Security
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Readonly access to view access controls

saad_siddiqi
Path Finder
‎08-06-2013 07:48 PM

Hi,

The IT security guy here wants to review the splunk roles/users. I there any way by which I can give him access to Access Controls without giving the admin role.

Thanks

Tags (1)
0 Karma
Reply

jtacy
Builder
‎08-07-2013 08:13 PM

For a self-service solution, maybe giving him read access to Splunk on Splunk would work; its Configuration File Viewer feature is great and it would allow him to see config files for search peers as well.

However, it's not clear whether some of the scripts in S.o.S might expose some undesirable functions; maybe someone from Splunk can comment on how safe it is to present S.o.S to non-admin users. On my installs it defaulted to "Everyone" read/write; I later changed that, but hopefully it is safe by default.

0 Karma
Reply

gkanapathy
Splunk Employee
Splunk Employee
‎08-06-2013 10:28 PM

You could simply use "splunk cmd btool authorize.conf list" and give him the output of that, which will show the role definitions.

Reply
Get Updates on the Splunk Community!

Earn a $35 Gift Card for Answering our Splunk Admins & App Developer Survey

Survey for Splunk Admins and App Developers is open now! | Earn a $35 gift card!      Hello there,  Splunk ...

Continuing Innovation & New Integrations Unlock Full Stack Observability For Your ...

You’ve probably heard the latest about AppDynamics joining the Splunk Observability portfolio, deepening our ...

Monitoring Amazon Elastic Kubernetes Service (EKS)

As we’ve seen, integrating Kubernetes environments with Splunk Observability Cloud is a quick and easy way to ...