Splunk Search
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
Solved! Jump to solution

Restrict access to "Manager"

namanjoshi
Explorer
‎06-08-2011 06:04 PM

Hi,

I running Splunk 4.1.6 and I'm trying to create a role which allows the user to only have read access to the Search app. i.e. They can only do native and saved searches.

However, even at the lowest level of privileges it seems the user always has access to the "Manager". Is there anyway to restrict this? Can i remove the link from the search app?

Thanks

Tags (2)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

namanjoshi
Explorer
‎06-08-2011 09:48 PM

I added the following

javascript:alert(document.links[1].style.display="none")

to application.js and it works beautifully.

Thanks

View solution in original post

0 Karma
Reply
Solved! Jump to solution

frankfowler
Explorer
‎02-14-2012 03:09 PM

you can control what is displayed on the Manager page via the authorize.conf file.

more info here :

http://docs.splunk.com/Documentation/Splunk/4.3/admin/Addandeditroles#List_of_available_capabilities

http://docs.splunk.com/Documentation/Splunk/4.3/admin/Addandeditroles#List_of_available_capabilities

0 Karma
Reply
Solved! Jump to solution
Solution

namanjoshi
Explorer
‎06-08-2011 09:48 PM

I added the following

javascript:alert(document.links[1].style.display="none")

to application.js and it works beautifully.

Thanks

0 Karma
Reply
Solved! Jump to solution

mw
Splunk Employee
Splunk Employee
‎06-08-2011 07:46 PM

To add to what Sean said, when you use advanced XML, you can only actually remove the entire "AccountBar", meaning all of those links, or leave it in. However, if I'm in an app, I can paste this into the URL bar and the "Manager" link will hide for me, so I imagine that a custom application.js could get you what you want:

javascript:{$('a[href*="/manager/"]').hide()}
Reply
Solved! Jump to solution

namanjoshi
Explorer
‎06-08-2011 09:20 PM

Thanks mw. I tried the javascript you mentioned and in Chrome it seems to work, but not Firefox. Any tips?

(My html is not as good as it used to be)

0 Karma
Reply
Solved! Jump to solution

sdwilkerson
Contributor
‎06-08-2011 07:35 PM

namanjoshi,

You can certainly customize "search" or create a custom app that doesn't provide links to manager or other apps to the users. Additionally, you can configure Splunk to put certain users in this app by default.

There is Splunk documentation on how to customize a dashboard.

Note, to do what are you're asking requires the advanced dashboard XML.

As the doc states, you can browse to your search app and viewSource to see what components are there: https://localhost:8000/en-US/app/search/dashboard_live?showsource=true

Sean

Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

[Puzzles] Solve, Learn, Repeat: Matching cron expressions

This puzzle (first published here) is based on matching timestamps to cron expressions.All the timestamps ...

Design, Compete, Win: Submit Your Best Splunk Dashboards for a .conf26 Pass

Hello Splunkers,  We’re excited to kick off a Splunk Dashboard contest! We know that dashboards are a primary ...

May 2026 Splunk Expert Sessions: Security & Observability

Level Up Your Operations: May 2026 Splunk Expert Sessions Whether you are refining your security posture or ...