Hi,
does the app permission always overrule all other permissions for content created in that app?
Let's say there is a user with the role A.
The roles A and B got read permissions for saved searches, dashboards, lookups, eventtypes, field aliases etc for an app.
But in the app manager the app is only shared to the role B. Is it possible that the user can access the content somehow?
Thanks in advance
To answer your subject line, "Yes"; to answer your last sentence, "No" (at least not with doing other configurations, like adding user to role "A"). That is the whole point.
To answer your subject line, "Yes"; to answer your last sentence, "No" (at least not with doing other configurations, like adding user to role "A"). That is the whole point.
Thanks! So a lookup table that can be used by all splunk users, has to be stored in an app that is available to all users. Sharing global is not enough.