Hello Splunk users
For my company internal purpose i needed to publish dashboards to very limited number of users.
The limitation was not based on user role, but strictly on ID and I didn't find a solution suitable on forums.
While tinkering with "depends" based on a couple of posts here i came up with panels show hide combo with env:user token which I'm sharing right now.
Users white list is managed by a simple eval/case statement directly inside dashboard's xml code for fast update. Panels visibility changes based on dropdown input controlled by that eval command.
Since I have only basic user role I cannot make any server changes. If you have some idea on how to improve this concept please let me know. (ie. how to use "in" syntax instead of many case options)
<form>
<label>user_authority_test</label>
<fieldset submitButton="false">
<input type="dropdown" token="field1" depends="$user_ok$">
<label>Limited input</label>
<choice value="1">Limited visability</choice>
</input>
<input type="checkbox" token="field2">
<label>Unlimited input</label>
<choice value="1">Visible for all</choice>
<delimiter> </delimiter>
</input>
</fieldset>
<row depends="$user_not_ok$">
<panel>
<title>Message for limited users and/or some other panels</title>
<html>
<div>Message body</div>
</html>
</panel>
</row>
<row depends="$hide$">
<panel>
<html>
<h2>Debug</h2>
<div>authority: $authority$</div>
<div>user: $env:user$</div>
</html>
</panel>
<panel>
<table>
<title>auth</title>
<search>
<query>|makeresults |eval user="$env:user$" |table user </query>
<earliest>-1s</earliest>
<latest>now</latest>
<done>
<!-- insted of user1, user2 etc. add desired user ID -->
<eval token="form.authority">case($result.user$=="user1","on", $result.user$=="user2","on", 1=1, "off"</eval>
</done>
</search>
</table>
</panel>
<panel>
<!-- changing visibility of panels based on two step process, eval command modifies value of dropdown.
Another token's embedded inside the dropdown controls which panels are visible and which are not
You can actually create many sets of values in condition for more felxibility-->
<input type="dropdown" token="authority">
<label>authority set</label>
<choice value="on">On</choice>
<choice value="off">Off</choice>
<change>
<condition value="on">
<set token="user_ok"></set>
<unset token="user_not_ok"></unset>
</condition>
<condition value="off">
<unset token="user_ok"></unset>
<set token="user_not_ok"></set>
</condition>
</change>
</input>
</panel>
</row>
<row depends="$user_ok$">
<panel>
<table>
<search id="MainSearch">
<query>index=_internal
|head 5
|table sourcetype, _time</query>
<earliest>-60m@m</earliest>
<latest>now</latest>
</search>
</table>
</panel>
<panel>
<chart>
<search base="MainSearch">
<query>
|chart c(_time) by sourcetype</query>
<progress>
<set token="Area_Name">$Area_placeholder$</set>
</progress>
</search>
<option name="charting.chart">pie</option>
<option name="charting.chart.sliceCollapsingThreshold">0</option>
</chart>
</panel>
</row>
</form>
Hi
Have you already try this Static and dynamic inputs to forms? Just create e.g. lookup for those users and then use something like this to evaluate if user can see that rows on not based on token which you have gotten on init part of dashboard?
I think that I have seen that kind of examples here made by @niketn?
r. Ismo
Hello @isoutamo
I tested lookups some time before, but unfortunately with my basic user role i cannot make them public.
The example i created is fully self-sufficient despite role limitations.
I guess I need to apply higher authority 🙂