Deployment Architecture
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Can we change root permission of local folder in Splunk indexer machine?

sanjubaba
Path Finder
‎09-14-2020 10:10 PM

Is it ok if someone change the root permission of local folder in etc/apps/search?

I want to provide permission to all the users to access local folder.

Will this impact any functionality of Splunk?

Please guide me through this.

Labels (2)
Labels
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

thambisetty
SplunkTrust
SplunkTrust
‎09-14-2020 11:33 PM

I hope splunkd service also running with root user as your $SPLUNK_HOME is owned by root user.

giving access to other user will impact only the object for which change happened. for example, you as a normal user trying to modify view, then only that particular view will be affected.

————————————
If this helps, give a like below.

View solution in original post

Reply
Solved! Jump to solution

thambisetty
SplunkTrust
SplunkTrust
‎09-14-2020 10:38 PM

The question is more related to Linux Permissions.

who is the owner,group of etc/apps/search?

what is the user splunkd running with?

what is the group of users for whom you want provide access of etc/apps/search?

————————————
If this helps, give a like below.
Reply
Solved! Jump to solution

isoutamo
SplunkTrust
SplunkTrust
‎09-14-2020 10:37 PM

Hi

you could totally mesh up your installation if you give filesystem access to your users on command line level!

What is the issue which you try to solve with this?

r. Ismo

Reply
Solved! Jump to solution

sanjubaba
Path Finder
‎09-14-2020 10:51 PM

@isoutamo @thambisetty @@I want to access the etc/apps/search/local/data/ui/views directory with my regular user to check dashboard configuration. But it is asking for root permission.

0 Karma
Reply
Solved! Jump to solution

thambisetty
SplunkTrust
SplunkTrust
‎09-14-2020 11:22 PM

then user you used should get sudo access to access directory as it's owned by root user.

Or, ask Linux Team to provide access  to your user for that directory.

————————————
If this helps, give a like below.
Reply
Solved! Jump to solution

sanjubaba
Path Finder
‎09-14-2020 11:24 PM

@thambisetty thanks.

But it will not hamper my environment right?

Giving access to regular user.

0 Karma
Reply
Solved! Jump to solution
Solution

thambisetty
SplunkTrust
SplunkTrust
‎09-14-2020 11:33 PM

I hope splunkd service also running with root user as your $SPLUNK_HOME is owned by root user.

giving access to other user will impact only the object for which change happened. for example, you as a normal user trying to modify view, then only that particular view will be affected.

————————————
If this helps, give a like below.
Reply
Get Updates on the Splunk Community!

Announcing Scheduled Export GA for Dashboard Studio

We're excited to announce the general availability of Scheduled Export for Dashboard Studio. Starting in ...

Extending Observability Content to Splunk Cloud

Watch Now!   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to leverage ...

More Control Over Your Monitoring Costs with Archived Metrics GA in US-AWS!

What if there was a way you could keep all the metrics data you need while saving on storage costs?This is now ...