Hi
We have this role in our Splunk instance (can_delete) and that role allows users to delete any data or indexes in Splunk
If I select users from settings and try to delete that role from all users, it shows that this role is deleted but when I refresh the page I see that the role is back again to the users
Can someone advise please?
Thanks
hi @Dany-Abou-Asali,
Role can_delete might be inherited in the role(s) that these users belong to.
Share the authorize.conf.