Security

Steps to Edit Role and control access to specific Indexes

Engager

In Settings> Access Controls > Roles (edit a role), then Indexes,
The All non-internal indexes checked under Included by default, then main is checked under Default.

To limit a Role's access to specific indexes, are the steps to a) deselect All non-internal indexes, then b) check each Index individually under Included (and Default if desired)?

0 Karma
1 Solution

SplunkTrust
SplunkTrust

Hi,

Yes that is correct way and I will suggest to create new role instead of editing default roles like user, power, admin. If you are planning to inherit role then indexes allowed in inherited roles are also apply to new role.

View solution in original post

SplunkTrust
SplunkTrust

Hi,

Yes that is correct way and I will suggest to create new role instead of editing default roles like user, power, admin. If you are planning to inherit role then indexes allowed in inherited roles are also apply to new role.

View solution in original post