Hi,
I running Splunk 4.1.6 and I'm trying to create a role which allows the user to only have read access to the Search app. i.e. They can only do native and saved searches.
However, even at the lowest level of privileges it seems the user always has access to the "Manager". Is there anyway to restrict this? Can i remove the link from the search app?
Thanks
I added the following
javascript:alert(document.links[1].style.display="none")
to application.js and it works beautifully.
Thanks
you can control what is displayed on the Manager page via the authorize.conf file.
more info here :
http://docs.splunk.com/Documentation/Splunk/4.3/admin/Addandeditroles#List_of_available_capabilities
http://docs.splunk.com/Documentation/Splunk/4.3/admin/Addandeditroles#List_of_available_capabilities
I added the following
javascript:alert(document.links[1].style.display="none")
to application.js and it works beautifully.
Thanks
To add to what Sean said, when you use advanced XML, you can only actually remove the entire "AccountBar", meaning all of those links, or leave it in. However, if I'm in an app, I can paste this into the URL bar and the "Manager" link will hide for me, so I imagine that a custom application.js could get you what you want:
javascript:{$('a[href*="/manager/"]').hide()}
Thanks mw. I tried the javascript you mentioned and in Chrome it seems to work, but not Firefox. Any tips?
(My html is not as good as it used to be)
namanjoshi,
You can certainly customize "search" or create a custom app that doesn't provide links to manager or other apps to the users. Additionally, you can configure Splunk to put certain users in this app by default.
There is Splunk documentation on how to customize a dashboard.
Note, to do what are you're asking requires the advanced dashboard XML.
As the doc states, you can browse to your search app and viewSource to see what components are there: https://localhost:8000/en-US/app/search/dashboard_live?showsource=true
Sean