I have a Splunk role say 'test_role' with following capabilities and have a user 'testuser' under this 'test_role' with Default app as say "xyz":-
accelerate_search get_metadata get_typeahead input_file output_file pattern_detect request_remote_tok rest_properties_get rest_properties_set rtsearch schedule_rtsearch schedule_search search
When I login as 'testuser', I am getting the following error:-
404 Not Found Return to Splunk home page Page not found! View more information about your request (request ID = 5a28ead2c37f090c3c2dd0) in Search
Note: If I give 'admin_all_objects' capability under 'test_role' then 'testuser' login would be successful in accessing 'xyz' app home page and everything works.
Can anyone help me figure out what could be going wrong here ?
If the default app is your xyz app, or the launcher or the search app, make sure that the custom role has read permission on them.
By default all apps have read permission for the role "user", and all roles are supposed to inherit from it (power, admin,...)
As you create a new role without inheritance, it probably has no read permissions on any apps.
Have you given “test_role” read/write access to “xyz” app?
If you have not given that access then Go to Manage Apps and then change “xyz” app permission.
Yes, change permissions on that app to global.
Thanks for the replies.