Reporting

Create modified user role without capability to run reports

jedatt01
Builder

Is there a way to configure capabilities to restrict a user from being able to create reports, but still allow them to search and view existing reports/dashboards?

0 Karma

martin_mueller
SplunkTrust
SplunkTrust

"Create reports" as in "save a search privately"? I don't think so.

You can restrict roles from sharing their reports into an app though, by not giving them write permissions for that app. They'll still be able to save reports privately.

Another thing you could do is to remove access to the search app entirely. Then that role can only view an app you built for it, which may only have pre-built dashboards but no manual search interface.

0 Karma

jedatt01
Builder

Thanks Martin. I ended up opening a support ticket and they told me the same thing.

0 Karma
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Laser Bananas and Edge Hubs: Exploring Operational Technology (OT) Data Through a ...

  OT is a different environment to traditional IT and can have interesting challenges when interfacing the ...

Event Series: Mastering AI Tokenomics and Splunk Agent Observability

Beyond the Black Box: Correlating AI Performance and Tokenomics with Splunk Agent Observability   As ...

span_metrics: The OpenTelemetry-Idiomatic Way to See Inside Your Services

You open a trace in Splunk Observability Cloud and everything looks fine. One root span, order-pipeline, with ...