Security
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
Solved! Jump to solution

Set Default App by Role?

bmacias84
Champion
‎03-15-2013 09:19 AM

Hello,
Is there a way to set default app based on role? I know I can set default app through user-prefs.conf or through the GUI per user; however, this seems a little tedious if users are being mapped through LDAP or scripted authentication.

Thanks in advance.

Tags (3)
Reply
1 Solution
Solved! Jump to solution
Solution

yannK
Splunk Employee
Splunk Employee
‎03-15-2013 10:00 AM

it's in defined in the role as "default app" in manager > access controls > Roles > ....
And can be overwritten by the users in their own user preferences.
I do not know who win in case of roles inheritance, or users members of multiple roles.

View solution in original post

Reply
Solved! Jump to solution

kml_uvce
Builder
‎03-16-2013 09:24 PM

Try this:
In user-prefs.conf file write this:
default_namespace =

Like to admin give default app as search
$SPLUNK_HOME/etc/users/admin/user-prefs/local/user-prefs.conf
default_namespace = search

-Kamal Bisht

kamal singh bisht
0 Karma
Reply
Solved! Jump to solution
Solution

yannK
Splunk Employee
Splunk Employee
‎03-15-2013 10:00 AM

it's in defined in the role as "default app" in manager > access controls > Roles > ....
And can be overwritten by the users in their own user preferences.
I do not know who win in case of roles inheritance, or users members of multiple roles.

Reply
Solved! Jump to solution

sansay
Contributor
‎12-22-2015 03:16 PM

Today I had to deal with this issue, and I found out that the path in the hosts of our cluster is

etc/apps/user-prefs/local/user-prefs.conf

We have version 6.2.5

Reply
Solved! Jump to solution

yannK
Splunk Employee
Splunk Employee
‎09-16-2013 03:04 PM

yes, see http://docs.splunk.com/Documentation/Splunk/5.0.4/Admin/Whatsanapp

0 Karma
Reply
Solved! Jump to solution

sideview
SplunkTrust
SplunkTrust
‎09-16-2013 02:56 PM

Ugh. Yes, thanks. Splunkbase mangled my comment. I guess if you use corner brackets in a comment it thinks you're trying to write xml.

0 Karma
Reply
Solved! Jump to solution

jrodman
Splunk Employee
Splunk Employee
‎09-16-2013 01:35 PM

don't you mean

[role_user]
default_namespace = app_name

0 Karma
Reply
Solved! Jump to solution

sideview
SplunkTrust
SplunkTrust
‎07-02-2013 02:12 PM

Actually, although most things on that page are set in authorize.conf, the "default app" setting ends up in user-prefs.conf, written to etc/apps//local/user-prefs.conf

as

[role_user]
default_namespace =

Reply
Solved! Jump to solution

yannK
Splunk Employee
Splunk Employee
‎03-19-2013 09:04 AM

authorize.conf, usually in $SPLUNK_HOME/etc/system/local

0 Karma
Reply
Solved! Jump to solution

bmacias84
Champion
‎03-15-2013 10:14 AM

Do which conf file I would edit in stead of using the Web UI? I prefer to do all management through conf files with an large env. Thanks

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

May 2026 Splunk Expert Sessions: Security & Observability

Level Up Your Operations: May 2026 Splunk Expert Sessions Whether you are refining your security posture or ...

Network to App: Observability Unlocked [May & June Series]

In today’s digital landscape, your environment is no longer confined to the data center. It spans complex ...

SPL2 Deep Dives, AppDynamics Integrations, SAML Made Simple and Much More on Splunk ...

Splunk Lantern is Splunk’s customer success center that provides practical guidance from Splunk experts on key ...