Splunk Enterprise

Removing write access of admin for few of the reports and alerts

vikashperiwal
Path Finder

Hi Team,

 

As part of audit question - can we remove the admin write role from few of reports and alerts...we don't want any one to do change including admin..how can we achieve this from configuration end? And also want to remove clone option from UI to all reports and alerts from configuration

Labels (2)
0 Karma

isoutamo
SplunkTrust
SplunkTrust

Hi

I don’t think that you can remove that capability from admin. 
Maybe this https://community.splunk.com/t5/Dashboards-Visualizations/Hide-quot-Create-New-Dashboard-quot-Button... helps you on your second item?

r. Ismo

0 Karma

vikashperiwal
Path Finder

For reports and alerts, how to hide the clone button....when we to report and alerts we see all the reprt along that action field under that we see clone...I want to hide that /or not show...from which conf file we can achive..?

Default.meta I did not find option

0 Karma
Get Updates on the Splunk Community!

.conf24 | Registration Open!

Hello, hello! I come bearing good news: Registration for .conf24 is now open!   conf is Splunk’s rad annual ...

Using the Splunk Threat Research Team’s Latest Security Content

REGISTER HERE Tech Talk | Security Edition Did you know the Splunk Threat Research Team regularly releases ...

SplunkTrust | 2024 SplunkTrust Application Period is Open!

It's that time again, folks! That's right, the application/nomination period for the 2024 SplunkTrust is ...