You can create a role with only read access. You can go to
settings >> access control >> roles
You can know more from the following link
Interesting thing as Splunk roles are designed for read access, not for write access and each role has read access to a set of indexes.
If we look at About users and roles
It defines the user role as -
-- this role can create and edit its own saved searches, run searches, edit its own preferences, create and edit event types, and other similar tasks.