Reporting
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

What are the permissions / capabilities required for users to be able to see the "Report Acceleration Summaries" page?

nwales
Path Finder
‎04-15-2015 12:54 PM

What are the permissions / criteria required for users to be able to see the 'Report Acceleration Summaries' page?

Right now, even users with the 'Accelerate Searches' role do not get the option in the settings drop-down.

This is running 6.2.1 with search head clustering.

It works for myself as an admin.

0 Karma
Reply

mattness
Splunk Employee
Splunk Employee
‎04-15-2015 02:31 PM

Can your users see any other Settings page links? If they cannot see other admin-only Settings pages that you have access to, it could be that you need to expand their access in the local.meta file as described here: http://docs.splunk.com/Documentation/Splunk/6.2.2/Security/Addmanagementaccesstocustomroles

Note that in this topic, what is referred to as "Manager" is now called "Settings" in the product.

Reply

mattness
Splunk Employee
Splunk Employee
‎04-15-2015 02:32 PM

Ah, looks like someone beat me to this response!

0 Karma
Reply

kserra_splunk
Splunk Employee
Splunk Employee
‎04-15-2015 01:21 PM

Per our docs

Your role must have the schedule_search and accelerate_search capabilities.

http://docs.splunk.com/Documentation/Splunk/6.2.2/Knowledge/Manageacceleratedsearchsummaries

Reply

nwales
Path Finder
‎04-15-2015 01:52 PM

I created an 'accelerated user' role which has both of these capabilities.

Said users can create accelerated searches however they cannot see the link to the Report Acceleration Summaries page.

0 Karma
Reply

acharlieh
Influencer
‎04-15-2015 02:16 PM

Not sure, but I wonder if the power role is required for the link...

In ./etc/apps/search/metadata/default.meta I see:

[manager/summarization]
access = read : [ power ], write : [ admin ]

So maybe you could add to local.meta

[manager/summarization]
access = read : [ accelerated user ], write : [ admin ]

? But that is a wild stab in the dark

Reply
Get Updates on the Splunk Community!

Splunk Classroom Chronicles: Training Tales and Testimonials (Episode 3)

Welcome back to Splunk Classroom Chronicles, our ongoing blog series that pulls back the curtain on Splunk ...

Operationalizing TDIR: Building a More Resilient, Scalable SOC

Optimizing SOC workflows with a unified, risk-based approach to Threat Detection, Investigation, and Response ...

Almost Too Eventful Assurance: Part 1

Modern IT and Network teams still struggle with too many alerts and isolating issues before they are notified. ...