I am an admin user in the Splunk console on prem, and I was going to update the roles of certain admin users from admin down to power. The issue is that whenever I attempt to do this&n...
...ailed to authenticate. Status Code="Responder" Check Splunkd.log for more information about the failure." I enabled web debug and it shows SSO Enabled as No. The certificate has not expired. I removed a...
...ention not to edit/modify the base user roles, and i wanted to know if it is safe to remove the view all non-internal indexes from the default roles.
My tests showed that if i inherit the base user role...
Hi splunkers,
i know how we can restrict users from export data in splunk web.
Does anyone happens to know , how can we restrict users from export data via RestAPI, CLI ?
Hi, all the splunk gurus out there.
Recently we added a new role and we couldn't see the users with the role when logged in as admin.
So we took out "grantableRoles = admin" option on "/etc/s...
...the other roles, such as splunk-system-role. Or I have some with power and a custom role and I want to keep the custom role but remove power. Won't let me and they are only in the AD group map...
We have peers added to search heads, but users are able to search all the indexes on the peers.
We want to restrict some users so that they can access only certain indexes.
Is it possible with e...
I found http://answers.splunk.com/answers/202990/how-to-get-ldap-group-name-by-using-query-or-rest.html so I can create/list ldap strategies. However, I need to be able to:
list groups + rolemappings...
I'm seeing the error below under messages in my Splunk enterprise console:
Missing or malformed messages.conf stanza for TCPOUT:FORWARDING_BLOCKED_Indexer IP ADDress_default-autolb-group DC-Host N...