extract all nmon data in field, since the original ones are only admin&amp;nbsp;&lt;span class="lia-unicode-emoji" title=":persevering_face:"&gt;😣&lt;/span&gt;&lt;/P&gt;</description>
      <pubDate>Tue, 06 Sep 2022 11:41:32 GMT</pubDate>
      <guid>https://community.splunk.com/t5/Getting-Data-In/NMON-ADDON-permissions/m-p/612087#M105955</guid>
      <dc:creator>verbal_666</dc:creator>
      <dc:date>2022-09-06T11:41:32Z</dc:date>
    </item>
    <item>
      <title>Re: NMON ADDON: permissions</title>
      <link>https://community.splunk.com/t5/Getting-Data-In/NMON-ADDON-permissions/m-p/612089#M105956</link>
      <description>&lt;P&gt;I see... you need to make the nmon app global or accessible to those users&lt;/P&gt;&lt;P&gt;Click apps &amp;gt; Manage apps &amp;gt; NMON app &amp;gt; Permissions Read/Wright all&lt;/P&gt;&lt;P&gt;Make app accessible to users.&lt;/P&gt;&lt;P&gt;Are your users able to access the NMON app? If you don't want the app global, the users will only have the knowledge objects available within the NMON app.&lt;/P&gt;</description>
      <pubDate>Tue, 06 Sep 2022 11:57:30 GMT</pubDate>
      <guid>https://community.splunk.com/t5/Getting-Data-In/NMON-ADDON-permissions/m-p/612089#M105956</guid>
      <dc:creator>matt8679</dc:creator>
      <dc:date>2022-09-06T11:57:30Z</dc:date>
    </item>
    <item>
      <title>Re: NMON ADDON: permissions</title>
      <link>https://community.splunk.com/t5/Getting-Data-In/NMON-ADDON-permissions/m-p/612095#M105957</link>
      <description>&lt;P&gt;Still have read for all users for the App.&lt;/P&gt;&lt;P&gt;I solved the issue with metadata editing.&lt;BR /&gt;For some reason i got a&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;LI-CODE lang="markup"&gt;[]
owner = admin
access = read : [ admin ], write : [ admin ]&lt;/LI-CODE&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;And many other objects with same grants.&lt;/P&gt;&lt;P&gt;I simply deleted all the single grants for single objects and gave full general access with,&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;LI-CODE lang="markup"&gt;[]
owner = admin
access = read : [ * ], write : [ admin ]&lt;/LI-CODE&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;Restarted all Splunk SearchHead&amp;nbsp;daemons (clustered) and things now are OK!!! I can query with User.Role and get all fields extracted by NMON conf &lt;span class="lia-unicode-emoji" title=":smiling_face_with_halo:"&gt;😇&lt;/span&gt;&lt;/P&gt;</description>
      <pubDate>Tue, 06 Sep 2022 12:14:41 GMT</pubDate>
      <guid>https://community.splunk.com/t5/Getting-Data-In/NMON-ADDON-permissions/m-p/612095#M105957</guid>
      <dc:creator>verbal_666</dc:creator>
      <dc:date>2022-09-06T12:14:41Z</dc:date>
    </item>
  </channel>
</rss>

