Hello, im looking to get a service account working for our company that is used specifically for owning searches. This is to help things run smoothly when individual userIDs or people are deactivated.
Everything we use for access looks to be based off of role groups, but i would like to import just this service account, and make that have specific access to run searches and edit. Is this something i can do without making another role group specifically for that service account?
Thank you
Not really. In order to let this account run searches in Splunk it needs the appropriate capabilities such as search
, which can only be given to a role in Splunk - either an existing one or one created specifically for this user.
Similarly, you cannot map an LDAP user to a Splunk user, only map LDAP groups to Splunk roles.
Not really. In order to let this account run searches in Splunk it needs the appropriate capabilities such as search
, which can only be given to a role in Splunk - either an existing one or one created specifically for this user.
Similarly, you cannot map an LDAP user to a Splunk user, only map LDAP groups to Splunk roles.
Thanks Martin, that's what i figured