I have a Splunk role say 'test_role' with following capabilities and have a user 'testuser' under this 'test_role' with Default app as say "xyz":-
accelerate_search
get_metadata
get_typeahead
input_file
output_file
pattern_detect
request_remote_tok
rest_properties_get
rest_properties_set
rtsearch
schedule_rtsearch
schedule_search
search
When I login as 'testuser', I am getting the following error:-
404 Not Found
Return to Splunk home page
Page not found!
View more information about your request (request ID = 5a28ead2c37f090c3c2dd0) in Search
Note: If I give 'admin_all_objects' capability under 'test_role' then 'testuser' login would be successful in accessing 'xyz' app home page and everything works.
Can anyone help me figure out what could be going wrong here ?
If the default app is your xyz app, or the launcher or the search app, make sure that the custom role has read permission on them.
By default all apps have read permission for the role "user", and all roles are supposed to inherit from it (power, admin,...)
As you create a new role without inheritance, it probably has no read permissions on any apps.
Have you given “test_role” read/write access to “xyz” app?
If you have not given that access then Go to Manage Apps and then change “xyz” app permission.
Yes, change permissions on that app to global.
Thanks for the replies.