i have a panel in my dashboard which i need to give a restriction based on roles. one group should only get panel in read format , they should not be able to search data from panel,from search link and from drill down , while other group should belong to power user group which will be able to do drill down and search from link and also search as well from panel.
Any help will be appreciated. Thanks in advance .
Hi , Nawneel
I think you can do it like this(in splunk 6.2):
1- you create 2 new roles for users of each group with appropriate restriction.
2- when you edit the dashboard permission you will see the roles you created. Now for that dashboard, you can tick read or write.
doing so alls users to whom you have assigned the role will be affected by that.
Note: to create role in splunk web go to : setting -->Access control-->Role
to edit dashboard permission : setting-->User interface-->Views, localize your dashboard and edit permission
While this can get a complicated, we create two dashboards, one for each role level.
They can only see the dashboard assigned to their role, then you can set each drill down by each role/dashboard combination.
As long as you set that each role can only view their one dashboard, should all be fine.
Traditional way!! But than it has a lot of maintainibility and little complexity.