Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Customize splunk search app to index

manikdham
Path Finder
‎04-26-2012 11:12 AM

I want to customize splunk search app such that particular users have access to a particular index. at login one should make selection for app and that app should have indexing data of particular index. Any ideas how to do this?

0 Karma
Reply

sdaniels
Splunk Employee
Splunk Employee
‎04-26-2012 11:45 AM

You use roles to lock down access to indexes. IE you could create a role with access to only one index. Then you are able to give individual users that role. That means that if they come into the search app and try to search on other indexes, they will get nothing. At the app level you assign roles that can access an application. Hope this helps.

Reply

sowings
Splunk Employee
Splunk Employee
‎04-26-2012 11:39 AM

The "launcher" app that ships with Splunk provides quick access to a list of the known apps. Each of your own custom apps could then expressly only search in the target index. That is, the "search" part of any form view would include a search filter like "index=this_apps_index".

0 Karma
Reply
Get Updates on the Splunk Community!

Developer Spotlight with Paul Stout

Welcome to our very first developer spotlight release series where we'll feature some awesome Splunk ...

State of Splunk Careers 2024: Maximizing Career Outcomes and the Continued Value of ...

For the past four years, Splunk has partnered with Enterprise Strategy Group to conduct a survey that gauges ...

Data-Driven Success: Splunk & Financial Services

Splunk streamlines the process of extracting insights from large volumes of data. In this fast-paced world, ...