Alerting

How do you restrict the visibility of reports and alerts?

mnakhuda
New Member

I was wondering if there is a way to have ALL reports and alerts visible to only specified users? For example, I would like all my administrators to have access to any and every report/alert, but I do not want regular users to be able to view them at all (as if they don't even exist).

If someone can help that would be greatly appreciated.

Thanks in advance!

0 Karma
1 Solution

dkeck
Influencer

HI,

you just have to set up a role in Access Control, set up an app, share Alerts only with this app, and grand right to see the app for certain users by adding them to the role

See also https://docs.splunk.com/Documentation/Splunk/7.2.3/Alert/AlertPermissions

View solution in original post

dkeck
Influencer

HI,

you just have to set up a role in Access Control, set up an app, share Alerts only with this app, and grand right to see the app for certain users by adding them to the role

See also https://docs.splunk.com/Documentation/Splunk/7.2.3/Alert/AlertPermissions

dkeck
Influencer

HI did you try that?

0 Karma

mnakhuda
New Member

For this I assume I would need to go to each individual alert and manually share it?

0 Karma

dkeck
Influencer

That would be the way. There is no way to assign them new in a bulk.

0 Karma

mnakhuda
New Member

Thank you. There are hundreds of reports/alerts so it will take some time to implement.

0 Karma

dkeck
Influencer

If you could accept the answer that would be great 🙂

0 Karma
Get Updates on the Splunk Community!

Splunk Observability Cloud's AI Assistant in Action Series: Auditing Compliance and ...

This is the third post in the Splunk Observability Cloud’s AI Assistant in Action series that digs into how to ...

Splunk Community Badges!

  Hey everyone! Ready to earn some serious bragging rights in the community? Along with our existing badges ...

What You Read The Most: Splunk Lantern’s Most Popular Articles!

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...