I am an admin user in the Splunk console on prem, and I was going to update the roles of certain admin users from admin down to power. The issue is that whenever I attempt to do this&n...
...ention not to edit/modify the base user roles, and i wanted to know if it is safe to remove the view all non-internal indexes from the default roles.
My tests showed that if i inherit the base user role...
I found http://answers.splunk.com/answers/202990/how-to-get-ldap-group-name-by-using-query-or-rest.html so I can create/list ldap strategies. However, I need to be able to:
list groups + rolemappings...
Hi, all the splunk gurus out there.
Recently we added a new role and we couldn't see the users with the role when logged in as admin.
So we took out "grantableRoles = admin" option on "/etc/s...
We have peers added to search heads, but users are able to search all the indexes on the peers.
We want to restrict some users so that they can access only certain indexes.
Is it possible with e...
Is it possible to obfuscate lookups that users are do not have access to? I don't think it makes sense to display lookups and kv-stores that the users don't have access to edit. Also they're able to ...
hello -
i've been reading the various guides and some other Q&As regarding segration orrole-based access to different data.
i'm working with a distributed environment, where there are s...
...ot sure what the best approach is. I also attached the front end photo of the dashboard that I have to modify.
CSS:
<style>
.custom-text-value {
font-size: 1...
Hi,
I wanted to create a user account having only access to ES-APP and within which he needs to have access to only incident review, Security Posture, Intrusion Center (present in Security doma...