Deployment Architecture

How to create a role with limited admin capabilities to put a cluster in maintenance mode?

Engager

Basically I need to make a Splunk account with limited admin capabilities, one of them being able to put the cluster in maintenance mode.

Splunk Employee
Splunk Employee

This can be accomplished by creating another role that inherits the User role and adds the edit_indexer_cluster​ capability. With such a role, the user can see the indexer clustering settings menu and place the cluster into maintenance from the CLI as well.

Don’t Miss Global Splunk
User Groups Week!

Free LIVE events worldwide 2/8-2/12
Connect, learn, and collect rad prizes
and swag!