Want to grant delete permissions for a non admin account for specific prod-test-* indexes
Created a new role and mapped it to an AD group but does not seem to like it. Users still get , Error in 'delete' command: You have insufficient privileges to delete events.
[role_test_access]
srchIndexesAllowed = _audit
deleteIndexesAllowed = prod-test*
delete_by_keyword= enabled
Any suggestions highly appreciated.
