We need to allow a non admin user to be able to create, modify and delete maintenance windows from ITSI. We have try to add this capabilities to the user_role:
- read_maintenance_calendar
- w...
I want to create an alert that notifies when Windowsadmins login and the accounts they are using. I want to ensure they are not using admin accounts for daily drivers. I want the search top p...
This question deals with making a locally installed instance of Splunk available to end users who do not have admin privileges on their win7 PC.
I log onto to an end user’s PC as admin and i...
Hi!
My goal is to be able to tie together events from Linux events and Windows events in order to track Windows users logging in as root or admin users on Linux machines. Both indexes share a c...
...t doesnt work. On the last step of installation it reverts and fails. When installing with admin permissions - installation completes. But I need to run this service without any admin permissions, b...
Hi, most of the splunk forwarder installed on servers are on NT Authority and will like to change this to local admin. I have tried modifying the ansible roles to fix the this but h...
In ITSI, How can a non-admin user create a maintenance window? As we observe only itoa admin and itoa team admin having capabilities to create maintenance window. However, I am trying to make non-admin...
Hello, I am looking to create a report of a search. I have a requirement of tracking user logon to window machines (Active directory). I am currently getting all the data, but I am having problems w...
Hello,
Is there a way to have Splunk notify admins when a user has removed a windows application or installed an application that they are not supposed to? I know you can search Windows event I...