Splunk Manager Admin Permission Problem

harald_leitl · ‎07-16-2012

Hi,

Just updated my search heads to 4.3 and now I get following message when trying to create new roles in Splunk manager.

There was an error retrieving the configuration, can not process this page.

You do not have permission to access the configuration for this page.

No difference between LDAP user (with admin privilege) and local Admin user, both receive the same error.

my /opt/splunk/etc/apps/search/metadata/default.meta shows:

....

*[manager/authentication_roles]

access = read : [ admin ], write : [ admin ]*

...

that should be okay.

Any suggestion?

thanks,

harry

lguinn2 · ‎07-16-2012

Sometimes I see errors like this if Splunk was started/stopped by root, when it normally runs as a different user. Some of the files become owned by root and then odd things don't work. In Linux, there is a simple fix. Assuming that

Splunk is installed in /opt/splunk
Splunk should run as user splunkit
you are signed in as a user with sudo privileges

cd /opt sudo chown -R splunkit splunk

Of course, the problem could be something entirely different...

harald_leitl · ‎11-28-2012

any other suggestion? could it be a bug?

harald_leitl · ‎08-30-2012

just chanced permissions - unfortunately still the same behavior.

Splunk Manager Admin Permission Problem

Join Us for Splunk University and Get Your Bootcamp Game On!

.conf24 | Learning Tracks for Security, Observability, Platform, and Developers!

Announcing Scheduled Export GA for Dashboard Studio