Security

Limited admin permission in Splunk

Cbr1sg
Path Finder

Hello all,
I want to create a limited admin role for our Splunk environment, this role allows user to view, execute or create anything, but can not edit/modify/delete any existing stuffs.
I see in the capabilities list of Splunk has edit* and list* but I dont see anything about create*.

Could you please help?

Thanks

Tags (2)
0 Karma
1 Solution

sudosplunk
Motivator

Power user role can achieve this with little to no tweaking in capabilities. Did you try it already? If so, what was the issue?

View solution in original post

sudosplunk
Motivator

Power user role can achieve this with little to no tweaking in capabilities. Did you try it already? If so, what was the issue?

View solution in original post

Cbr1sg
Path Finder

@nittala_surya sorry for late reply, only now I have chance to test it. With few modifications in the capabilities, the power role indeed fulfills my requirements..

Thanks mate!

0 Karma

sudosplunk
Motivator

Glad to hear that. I moved my comment to answer so that you can accept and close it. Thanks.

0 Karma

deepashri_123
Motivator

Hey@Cbr1sg,

You can refer the following doc which describes the capabilities:
http://docs.splunk.com/Documentation/Splunk/7.1.2/Security/Rolesandcapabilities

Let me know if this helps!!

0 Karma

Cbr1sg
Path Finder

@deepashri,
Thanks, I've already gone through that doc but could not find the info that I want.

0 Karma
.conf21 Now Fully Virtual!
Register for FREE Today!

We've made .conf21 totally virtual and totally FREE! Our completely online experience will run from 10/19 through 10/20 with some additional events, too!