Solved: How to Assign Access Role to multiple groups

SplunkDash · ‎11-19-2021

Hello,

I have a situation where there are 25 different groups of people and each group of people uses different sets of data (i.e. there are 25 different sets of data, one for each group). We need to create a single dashboard and also need to assign access role in a way that each group can only have access to their data set using the same dashboard. How I would assign the access role for those 25 different groups.

Should I create 25 different indexes - one for each group and assign access role to those indexes?

Is it possible to create 25 different sourcetypes and assign access role to those sourcetypes - one for each group and keep all sourcetypes under one index?

Or are there any other ways?

Thank you so much, any help will be highly appreciated.

PickleRick · ‎11-19-2021

The permissions are granted on a per-index basis so if you want to limit the access to the data, you separate it into different indexes (it's one of the cases where splitting data into indexes is advisable).

If you want to use the same dashboard for different user groups (and thus indexes), you have to make it so that the source index used in searches is dynamically settable - not hardcoded.

View solution in original post

PickleRick · ‎11-19-2021

The permissions are granted on a per-index basis so if you want to limit the access to the data, you separate it into different indexes (it's one of the cases where splitting data into indexes is advisable).

If you want to use the same dashboard for different user groups (and thus indexes), you have to make it so that the source index used in searches is dynamically settable - not hardcoded.

How to Assign Access Role to multiple groups

other

Announcing Scheduled Export GA for Dashboard Studio

Extending Observability Content to Splunk Cloud

More Control Over Your Monitoring Costs with Archived Metrics GA in US-AWS!