How to achieve dashboard drop down box that filters by Active Directory Group membership?

New Member

I have a large organization and a dashboard to handle all enterprise scan data for one of our scan tools.  We have all scan data assigned to a project name (we have hundreds of project names).  How do I create a process where I can populate a list to Splunk daily with the Active Directory Security group name mapping to a project name.  I have a single dashboard (cannot create multiple dashboards or indexes for this) and I have a drop-down box that has a list of projects.  I want my users to be able to access the dashboard but only be able to filter for the apps that they are a member of through the Active Directory security groups list.  My goal is a scenario where the scan team can maintain their own access to the scan data in the dashboard without making Splunk Admins do programming every time there's an addition or change to the list.  I also want to ensure projects don't see scan results for other projects.  We scan thousands of systems, so it is not an option to create multiple dashboards or indexes for this data.

Thank you so much for your time. 🙂

Labels (2)
0 Karma
Get Updates on the Splunk Community!

There's No Place Like Chrome and the Splunk Platform

Watch On DemandMalware. Risky Extensions. Data Exfiltration. End-users are increasingly reliant on browsers to ...

The Great Resilience Quest: 5th Leaderboard Update

The fifth leaderboard update for The Great Resilience Quest is out >> 🏆 Check out the ...

Devesh Logendran, Splunk, and the Singapore Cyber Conquest

At this year’s Splunk University, I had the privilege of chatting with Devesh Logendran, one of the winners in ...