Deployment Architecture

How to prevent users taking clones of knowledge objects?

mbasharat
Contributor

Hi,

I am dealing with a situation where many users in Production are taking clones of knowledge objects e.g. scheduled reports, views etc. How to prevent this? Any settings in the configurations and roles capabilities I can apply to prevent this? Our configuration settings for access controls has read only for users. Write is for developers and admins only. This still does not prevent users from taking clones.

Thanks in advance!!!

0 Karma

richgalloway
SplunkTrust
SplunkTrust

What is the problem with cloning knowledge objects?  Is it possible users find the existing KOs inadequate and are creating better, private instances of them?

---
If this reply helps you, Karma would be appreciated.
0 Karma

mbasharat
Contributor

Hi Rich,

The issue is that users are creating clones of KOs and due to the lack of their training and knowledge, they try tweaking the cloned KOs in an un-optimized manner which is causing heavy load on infrastructure. We are asked by management to shutdown the cloning for users with read only access so they are unable to take clones to begin with. Thanks.

0 Karma
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) v3.54.0

The Splunk Threat Research Team (STRT) recently released Enterprise Security Content Update (ESCU) v3.54.0 and ...

Using Machine Learning for Hunting Security Threats

WATCH NOW Seeing the exponential hike in global cyber threat spectrum, organizations are now striving more for ...

New Learning Videos on Topics Most Requested by You! Plus This Month’s New Splunk ...

Splunk Lantern is a customer success center that provides advice from Splunk experts on valuable data ...