Security
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
Solved! Jump to solution

Automatic Role Removal

IRHM73
Motivator
‎09-06-2019 02:59 AM

Hi,

I wonder if someone can help me please.

We allocate user roles via the authroize.conf file with all the settings needed for each role.

By default, we don't allocate the 'export' function, but where appropriate will allocate in specific circumstances nornmally for a limited time frame.

Could someone tell me please, is there any funtionality within Splunk that allows a role, in this case the 'Export' function, to be removed from a user after a given timeframe has passed?

Many thanks and kind regards

Chris

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

MuS
SplunkTrust
SplunkTrust
‎09-06-2019 03:11 AM

Hi IRHM73,

Not to my knowing, but that said does not mean you could create a cron job that modifies the setting for you in authorize.conf and reloads the new config.

Hope that helps ...

cheers, MuS

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

MuS
SplunkTrust
SplunkTrust
‎09-06-2019 03:11 AM

Hi IRHM73,

Not to my knowing, but that said does not mean you could create a cron job that modifies the setting for you in authorize.conf and reloads the new config.

Hope that helps ...

cheers, MuS

0 Karma
Reply
Solved! Jump to solution

IRHM73
Motivator
‎09-06-2019 03:41 AM

Hi @MuS. Thank you for taking the time to come back to me and for your suggestion.

Not thought of that.

Many thanks and kind regards

Chris

0 Karma
Reply
Solved! Jump to solution

MuS
SplunkTrust
SplunkTrust
‎09-06-2019 03:56 AM

You are welcome!

Sometimes you have to think out of the box to get where you want to be 😉

Feel free to accept this answer and help others 🙂

cheers, MuS

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Announcing Modern Navigation: A New Era of Splunk User Experience

We are excited to introduce the Modern Navigation feature in the Splunk Platform, available to both cloud and ...

Modernize your Splunk Apps – Introducing Python 3.13 in Splunk

We are excited to announce that the upcoming releases of Splunk Enterprise 10.2.x and Splunk Cloud Platform ...

Step into “Hunt the Insider: An Splunk ES Premier Mystery” to catch a cybercriminal ...

After a whole week of being on call, you fell asleep on your keyboard, and you hit a sequence of buttons that ...