How to restrict users' access only to specific apps?


Hi Experts,

I have given access to one client by creating a specific index and APPs, but when he logs in, he some times navigates to the Search & reporting tab and creates some lookups. I want to restrict users to all objects under the APPS directory only. I tried to remove permission "global" for Search and Reporting, but after doing this, the user is not able to see his own dashboards, so I reverted the permission back.

Please help how we can achieve original requirement.

0 Karma


You can create a role and give permission to only your APP and assign the user to that role. If the user has created some dashboards in another app earlier, you can move those objects to the new app so that user will still be able to access them

You can set permission on individual objects (dashboards) as well

0 Karma
State of Splunk Careers

Access the Splunk Careers Report to see real data that shows how Splunk mastery increases your value and job satisfaction.

Find out what your skills are worth!