Solved: Re: update default.meta stanzas using REST API

ganesh_crms · ‎07-21-2019

Hi All,
How to update default.meta stanzas using REST API. Thanks in Advance.

harsmarvania57 · ‎07-22-2019

Hi,

To change views permissions using REST API, you can use below REST API (In below example please change values for <> based on your environment.

To change permissions of particular dashboard

curl -vk -u user:password https://<your_splunk_server>:8089/servicesNS/<username>/<app_name>/data/ui/views/<dashboard_name>/ac... -d "perms.read"="user" -d "perms.write"="user" -d sharing=<app/user/global> -d owner=<owner_name>

To change permissions of dashboards page, try below REST API.

curl -vk -u user:password https://<your_splunk_server>:8089/servicesNS/nobody/<app_name>/data/ui/views/_acl -d "perms.read"="user" -d "perms.write"="user" -d sharing=<app/user/global>

View solution in original post

harimadambi · ‎09-08-2020

import requests

data = {
'owner' : '<owner>',
'sharing' : '<app/global/system>',
'perms.read' : '*',
'perms.write' : '*'
}

url = 'https://<hostname>:8089/services/apps/local/test_app/acl'
response = requests.post(url, data=data, verify=False, auth=('admin', '<password>'))

harsmarvania57 · ‎07-22-2019

Hi,

To change views permissions using REST API, you can use below REST API (In below example please change values for <> based on your environment.

To change permissions of particular dashboard

curl -vk -u user:password https://<your_splunk_server>:8089/servicesNS/<username>/<app_name>/data/ui/views/<dashboard_name>/ac... -d "perms.read"="user" -d "perms.write"="user" -d sharing=<app/user/global> -d owner=<owner_name>

To change permissions of dashboards page, try below REST API.

curl -vk -u user:password https://<your_splunk_server>:8089/servicesNS/nobody/<app_name>/data/ui/views/_acl -d "perms.read"="user" -d "perms.write"="user" -d sharing=<app/user/global>

harsmarvania57 · ‎07-22-2019

Hi,

Can you please provide more information about what you would like to change in .meta files ? Additionally it is not good idea to change anything in default.meta because it will overwrite when you upgrade the app/add-on, so best practice is to change permissions in local.meta file.

ganesh_crms · ‎07-22-2019

Hi Harsmarvania,
Thanks for your answer.
whats the use of this parameter "-d sharing=".
What value i should pass?

harsmarvania57 · ‎07-22-2019

sharing means would you like to share this dashboard at user level (Private), app level or global level ?

ganesh_crms · ‎07-22-2019

Hi,
I wants to modify the "access" field (under stanzas) to restrict role base access for a view in app

harsmarvania57 · ‎07-22-2019

Under which stanza ?

ganesh_crms · ‎07-22-2019

---Current---
[views/]
access = read : [ admin ], write : [ admin ]

----Expected---
[views/]
access = read : [ user], write : [user ]

update default.meta stanzas using REST API

Enterprise Security Content Update (ESCU) | New Releases

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

Index This | What are the 12 Days of Splunk-mas?