We need to allow a non admin user to be able to create, modify and delete maintenance windows from ITSI. We have try to add this capabilities to the user_role:
- read_maintenance_calendar
- write...
...nstall Splunk Enterprise with an MSA are:
The MSA requires the same permissions as a domain account on the machine that runs Splunk Enterprise.
The MSA must be a local administrator on the machine t...
...efaults, which I hope are the correct default case. Is what it does (or what we should do) documented someplace?
Note I do 'not' want to setpermissions via the Splunk administrative gui. The q...
In splunkd.log I see so many of the following warning message:
00-00-0000 00:08:00.000 WARN AuthorizationManager - Unknown role 'everybody'
Why am I seeing so many of these messages?
I have an index of log data I am trying to search.
I have a seperate csv file containing a list of about 40 search terms with two metadata for each term:
name,benefit,type
banana,5,f...
...5-min intervals).
How can I set conditional tokens based on the range of time picked? Can I just use
<condition match=latest-earliest < (some number of seconds for epoch time d...