...index=_audit action=edit_user has no information about type of change androle changed
index=_audit action=edit_roles OR action=edit_roles_grantable has no information of user whose role h...
Hi,
I just install a new cluster with 3SH and 3IDX and 1CM.
I login to CM from WebUI as admin to change password and create users, roles.
Then I try to use the new password to login f...
...ndexes" (like admin andusersroles) but it doesn't work either. There is no problem on another platform with the version 9.0.4, however, this one of the version 8.1.3 with the same configs fails to s...
I am a little confused about assigning the correct roles to users, so here's a question for clarification. Sorry if it's a stupid one.
If you have multiple indexers and search heads, you must a...
Hello,
I would like to create a role which allows to add roles to users on a limited perimeter. The goal is to delegate a part of the user/role mapping to superpowerusers according to their p...
...and assign users everywhere? 2) Is there a set of Splunk best practices for roles creation? 3) What is the difference if I create roles at web GUI vs backend (at on-prem instances)? Is the final r...
We have about 1000+ users in our Splunk environment and we are getting ready for an audit. Specifically, we are reviewing the user access privileges to the data in Splunk. Is there a report or q...
...ention not to edit/modify the base userroles, and i wanted to know if it is safe to remove the view all non-internal indexes from the default roles.
My tests showed that if i inherit the base userrole...
Hi,
I'm trying to get the query to pull out the following, but struggling a bit with all the joins. I need to get a list of the following in a report.
List of users
The Roles each user is p...
...ower, Read-only and Usage roles. In preparation of that release, we plan to rename the existing “User” role to “Power” role. There is no change in the capabilities or permissions of the role or e...