Alerting
×
Are you a member of the Splunk Community?
Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
- Find Answers
- :
- Using Splunk
- :
- Other Using Splunk
- :
- Alerting
- :
- How do you restrict the visibility of reports and ...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
mnakhuda
New Member
01-23-2019
07:28 AM
I was wondering if there is a way to have ALL reports and alerts visible to only specified users? For example, I would like all my administrators to have access to any and every report/alert, but I do not want regular users to be able to view them at all (as if they don't even exist).
If someone can help that would be greatly appreciated.
Thanks in advance!
1 Solution
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
dkeck
Influencer
01-23-2019
08:53 AM
HI,
you just have to set up a role in Access Control, set up an app, share Alerts only with this app, and grand right to see the app for certain users by adding them to the role
See also https://docs.splunk.com/Documentation/Splunk/7.2.3/Alert/AlertPermissions
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
dkeck
Influencer
01-23-2019
08:53 AM
HI,
you just have to set up a role in Access Control, set up an app, share Alerts only with this app, and grand right to see the app for certain users by adding them to the role
See also https://docs.splunk.com/Documentation/Splunk/7.2.3/Alert/AlertPermissions
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
dkeck
Influencer
01-23-2019
11:46 PM
HI did you try that?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
mnakhuda
New Member
01-24-2019
01:04 PM
For this I assume I would need to go to each individual alert and manually share it?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
dkeck
Influencer
01-24-2019
01:11 PM
That would be the way. There is no way to assign them new in a bulk.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
mnakhuda
New Member
01-24-2019
01:19 PM
Thank you. There are hundreds of reports/alerts so it will take some time to implement.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
dkeck
Influencer
01-24-2019
01:23 PM
If you could accept the answer that would be great 🙂
Get Updates on the Splunk Community!
Splunk Observability Cloud's AI Assistant in Action Series: Auditing Compliance and ...
This is the third post in the Splunk Observability Cloud’s AI Assistant in Action series that digs into how to ...
Splunk Community Badges!
Hey everyone! Ready to earn some serious bragging rights in the community? Along with our existing badges ...
What You Read The Most: Splunk Lantern’s Most Popular Articles!
Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...
