Splunk Enterprise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How can we implement read only columns in the Splunk App for Lookup File Editing?

joshiro
Communicator
‎06-21-2023 07:13 AM

We are using Splunk Enterprise 9.0.1 OnPrem, with Splunk App for Lookup File Editing version 3.6.0.

We need to get a user to modify a column in a lookup, so we give him access and capabilities to do so.
But we dont want this user to have the power to modify all the columns in that lookup.

Is there anyway that we can restrict which columns a user can edit?

Regards.

EDIT:
Here is an open idea for this feature request: https://ideas.splunk.com/ideas/APPSID-I-529.
Please vote if you consider it is useful.

Labels (1)
Labels
Tags (1)
0 Karma
Reply

richgalloway
SplunkTrust
SplunkTrust
‎06-21-2023 08:03 AM

That's not a current feature of the Lookup File Editing app.  Read/write access to a lookup file is all or none.  Go to https://ideas.splunk.com to suggest column access controls.

---
If this reply helps you, Karma would be appreciated.
Reply

joshiro
Communicator
‎06-21-2023 08:12 AM

Is there anyway we can "hide" some of these columns in the GUI?, even when they are in the raw lookup files.

0 Karma
Reply

richgalloway
SplunkTrust
SplunkTrust
‎06-21-2023 08:49 AM

See my previous answer.  😀

---
If this reply helps you, Karma would be appreciated.
0 Karma
Reply
Get Updates on the Splunk Community!

New This Month in Splunk Observability Cloud - Metrics Usage Analytics, Enhanced K8s ...

The latest enhancements across the Splunk Observability portfolio deliver greater flexibility, better data and ...

Alerting Best Practices: How to Create Good Detectors

At their best, detectors and the alerts they trigger notify teams when applications aren’t performing as ...

Discover Powerful New Features in Splunk Cloud Platform: Enhanced Analytics, ...

Hey Splunky people! We are excited to share the latest updates in Splunk Cloud Platform 9.3.2408. In this ...