Dashboards & Visualizations

How to hide or grey out Clone option under Edit on Splunk dashboard?

Path Finder

Hi :

I have provided only read permissions for users on a dashboard, yet they are able to see the contents of the edit option. I would like to grey that out for these users.

Could you provide what needs to be done, to hide out the edit option from dashboards.

Thanks,
Mohammed

Builder

I know it is an old question but still posting the answer in case someone searching for similar solution:

Create a panel at the end of your dashboard. This will hide the button containing "Clone" option:

  <row>
    <panel depends="$hidden$">
      <html>
        <style>


      .edit-other {
          visibility: hidden !important;
      }

    </style>
  </html>
    </panel>
</row>

Add this if you want to get rid of the menu bars as well.

  .view---pages-enterprise---7-0-5-3---1zrJY {
    visibility: hidden !important;
  }

Path Finder

Hi,
make sure that:

  1. choose the dashboard that you want to give permissions.
  2. click on "edit" choose "edit Permission".
  3. choose now the application, you can have Owner, app and All apps but app and All apps are concerned.
  4. now choose User that you want to give roles.
  5. click only "read" permissions
  6. and save
  7. now restart your Splunk with this user. Make sure that, he can't edit and delete this dashbord, but just read it

SplunkTrust
SplunkTrust

Yeah but he can still clone it and modify the searches in the clone thus missing the point... Hiding the edit button is only useful if you don't want the users to access the query.

0 Karma

Splunk Employee
Splunk Employee

In Splunk 6.2, you have the option to disable edit controls at the page level. Unfortunately, this applies to all users that access the dashboard (admin, power, and user alike).

You would need to edit your dashboard xml as follows:

<form hideEdit="true">
....
</form>

New Member

While this does indeed disable the ability to edit the form, it also removes the Print and Export as .pdf controls, which is something that I would like the users to still be able to do. Therein lies a problem with this approach, which I would have otherwise adopted.

0 Karma

SplunkTrust
SplunkTrust

For purely viewing dashboards there's a very simple solution.

Create a role and an app for each bunch of non-IT people. Give the users that role, do not inherit from default roles, and only give that role access to their specific app(s). By disabling access to the search app they lose not only the default search interface to fiddle around with search commands, but they also lose the entire manager.
As a result, users with such a role get to see their dashboards and forms, but not much else.

0 Karma

Esteemed Legend

@martin_mueller, will you please elaborate on exactly how to do this? For example, what specific capabilites would this role have? What would the local.meta (or default.meta) contain? I need to do exactly this.

0 Karma

Builder

As much I agree with @martin_mueller answer I dislike the fact Splunk GUI doesn't offer an option to disable users to create/clone things or fiddle around with search commands. It would require a good amount of dev and custom pages to get rid of those things... For IT personal is fine, but once you open dashboards for business people the interface should be simplified!

SplunkTrust
SplunkTrust

Cloning something only needs read permissions because all your writing is done to a new private object - users can always do that as far as I know, and no harm comes from that because it's essentially the same as creating the new private object from scratch by copying over the data from a second browser window.
Nobody else will see it as long as the user doesn't have app write permissions and shares the object.