Security
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
Solved! Jump to solution

Disable Report Acceleration for Specifc Roles - however do not disable report scheduling?

t9445
Path Finder
‎01-23-2014 02:22 PM

[Were running v6.0.1]

Hi, quick question please, from the documentation if we want to disable a user-role from being able to enabe report-acceleration on saved-searches -- we have to disable the schedule_search capability as well.

e.g. from the docs -- schedule_search: Schedule saved searches, create and update alerts, review triggered alert information, and turn on report acceleration for searches.

However, is there a way to allow a user-role to schedule saved searches, etc. - however NOT be able to enable report-acceleration on their searches?

Appreciate any tips

thanks

Tags (2)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

drrushi_splunk
Splunk Employee
Splunk Employee
‎10-15-2014 02:10 PM

A new capability was introduced in version 6.1 which specifically enables/disables the accelerate feature.
In authorize.conf or via the UI role management page you could set the 'accelerate_search' capability.
In previous versions there is not an easy way to disable this option.

View solution in original post

Reply
Solved! Jump to solution
Solution

drrushi_splunk
Splunk Employee
Splunk Employee
‎10-15-2014 02:10 PM

A new capability was introduced in version 6.1 which specifically enables/disables the accelerate feature.
In authorize.conf or via the UI role management page you could set the 'accelerate_search' capability.
In previous versions there is not an easy way to disable this option.

Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

[Puzzles] Solve, Learn, Repeat: Character substitutions with Regular Expressions

This challenge was first posted on Slack #puzzles channelFor BORE at .conf23, we had a puzzle question which ...

Splunk Community Badges!

  Hey everyone! Ready to earn some serious bragging rights in the community? Along with our existing badges ...

[Puzzles] Solve, Learn, Repeat: Matching cron expressions

This puzzle (first published here) is based on matching timestamps to cron expressions.All the timestamps ...