- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Help in identifying the capabilities for REST search to fetch User/Role/App details
Hi all,
I have the below rest searches to fetch the User, Role and Application details, respectively.
- | rest /services/authentication/users
- | rest /services/authorization/roles
- | rest /services/apps/local
However, am not able to define the exact read only capabilities for my role to assign, so I can run these searches to get the results.
Below are the capabilities I investigated:
edit_roles
edit_user
rest_properties_get
search
However, am not getting the entire application list as compared to Admin role. Also the edit_roles and edit_user are giving write permission and am looking for read permission only.
Please help.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Please check if the answer https://answers.splunk.com/answers/745460/rest-call-in-subsearch.html helps you
The original query is for indexes, but you can put the other REST endpoints change to see if it works.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Can you elaborate a little here?
what is the problem you are trying to solve?
What is the outcome / search output you are anticipating?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I have a certain dashboard listing all Splunk users and what role-capabilities are assigned to them. For which I have used the above mentioned Rest API commands.
However the dashboard users are not able to see the results as they don't below capabilities.
edit_roles
edit_user
rest_properties_get
search
If I assign these capabilities to them, then they can delete/update the user-role information from GUI settings, which I don't want.
