Security

Is there a list of what each privilege/capability permits?

Path Finder

I've been searching for a list of what each of the user capabilities means - what access it allows, what objects a role with that capability can see/edit/delete, etc. This seems to be a difficult thing to find. The admin guide in the docs mentions capabilities but doesn't have a link to anything like a list of them. Perhaps my Google-fu is insufficient, but this seems to be an obscure thing. Does anyone know of such a list?

1 Solution

Builder

something like this...
http://docs.splunk.com/Documentation/Splunk/7.2.1/Security/Rolesandcapabilities

OR you can run this on search-heads

| rest /services/authentication/users splunk_server=local 
| rename title as user 
| table user capabilities roles

View solution in original post

Builder

something like this...
http://docs.splunk.com/Documentation/Splunk/7.2.1/Security/Rolesandcapabilities

OR you can run this on search-heads

| rest /services/authentication/users splunk_server=local 
| rename title as user 
| table user capabilities roles

View solution in original post

Path Finder

I'd also like to mention that maybe the admin guide could have a link to the security document, since looking for how to administer users and roles leads naturally to this question.

And - nice search. Of course it's available internally! That does really make a lot of sense. Thanks again!

Path Finder

That's perfect. Why is it so hard to find? Maybe Splunk needs to get some more search terms in the metadata.

In any case, thanks very much!

0 Karma