Monitoring Splunk

role Permission on local.meta


I have local.meta file in that i have specified the app's read permission to some Role's like 3 different roles so that the users belongs to that role can access the app. but my question is if we put read permission as * on reports ,Do those reports can be read by other roles beside 3 roles or they can be read only by app specific read roles ?

version = 6.3.0
modtime = 1461214928.341865000

version = 6.3.0
modtime = 1461214928.358444000

access = read : [ X1,X2,X3 ], write : [ power_role ]
export = none
version = 6.5.2
modtime = 1501280033.818796000

version = 6.3.0
modtime = 1461214928.365186000

[savedsearches/Sample REPORT]
access = read : [ * ], write : [ power_role ]
export = none
owner = XXXXX
version = 6.3.4
modtime = 1471988491.914745000

Tags (1)
0 Karma


If you put * you're effectively allowing any other user to read the report in the app IF the report is shared at the app or global level. Private reports will not be affected.

They will be able to see the report regardless of what app they are in by going to reports -> and clicking "all apps".

0 Karma
Get Updates on the Splunk Community!

Welcome to the Splunk Community!

(view in My Videos) We're so glad you're here! The Splunk Community is place to connect, learn, give back, and ...

Tech Talk | Elevating Digital Service Excellence: The Synergy of Splunk RUM & APM

Elevating Digital Service Excellence: The Synergy of Real User Monitoring and Application Performance ...

Adoption of RUM and APM at Splunk

    Unleash the power of Splunk Observability   Watch Now In this can't miss Tech Talk! The Splunk Growth ...