Hello all,
I want to create a limited admin role for our Splunk environment, this role allows user to view, execute or create anything, but can not edit/modify/delete any existing stuffs.
I see in the capabilities list of Splunk has edit* and list* but I dont see anything about create*.
Could you please help?
Thanks
Power user role can achieve this with little to no tweaking in capabilities. Did you try it already? If so, what was the issue?
Power user role can achieve this with little to no tweaking in capabilities. Did you try it already? If so, what was the issue?
@nittala_surya sorry for late reply, only now I have chance to test it. With few modifications in the capabilities, the power role indeed fulfills my requirements..
Thanks mate!
Glad to hear that. I moved my comment to answer so that you can accept and close it. Thanks.
Hey@Cbr1sg,
You can refer the following doc which describes the capabilities:
http://docs.splunk.com/Documentation/Splunk/7.1.2/Security/Rolesandcapabilities
Let me know if this helps!!
@deepashri,
Thanks, I've already gone through that doc but could not find the info that I want.