Security
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

What capabilities are required to add a Data Input for Remote event log collections?

gildanieli
New Member
‎06-03-2013 08:41 AM

I want to grant a role the ability to create a new Event Log Collection data input. What capabilities can I grant to the role, to accomplish this, and do I need to make any other changes to the role i.e. edit one of the config files?

Running on Windows, version 5.0.1.

Tags (1)
0 Karma
Reply

amiracle
Splunk Employee
Splunk Employee
‎07-14-2014 11:56 AM

I was able to grant the access to the user by giving access to the role "splunk-system-role." The capabilities it has listed are:
accelerate_datamodel
accelerate_search
admin_all_objects
change_authentication
change_own_password
edit_deployment_client
edit_deployment_server
edit_dist_peer
edit_forwarders
edit_httpauths
edit_input_defaults
edit_monitor
edit_roles
edit_scripted
edit_search_server
edit_server
edit_splunktcp
edit_splunktcp_ssl
edit_tcp
edit_udp
edit_user
edit_view_html
edit_web_settings
embed_report
get_diag
get_metadata
get_typeahead
indexes_edit
input_file
license_edit
license_tab
list_deployment_client
list_deployment_server
list_forwarders
list_httpauths
list_inputs
output_file
request_remote_tok
rest_apps_management
rest_apps_view
rest_properties_get
rest_properties_set
restart_splunkd
rtsearch
run_debug_commands
schedule_rtsearch
schedule_search
search

0 Karma
Reply
Get Updates on the Splunk Community!

Accelerating Observability as Code with the Splunk AI Assistant

We’ve seen in previous posts what Observability as Code (OaC) is and how it’s now essential for managing ...

Integrating Splunk Search API and Quarto to Create Reproducible Investigation ...

 Splunk is More Than Just the Web Console For Digital Forensics and Incident Response (DFIR) practitioners, ...

Congratulations to the 2025-2026 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...