Splunk ITSI
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

ITSI, Service Analyzer

genesiusj
Builder
Wednesday

Hello,

Looking a detailed doc/vid on Service Analyzer (SA). 

Having issues with permitting users an pre-filtered SA and blocking their ability to switch to another filter, or turn off filtering completely.

My flawed(?) understanding is there is really only a single SA which contains every service within ITSI. Using Teams, we should be able to create other SAs permitting permitting different access. However, that is not working; or I am missing something in the process. While I can save a new SA with the filter on service or tag in place; the user can click the X on the service or tag filter and see all services and tags available, including CPs, which they do not have read/write permissions to.

Thanks in advance and God bless,
Genesius

Labels (2)
Labels
0 Karma
Reply

danielbb
Motivator
Friday

It sounds like you want to restrict users to a specific, pre-filtered view in Service Analyzer and prevent them from removing or changing those filters.

To clarify, Service Analyzer itself is a single app that displays all services in ITSI, and filters applied through the UI are generally user-controlled. Teams and roles in ITSI control access to services and KPIs, but they don’t inherently restrict filter controls within Service Analyzer.

Some questions to better understand your setup:

  • Are you using ITSI Teams and roles to limit users’ permissions on specific services and KPIs?
  • How are you creating and sharing these filtered Service Analyzer views? Are these saved as bookmarks or dashboards?
  • Have you explored the “Service Visibility” settings in ITSI to restrict what services users can see?
  • Are users accessing Service Analyzer via direct URL with filters applied, or through the main ITSI navigation?

Getting clarity on these points can help determine if the behavior is expected or if additional permission configurations are needed.

If this helps, some karma would be appreciated!

0 Karma
Reply

livehybrid
SplunkTrust
SplunkTrust
Thursday

Hi @genesiusj 

I wonder if these pages help you in terms of SA? https://www.splunk.com/en_us/pdfs/getting-started/splunk-getting-started-with-itsi.pdf

https://docs.splunk.com/Documentation/ITSI/4.20.1/SI/AboutSA

https://help.splunk.com/en/splunk-it-service-intelligence/splunk-it-service-intelligence/visualize-a...

🌟 Did this answer help you? If so, please consider:

    • Adding karma to show it was useful
    • Marking it as the solution if it resolved your issue
    • Commenting if you need any clarification

Your feedback encourages the volunteers in this community to continue contributing.

 

0 Karma
Reply
Get Updates on the Splunk Community!

OpenTelemetry for Legacy Apps? Yes, You Can!

This article is a follow-up to my previous article posted on the OpenTelemetry Blog, "Your Critical Legacy App ...

UCC Framework: Discover Developer Toolkit for Building Technology Add-ons

The Next-Gen Toolkit for Splunk Technology Add-on Development The Universal Configuration Console (UCC) ...

.conf25 Community Recap

Hello Splunkers, And just like that, .conf25 is in the books! What an incredible few days — full of learning, ...