Security
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Readonly access to view access controls

saad_siddiqi
Path Finder
‎08-06-2013 07:48 PM

Hi,

The IT security guy here wants to review the splunk roles/users. I there any way by which I can give him access to Access Controls without giving the admin role.

Thanks

Tags (1)
0 Karma
Reply

jtacy
Builder
‎08-07-2013 08:13 PM

For a self-service solution, maybe giving him read access to Splunk on Splunk would work; its Configuration File Viewer feature is great and it would allow him to see config files for search peers as well.

However, it's not clear whether some of the scripts in S.o.S might expose some undesirable functions; maybe someone from Splunk can comment on how safe it is to present S.o.S to non-admin users. On my installs it defaulted to "Everyone" read/write; I later changed that, but hopefully it is safe by default.

0 Karma
Reply

gkanapathy
Splunk Employee
Splunk Employee
‎08-06-2013 10:28 PM

You could simply use "splunk cmd btool authorize.conf list" and give him the output of that, which will show the role definitions.

Reply
Get Updates on the Splunk Community!

Harnessing Splunk’s Federated Search for Amazon S3

Managing your data effectively often means balancing performance, costs, and compliance. Splunk’s Federated ...

Infographic provides the TL;DR for the 2024 Splunk Career Impact Report

We’ve been buzzing with excitement about the recent validation of Splunk Education! The 2024 Splunk Career ...

Enterprise Security Content Update (ESCU) | New Releases

In December, the Splunk Threat Research Team had 1 release of new security content via the Enterprise Security ...