How can we implement read only columns in the Splu...

joshiro · ‎06-21-2023

We are using Splunk Enterprise 9.0.1 OnPrem, with Splunk App for Lookup File Editing version 3.6.0.

We need to get a user to modify a column in a lookup, so we give him access and capabilities to do so.
But we dont want this user to have the power to modify all the columns in that lookup.

Is there anyway that we can restrict which columns a user can edit?

Regards.

EDIT:
Here is an open idea for this feature request: https://ideas.splunk.com/ideas/APPSID-I-529.
Please vote if you consider it is useful.

richgalloway · ‎06-21-2023

That's not a current feature of the Lookup File Editing app. Read/write access to a lookup file is all or none. Go to https://ideas.splunk.com to suggest column access controls.

---
If this reply helps you, Karma would be appreciated.

joshiro · ‎06-21-2023

Is there anyway we can "hide" some of these columns in the GUI?, even when they are in the raw lookup files.

richgalloway · ‎06-21-2023

See my previous answer. 😀

---
If this reply helps you, Karma would be appreciated.

How can we implement read only columns in the Splunk App for Lookup File Editing?

administration

Observability | How to Think About Instrumentation Overhead (White Paper)

Cloud Platform | Get Resiliency in the Cloud Event (Register Now!)

The Great Resilience Quest: 10th Leaderboard Update