All Apps and Add-ons
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

How to allow non-root user to check the search head cluster status?

vin02
Path Finder
‎08-13-2017 10:47 AM

There is a requirement to allow non-root user to query the cluster status by executing clustat command. But the non-root users are not allowed to execute this command. How to implement the same?

0 Karma
Reply

koshyk
Super Champion
‎08-13-2017 11:24 AM

What we have done is , on the cluster Master (or server which holds the DMC or Monitoring Console), we have copied the searches and created a new app with such dashboards which are meant for users.

So in step by step
- create an App MY_stats_app
- Put dashboards, searches, useful things into this app
- Create role for such users who need to access this app (eg MY_ROLE_stats)
- Allow access to this app ONLY for the role

This will make your administration/management very flexible and can allow team-leads/groups/users to access this specific app with centralised management (whereby SH cluster status is just one dashboard or panel)

0 Karma
Reply

vin02
Path Finder
‎08-13-2017 08:46 PM

I have created one non root user 'splunk'. What will be the command to check the search head cluster status using splunk user?

0 Karma
Reply

koshyk
Super Champion
‎08-15-2017 06:22 AM

the above steps are in Splunk UI. So please log to UI and do the Monitoring Console steps

0 Karma
Reply
Get Updates on the Splunk Community!

September Community Champions: A Shoutout to Our Contributors!

As we close the books on another fantastic month, we want to take a moment to celebrate the people who are the ...

Splunk Decoded: Service Maps vs Service Analyzer Tree View vs Flow Maps

It’s Monday morning, and your phone is buzzing with alert escalations – your customer-facing portal is running ...

What’s New in Splunk Observability – September 2025

What's NewWe are excited to announce the latest enhancements to Splunk Observability, designed to help ITOps ...