This has puzzled me too. Turned out, default connect parameters don't give you access to objects that are set to "private" by other users. To get that, you need to explicitly specify it with wildcard, which is "-". Put that in your ~/.splunkrc or manually set in connect() method.
# Splunk host (default: localhost)
host=HOSTNAMEHERE
# Splunk admin port (default: 8089)
port=8089
# Splunk username
username=USERNAMEHERE
# Splunk password
password=PASSHERE
# Access scheme (default: https)
scheme=https
# Your version of Splunk (default: 5.0)
version=6.6.4
#app context
app=-
#owner wildcard
owner=-
After that, you should be able to see all objects. For example this should return all searches (global, app, user) from all apps:
def main():
opts = parse(sys.argv[1:], {}, ".splunkrc")
service = client.connect(**opts.kwargs)
savedsearches = service.saved_searches
for s in savedsearches:
print s.name, s.access["owner"], s.access["sharing"]
I hope it helps!
... View more