Security
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

How to set-up permissions for "app level" admins?

twinspop
Influencer
‎09-30-2016 06:52 AM

I want to have the following 3 levels of access:

  • User: "Belongs" to an app; can create private objects only; cannot schedule
  • App-Admin: "Belongs" to an app; can share objects to app level so other users can see/use them; can schedule
  • Admin: System level admin, i.e. Splunk's "root"

The idea is that Users shouldn't be able to change the app, only their view of it. App-Admins can modify basically anything in their app, but should not have any control of Splunk outside of this app. I don't want them to create indexes, inputs, etc. Critically, app-admins need to be able to promote User KOs they deem worthy, from private to app-level sharing.

The app-level admin is not working as intended. KOs created by Users cannot be seen or modified by app admins. Short of giving App-Admin "admin_all_objects" I don't see how to accomplish this. However, my understanding is that setting effectively makes them root.

Is this set-up possible? Any suggestions for alternative plans that effectively mimic the user < app-admin < system-admin design?

0 Karma
Reply

jimodonald
Contributor
‎09-30-2016 10:51 AM

The "power" role does much of what you're looking to accomplish.

http://docs.splunk.com/Documentation/Splunk/6.4.3/Admin/Aboutusersandroles#About_roles

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk + ThousandEyes: Correlate frontend, app, and network data to troubleshoot ...

 Are you tired of troubleshooting delays caused by siloed frontend, application, and network data? We've got a ...

Splunk Observability for AI

Don’t miss out on an exciting Tech Talk on Splunk Observability for AI!Discover how Splunk’s agentic AI ...

🔐 Trust at Every Hop: How mTLS in Splunk Enterprise 10.0 Makes Security Simpler

From Idea to Implementation: Why Splunk Built mTLS into Splunk Enterprise 10.0  mTLS wasn’t just a checkbox ...