Is there a way to restrict an index from the default search app?
We have to restrict firewall data coming in from one source into one index by the content in the logs (depending on the IP address). We have a search using lookup values that completes this but we need to ensure that the index is not available from the free form/default search app but the index information is available in specifically built applications.
Here our the requirements we have been given:
Firewall data coming in from one source into one index
Users should only be able to see a firewall log if they are the owner of an IP address in the log at the time the log was recorded
We created searches based on lookup values to show just those logs
We would still like the free form searches to be available but we need to restrict the firewall index so that users are not able to bypass the requirements above.
We can't restrict users to the index because they will need access to the information using our crafted searches.
I was hoping we could not allow searches to the firewall index from the default search app (or any other app) with the exception of our created apps with built searches.
You are able to set up a role that doesn't have access to that index. If you look at the default admin role it has access to everything. You can create a new role where you set the specific default index and what indexes that are searchable. Assign that role to users that shouldn't be able to search that index.
Thank you for the quick response. I've updated my question so our requirements we've been given are clearer. We can't restrict users to the index because they will need access to the information using our crafted searches.