Security

how to restrict users group to access particular index only

Path Finder

Hello

we have two indexes (A,B) and i have 3 different groups.
1. admin
2. US-East-users
3. US-central-users

our goal is admin group members should have access to both indexes and US-East-users should have access to index A only US-central-users should have access to index B.

even the user in any group other than admin searches for index=* , they should get data from only the index to which they have access.

how should i implement this? can any one help me in doing so?

Thanks in Advance.

Tags (2)
0 Karma
1 Solution

SplunkTrust
SplunkTrust

hello saifuddin9122,
navigate to settings -> access controls -> roles -> US-East-users -> scroll all the way down -> add index A to the bottom box (restricted indexes) -> click save -> repeat for other roles

alt text

View solution in original post

SplunkTrust
SplunkTrust

hello saifuddin9122,
navigate to settings -> access controls -> roles -> US-East-users -> scroll all the way down -> add index A to the bottom box (restricted indexes) -> click save -> repeat for other roles

alt text

View solution in original post

State of Splunk Careers

Access the Splunk Careers Report to see real data that shows how Splunk mastery increases your value and job satisfaction.

Find out what your skills are worth!