Security
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How to restrict a user from access to the default Search & Reporting application?

beonick
Engager
‎07-06-2016 05:16 AM

Hi everyone,

I want to give access to a user so he can only view the selected application, but not "Search & Reporting" and other apps. I have read all other similar questions, but they didn't solved the problem. I can restrict access to all applications except "Search & Reporting".

To restrict access, I created a new role "guest" and assigned to it all the same capabilities that "user" role has. Then I created a new user with this role selected. After that I excluded this role from Apps>ManageApps>Permissions for all apps I don't want user to see. But when I remove user read access from "Search & Reporting" app, for some reason, the dashboard in my application stops to work - it shows only empty elements with N/As.

I have a single view application where the Nav file looks like this:

<nav color="#5379AF">
  <view name="application" default='true' />
</nav>

The "application" view is located in the same application context and has read=Everyone, write=admin permissions.

Can be "Search & Reporting" application hidden somehow?

I work with Splunk Cloud, Splunk Version - 6.3.1511.2

Thank you for your help in advance!

0 Karma
Reply

mbadhusha_splun
Splunk Employee
Splunk Employee
‎11-15-2017 01:30 AM

Hi,

By default only admin and power roles have write permission in the search app. So any user with read permission will be able to access search & reporting app and will be able to create reports and dashboards and can create private knowledge objects but they will not be able to share those to others. If you remove read access for search & reporting app, then those users will not be able to see search & reporting and also settings will be hidden for them.

To force your users to use particular app you could create roles for each department, map those users via LDAP or local auth and then set the default app context to their departmental app. If that's not feasible then you have to do some user education to get people out of the search app and into their departmental app if they are going to save knowledge objects.

You could also change the default app that the user sees upon logging into splunk by role or user: Settings --> Access Controls --> Roles|Users--> select the desired role --> Select a default app from the drop-down list under Default app.

0 Karma
Reply
Get Updates on the Splunk Community!

.conf24 | Registration Open!

Hello, hello! I come bearing good news: Registration for .conf24 is now open!   conf is Splunk’s rad annual ...

ICYMI - Check out the latest releases of Splunk Edge Processor

Splunk is pleased to announce the latest enhancements to Splunk Edge Processor.  HEC Receiver authorization ...

Introducing the 2024 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...