Reporting

What are the permissions / capabilities required for users to be able to see the "Report Acceleration Summaries" page?

nwales
Path Finder

What are the permissions / criteria required for users to be able to see the 'Report Acceleration Summaries' page?

Right now, even users with the 'Accelerate Searches' role do not get the option in the settings drop-down.

This is running 6.2.1 with search head clustering.

It works for myself as an admin.

0 Karma

mattness
Splunk Employee
Splunk Employee

Can your users see any other Settings page links? If they cannot see other admin-only Settings pages that you have access to, it could be that you need to expand their access in the local.meta file as described here: http://docs.splunk.com/Documentation/Splunk/6.2.2/Security/Addmanagementaccesstocustomroles

Note that in this topic, what is referred to as "Manager" is now called "Settings" in the product.

mattness
Splunk Employee
Splunk Employee

Ah, looks like someone beat me to this response!

0 Karma

kserra_splunk
Splunk Employee
Splunk Employee

Per our docs

Your role must have the schedule_search and accelerate_search capabilities.

http://docs.splunk.com/Documentation/Splunk/6.2.2/Knowledge/Manageacceleratedsearchsummaries

nwales
Path Finder

I created an 'accelerated user' role which has both of these capabilities.

Said users can create accelerated searches however they cannot see the link to the Report Acceleration Summaries page.

0 Karma

acharlieh
Influencer

Not sure, but I wonder if the power role is required for the link...

In ./etc/apps/search/metadata/default.meta I see:

[manager/summarization]
access = read : [ power ], write : [ admin ]

So maybe you could add to local.meta

[manager/summarization]
access = read : [ accelerated user ], write : [ admin ]

? But that is a wild stab in the dark

Get Updates on the Splunk Community!

Splunk Classroom Chronicles: Training Tales and Testimonials (Episode 3)

Welcome back to Splunk Classroom Chronicles, our ongoing blog series that pulls back the curtain on Splunk ...

Operationalizing TDIR: Building a More Resilient, Scalable SOC

Optimizing SOC workflows with a unified, risk-based approach to Threat Detection, Investigation, and Response ...

Almost Too Eventful Assurance: Part 1

Modern IT and Network teams still struggle with too many alerts and isolating issues before they are notified. ...