All Apps and Add-ons
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

How to allow users other than the admin to search the default "os" index for Splunk App for Unix and Linux?

soleblazer
Engager
‎11-04-2014 01:24 PM

Hello.

I created a dashboard using some of the data from the Splunk App for Unix. Its in the default index called "os."

I notice that only the admin user of splunk can query info out of that index. Is there something I need to do to allow other users to do that? The issue I have is when I shared the dashboards, nobody can see the data within the panels except the admin user.

0 Karma
Reply

martin_mueller
SplunkTrust
SplunkTrust
‎11-04-2014 02:22 PM

You can give users read permission to an index by editing their role (Settings -> Authentication -> Roles). There's two settings, indexes searched by default (what happens when you don't specify index=foo) and indexes searchable.

Out of the box all users can search all non-internal indexes, so they should already be able to search with index=os - if not, add that index to their indexes searchable setting.

0 Karma
Reply
Get Updates on the Splunk Community!

Unlock Database Monitoring with Splunk Observability Cloud

  In today’s fast-paced digital landscape, even minor database slowdowns can disrupt user experiences and ...

Purpose in Action: How Splunk Is Helping Power an Inclusive Future for All

At Cisco, purpose isn’t a tagline—it’s a commitment. Cisco’s FY25 Purpose Report outlines how the company is ...

[Upcoming Webinar] Demo Day: Transforming IT Operations with Splunk

Join us for a live Demo Day at the Cisco Store on January 21st 10:00am - 11:00am PST In the fast-paced world ...