Splunk Search

How to set access rights for view according to user

Path Finder

Hello,

I want to set access rights according to users. I have three user as of now admin,user1 and user2,

and have two screens Screen_1_1 and Screen_1_2.if admin and user1 logged in, then they can see Screen_1_2 only. and if user2 logged in, then he will see Screen_1_1 only.
I have one application only and both the screens are under one app.

Tags (1)
0 Karma

Motivator

Hi,

I do not believe that you can set access rights directly by users BUT I know that you can set view access rights according to roles.

For your example, you would have/make 3 roles as followed:

role: admin (should have already)

role: role1 (create role and assign to user1)

role: role2 (create role and assign to user2)

Then in Splunk Web -> Manager -> User Interface -> Views -> Screen_1_1 -> Permissions:
You tick only the following roles to Read: user2

Lastly for Splunk Web -> Manager -> User Interface -> Views -> Screen_1_2 -> Permissions:
You tick only the following roles to Read: admin, user1

Ensure that you do not have the Read 'Everyone' checkbox ticked for these views.