Re: Is it possible to manage all saved searches in...

ben_leung · ‎08-29-2014

https://localhost/8089/servicesNS/-/search/saved/searches

Is this possible, manage all saved searches displayed in a custom app, basically get the view https://localhost:8000/en-US/manager/launcher/saved/searches for non-admin users.

If yes, I would like to know how to get started on this type of project.

ben_leung · ‎09-03-2014

The goal I am trying to do is to allow a certain role to see the private searches of all users. I want this in a separate app or view so that it is visible to this role.

I am not going to allow read and write access to all the individual private searches since there are over hundreds, and some of our environments have thousands.

We need a capability that allows access to private knowledge objects(searches, dashboards, etc.) but not other manager pages. A limited admin_all_objects...

MuS · ‎08-29-2014

Hi ben_leung,

one way would be to create a saved search, which runs as admin user, queries all saved searches and writes its results into a summary index. Use the summary index to feed your app / dashboards.

cheers, MuS

MuS · ‎08-29-2014

Well, in this case your original question is wrong: you asked how to view them and not how to manage them 😉

ben_leung · ‎08-29-2014

That would work for users to see the private searches of other users.

What I really want is the capability to clone the private searches.

I have a role that is non-admin that I want to be in charge of scheduling users private search by first cloning them and then scheduling them, making them a dedicated job user.

It would be simple to give them admin_all_objects to view the private searches, but I don't want to give them all the access to the other manager pages like access control.

Is it possible to manage all saved searches in a custom app?

Announcing Scheduled Export GA for Dashboard Studio

Extending Observability Content to Splunk Cloud

More Control Over Your Monitoring Costs with Archived Metrics GA in US-AWS!