Hi @tkwaller1 Just a small tweak to the SPL you already have, to use search NOT (current-context) and rename username to eai:acl.owner instead of user. This would filter out all the ones which the ...
See more...
Hi @tkwaller1 Just a small tweak to the SPL you already have, to use search NOT (current-context) and rename username to eai:acl.owner instead of user. This would filter out all the ones which the current user owns. | rest splunk_server=local /servicesNS/-/-/data/ui/views
| search NOT
[| rest /services/authentication/current-context splunk_server=local
| fields + username
| rename username as eai:acl.owner]
| rename eai:acl.app as App, eai:acl.perms.read as Permissions, title as View, label AS Dashboard
| table Dashboard eai:acl.owner If you just want to see all views which the user can access, then this will be any which are returned from the REST call | rest splunk_server=local /servicesNS/-/-/data/ui/views
| rename eai:acl.app as App, eai:acl.perms.read as Permissions, title as View, label AS Dashboard
| table App Dashboard eai:acl.owner Please let me know how you get on and consider adding karma to this or any other answer if it has helped. Regards Will