Security
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
Solved! Jump to solution

dbmon permissions issue

mjones414
Contributor
‎04-23-2014 08:36 AM

Ever since upgrading splunk DB connect to a version that supports the dbx_user role I've been working out odd permissions issues and so far I've been able to get most of them sans one.

I had a decent handful of db inputs created prior to upgrading to a version of the app with dbx_user defined. I've since retroactively added dbx_user to all the users needing access and they can manage their database connections fine but they cannot create new or modify their existing dbmon inputs whether they are tail or dumps.

The error they are receiving is:

There was an error retrieving the configuration, can not process this page.

Splunk administrators are not having any issues.

the current local.meta for db connect is as follows:

[]
access = read : [ dbx_user, admin ], write : [ admin ]

### Manager ###

[manager]
export = system

[manager/databases]
export = system

[manager/dbmon]
export = system
access = read : [ admin , dbx_user ], write : [ admin , dbx_user ]

[manager/dblookups]
export = system
access = read : [ admin ,dbx_user  ], write : [ admin ,dbx_user ]

### Commands ###

[commands/dbquery]
export = system

[commands/dbinput]
export = system

[commands/dbinfo]
export = system

[commands/dboutput]
export = system

[commands/dbmonpreview]
export = none
access = read : [ admin, dbx_user ], write : [ admin ]


### Other settings ###

[inputs/dbmon-*]

[inputs]
access = read : [ dbx_user, admin ], write : [ admin , dbx_user]

[transforms]
access = read : [ dbx_user, admin ], write : [ admin , dbx_user]

[props]
export = system

[transforms]
export = system

[eventtypes]
export = system

[lookups]
export = system

[searchscripts]
export = system

[database]
access = read : [ dbx_user, admin ], write : [ admin , dbx_user]

[dblookup]
access = read : [ dbx_user, admin ], write : [ admin , dbx_user]
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

araitz
Splunk Employee
Splunk Employee
‎04-23-2014 10:40 AM

I think the problem is because creating an input requires the admin_all_objects permission, which as the name implies means having essentially unlimited access.

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

araitz
Splunk Employee
Splunk Employee
‎04-23-2014 10:40 AM

I think the problem is because creating an input requires the admin_all_objects permission, which as the name implies means having essentially unlimited access.

0 Karma
Reply
Solved! Jump to solution

mjones414
Contributor
‎04-23-2014 10:45 AM

Wow.. That's a bummer 😞 I wonder if there is any way to work this in as a feature request to have that tied to the dbx_user role...

Thank you! I will mark as answered until a way has been discovered. 🙂

0 Karma
Reply
Solved! Jump to solution

mjones414
Contributor
‎04-23-2014 08:38 AM

The version of DB Connect I'm using is 1.1.3 with splunk enterprise 6.0.3

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Observability Simplified: Combining User Experience, Application Performance & ...

Tech Talk Observability Simplified: Combining User Experience, Application Performance & Network ...

Event Series May & June: From Network Visibility to Service Intelligence

Unifying the Network: Moving from Alert Noise to Service Intelligence with Splunk ITSI In today’s hybrid ...

Global Splunk User Group Events: May + June 2026

Your Splunk Community Awaits: Discover Upcoming User Group Events Worldwide    Staying ahead in the fast-paced ...