Alerting

How do you restrict the visibility of reports and alerts?

mnakhuda
New Member

I was wondering if there is a way to have ALL reports and alerts visible to only specified users? For example, I would like all my administrators to have access to any and every report/alert, but I do not want regular users to be able to view them at all (as if they don't even exist).

If someone can help that would be greatly appreciated.

Thanks in advance!

0 Karma
1 Solution

dkeck
Influencer

HI,

you just have to set up a role in Access Control, set up an app, share Alerts only with this app, and grand right to see the app for certain users by adding them to the role

See also https://docs.splunk.com/Documentation/Splunk/7.2.3/Alert/AlertPermissions

View solution in original post

dkeck
Influencer

HI,

you just have to set up a role in Access Control, set up an app, share Alerts only with this app, and grand right to see the app for certain users by adding them to the role

See also https://docs.splunk.com/Documentation/Splunk/7.2.3/Alert/AlertPermissions

dkeck
Influencer

HI did you try that?

0 Karma

mnakhuda
New Member

For this I assume I would need to go to each individual alert and manually share it?

0 Karma

dkeck
Influencer

That would be the way. There is no way to assign them new in a bulk.

0 Karma

mnakhuda
New Member

Thank you. There are hundreds of reports/alerts so it will take some time to implement.

0 Karma

dkeck
Influencer

If you could accept the answer that would be great 🙂

0 Karma
Get Updates on the Splunk Community!

Splunk Training for All: Meet Aspiring Cybersecurity Analyst, Marc Alicea

Splunk Education believes in the value of training and certification in today’s rapidly-changing data-driven ...

Investigate Security and Threat Detection with VirusTotal and Splunk Integration

As security threats and their complexities surge, security analysts deal with increased challenges and ...

Observability Highlights | January 2023 Newsletter

 January 2023New Product Releases Splunk Network Explorer for Infrastructure MonitoringSplunk unveils Network ...