Howdy,
We have roles setup for our various splunk users. They are able to create dashboards. When they go to share it, they can only share with Everyone, or the group they are in.
Example
SplunkDevOps1
SplunkDevOps2
SplunkDevOps3
Each has the same base Index access, but higher levels have more index access. SplunkDevOps1 creates a dashboard for IIS data. They want to share with SplunkDevOps3.
Since they cannot see that group, is there a perm to add or a setting that would allow them to do this?
Thanks
Hi, You can work this out by creating new role accordingly as per the user group and set permission of knowledge objects to this newly created role.
In this scenerio, the roles are already created. Someone in SplunkDevOps1 creates a new dashboard. They do not have the option to give SplunkDevOps2 write access to this dashboard. They can give "Everyone" the ability to read (which is okay), but giving write access to "Everyone" is an issue.
This is the thing we are trying to figure out. How a person in a role can give read and write access to other roles, without having to use "everyone" or having the admin go alter the roles.
Not necessarily you have to give permission to everyone. you can give read or write or both permissions to individual role. Plus while creating role, you can add already present roles from "Inheritance" section to get capabilities of inherited role. If you play with combination of these, i am sure you can get what you want.
Does SplunkDevOps1 role has access to all the indexes of SplunkDevOps2 and SplunkDevOps1? Similarly, does SplunkDevOp2 has access to all indexes of SplunkDevOps1?
The do not.