All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Best strategy for user isolation?

Jason
Motivator
‎05-18-2010 07:05 PM

Is there a way to completely isolate a user, so that they can only see themselves as a user and only their host - no other hosts, users, or apps?

Can this be done in the Search app or would it have to be a custom app build, and if so would it have to be one per user?

Reply

Mick
Splunk Employee
Splunk Employee
‎05-18-2010 08:44 PM

It can't be easily done in the search app without significant modification, so that it would pretty much become a custom app anyway.

Splunk doesn't really cater for per-user settings and permissions, instead it's geared towards roles for groups of users. If every user has individual data requirements, and you need them to be strict enough so that users can only see their data and nothing else, then you'll likely end up with a role for each user, and an app for each role.

0 Karma
Reply

the_wolverine
Champion
‎05-18-2010 08:27 PM

Yes, this is possible with some planning.

By default, a non-Admin Splunk user will not be able to see other users.

You can configure a custom role that is only able to access a custom index which accepts only data for a certain host.

You can also prevent apps from being viewable by certain roles by setting App permissions in UI or by editing default.meta:

http://www.splunk.com/base/Documentation/latest/Developer/Step5SetPermissions

Reply
Get Updates on the Splunk Community!

Wondering How to Build Resiliency in the Cloud?

IT leaders are choosing Splunk Cloud as an ideal cloud transformation platform to drive business resilience,  ...

Updated Data Management and AWS GDI Inventory in Splunk Observability

We’re making some changes to Data Management and Infrastructure Inventory for AWS. The Data Management page, ...

Introducing the Splunk Community Dashboard Challenge!

Welcome to Splunk Community Dashboard Challenge! This is your chance to showcase your skills in creating ...