In a large enterprise scenario, what's the most efficient way to achieve the goal that each manager can only search bluecoat records of his/her subsidiaries?
Thanks, but that article is talking about controlling user's access to apps. The access control problem I am facing is to limit users to only be able to check their subsidiaries' browsing activities within the bluecoat app.
You might want to check this example:
http://docs.splunk.com/Documentation/Splunk/latest/Developer/DefaultApp