Security

Limited admin permission in Splunk

Cbr1sg
Path Finder

Hello all,
I want to create a limited admin role for our Splunk environment, this role allows user to view, execute or create anything, but can not edit/modify/delete any existing stuffs.
I see in the capabilities list of Splunk has edit* and list* but I dont see anything about create*.

Could you please help?

Thanks

Tags (2)
0 Karma
1 Solution

sudosplunk
Motivator

Power user role can achieve this with little to no tweaking in capabilities. Did you try it already? If so, what was the issue?

View solution in original post

sudosplunk
Motivator

Power user role can achieve this with little to no tweaking in capabilities. Did you try it already? If so, what was the issue?

Cbr1sg
Path Finder

@nittala_surya sorry for late reply, only now I have chance to test it. With few modifications in the capabilities, the power role indeed fulfills my requirements..

Thanks mate!

0 Karma

sudosplunk
Motivator

Glad to hear that. I moved my comment to answer so that you can accept and close it. Thanks.

0 Karma

deepashri_123
Motivator

Hey@Cbr1sg,

You can refer the following doc which describes the capabilities:
http://docs.splunk.com/Documentation/Splunk/7.1.2/Security/Rolesandcapabilities

Let me know if this helps!!

0 Karma

Cbr1sg
Path Finder

@deepashri,
Thanks, I've already gone through that doc but could not find the info that I want.

0 Karma
Get Updates on the Splunk Community!

What's new in Splunk Cloud Platform 9.1.2312?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.1.2312! Analysts can ...

What’s New in Splunk Security Essentials 3.8.0?

Splunk Security Essentials (SSE) is an app that can amplify the power of your existing Splunk Cloud Platform, ...

Let’s Get You Certified – Vegas-Style at .conf24

Are you ready to level up your Splunk game? Then, let’s get you certified live at .conf24 – our annual user ...