Can access restrictions be put on a lookup automatically upon creation?
For example: User A creates a lookup <-- can this lookup be automatically restricted so that User B can not search the contents ?
I know this can be done manually by setting the read permissions (select roles) on the lookup but is there a way to automatically set the permissions to be restrictive upon creation?
When user upload csv file to splunk by default permission will be private so only user who uploaded file can access this.
For second option, during search time when you create lookup file & if that lookup file does not exist in splunk then default App permission will be applied to that lookup file and shared at app level. As far as I know there are no other automatic ways to achieve this.
When user upload csv file to splunk by default permission will be private so only user who uploaded file can access this.
For second option, during search time when you create lookup file & if that lookup file does not exist in splunk then default App permission will be applied to that lookup file and shared at app level. As far as I know there are no other automatic ways to achieve this.
Ok thank you very much!
Welcome 🙂
As you mentioned that "upon creation", how User A creating lookup For example: Uploading lookup or creating lookup using search query ?
Any ideas for either or both situations would be appreciated! (but I believe the main concern was for when a lookup was created using search query). Thanks!