Deployment Architecture

How to create a role with limited admin capabilities to put a cluster in maintenance mode?


Basically I need to make a Splunk account with limited admin capabilities, one of them being able to put the cluster in maintenance mode.

Splunk Employee
Splunk Employee

This can be accomplished by creating another role that inherits the User role and adds the edit_indexer_cluster​ capability. With such a role, the user can see the indexer clustering settings menu and place the cluster into maintenance from the CLI as well.

*NEW* Splunk Love Promo!
Snag a $25 Visa Gift Card for Giving Your Review!

It's another Splunk Love Special! For a limited time, you can review one of our select Splunk products through Gartner Peer Insights and receive a $25 Visa gift card!


Or Learn More in Our Blog >>