Reporting

How to add the permission to allow users to change their own reports to global sharing? But at the same time not to delete knowledge object ?

Hemnaath
Motivator

Hi Team,
We got request from a client that he wants users in the test_basic group (role) should be allowed to change his/her reports to global sharing. But at the same time they he do wants the user with test_basic group should not be able to delete the knowledge object of their own app.

I had gone through the below link for enabling a role other than Admin and Power to set permissions and share objects.

http://docs.splunk.com/Documentation/Splunk/latest/Knowledge/Manageknowledgeobjectpermissions

But when we give write permission to the test_basic user group, then there is a possibility by the user in this group to delete the Knowledge objects for a specific app (search app) which he has a write permission. So in this case how to restrict this group of user to share the object but not to delete it.

Kindly guide me on this.

0 Karma
1 Solution

evsmt
Explorer

Define all Knowledge Objects that may not be deleted as .conf files in the /default directory in the app.

This will only work if you know up front which KO may not be deleted. This will not protect against one user deleting a KO of another user which is shared in the app.

View solution in original post

0 Karma

evsmt
Explorer

Define all Knowledge Objects that may not be deleted as .conf files in the /default directory in the app.

This will only work if you know up front which KO may not be deleted. This will not protect against one user deleting a KO of another user which is shared in the app.

0 Karma

Hemnaath
Motivator

thanks for your effort on this, so it means that I can protect only the KO that are present already in that app is that right.

0 Karma

Hemnaath
Motivator
0 Karma

evsmt
Explorer

Yes, this method protects KO's shipped with the app. I do not know of an other method to achieve your goal.

0 Karma
Get Updates on the Splunk Community!

Monitoring MariaDB and MySQL

In a previous post, we explored monitoring PostgreSQL and general best practices around which metrics to ...

Financial Services Industry Use Cases, ITSI Best Practices, and More New Articles ...

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...

Splunk Federated Analytics for Amazon Security Lake

Thursday, November 21, 2024  |  11AM PT / 2PM ET Register Now Join our session to see the technical ...