- Find Answers
- :
- Splunk Administration
- :
- Admin Other
- :
- Security
- :
- Re: Help with Add-on permissions
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Help with Add-on permissions
Our customer installed our Addon using an admin account. Now the admin wants to give a power user permission to modify/use this addon. How can this be done please? The admin already granted Read/Write permission of this Addon to everyone. But still for a power user, this Addon is not shown in the available Trigger Actions selections of an Alert.
Everything works fine with the admin account. But customer wants to use the power user account to control it.
Thanks!
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hey @irsyintegration, which add-on are you referring to?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
If they go to Settings -> Alert Actions, is the alert action listed there? If so, are the permissions set correctly?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
If I move the alert_actions.conf from $SPLUNK_HOME/etc/apps/OUR_ADDON/default to $SPLUNK_HOME/etc/system/local, then the power user can see it. Even though he still have trouble to edit it.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
From Settings->All configurations, the power user can't find the Alert Actions.
The admin can find it from Settings->Alert Actions and Settings->All configurations, and the permission is set to Read/Write for everyone.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
hmm, what is it set to global as well? honestly, i'm not sure exactly which permissions will it available but assume if it's global and read/write for everyone, then everyone should see it from anywhere.
side note, you can respond with comments instead of answers. answers are typically set aside as for when somebody thinks they have an answer to the question.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Seems to be related to the role setting of power user. If I grant admin_all_objects capability to the power user, then it works. Not sure if our customer likes it though. So still looking for alternatives.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Settings -> Alert Actions only appears for admin user, right? No such thing for power user somehow.
Index This | What are the 12 Days of Splunk-mas?
Get Inspired! We’ve Got Validation that Your Hard Work is Paying Off
What's New in Splunk Enterprise 9.4: Features to Power Your Digital Resilience
