×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
asml_diamond
Engager
Member since: ‎05-13-2019
3 weeks ago
Community Statistics
Posts 2
Solutions 1
Karma Given 4
Karma Received 0
Member Since ‎05-13-2019
View All

Re: ITSI maintenance window capabilities for a non...

by in Splunk ITSI
‎08-19-2019 06:30 AM
‎08-19-2019 06:30 AM
To give the 'service' user permission to create, change and delete Maintenance Windows we had to make several changes to the files in ITSI. 1) Enable Maintenance Windows capabilities First, in the 'authorize.conf' file we enabled the following capabilities for the 'service' user: read-maintenance_calendar write-maintenance_calendar delete-maintenance_calendar Documentation: https://docs.splunk.com/Documentation/ITSI/4.3.0/Install/Capabilities 2) Make the Maintenance WIndow visible on the dashboard The second step is to make the Maintenance Window visible to the 'service' user.In our case, the 'service' user should be able to access the Maintenance Window view but also be able to make changes. To do this we had to give the 'service' user read, write and delete permissions in the following ITSI views in the file 'local.meta': [views/maintenance_windows_lister] access = read : [ itoa_admin, itoa_team_admin, service ], write: [ itoa_admin, itoa_team_admin, service ], delete: [ itoa_admin, itoa_team_admin, service ] [views/maintenance_window_detail_view] access = read : [ itoa_admin, itoa_team_admin, itoa_user, service ], write: [ itoa_admin, itoa_team_admin, itoa_user, service ], delete: [ itoa_admin, itoa_team_admin, itoa_user, service ] You can find (or should I say, you should create) this file ('local.meta') in the following folder: /opt/splunk/etc/shcluster/apps/itsi/metadata/ 3) Set permissions for the KV store collections The next step is to set the permissions for the KV store collections. This can be done in the 'local.meta' file (if this file doesn't exist, create it and don't make changes to the 'default.meta' file) in the following directory: /opt/splunk/etc/shcluster/apps/SA-ITOA/metadata/ The only change we made in this file is that we gave read, write and delete permissions to the 'service' user to the following collection: [collections/maintenance_calendar] access = read : [ itoa_admin, itoa_team_admin, itoa_analyst, itoa_user, service ], write: [ itoa_admin, itoa_team_admin, service ], delete: [ itoa_admin, itoa_team_admin ] Documentation: https://docs.splunk.com/Documentation/ITSI/4.3.0/Install/UsersandRoles#Set_permissions_to_KV_store_collections 4) Set shared Application-level permissions Step is to set give the 'service' user write permissions to make changes to objects in shared applications. We made the change in the 'local.meta' file in the following directory: /opt/splunk/etc/shcluster/apps/DA-ITSI-STORAGE/ 5) Change permissions in the Global team The last step was to give the 'service' user permission to access the entities and services that belong to the Global team. Without this the 'service' user couldn't put any entities or services in Maintenance Mode. You can find the file in the following directory: Splunk/searchheads/itsi_configurations/import/itsi_team___team___0.json Documentation: https://docs.splunk.com/Documentation/ITSI/4.2.1/Configure/MaintenanceWindows And that's how we made it possible for the 'service' user to create, change and delete Maintenance Windows 🙂 ... View more

ITSI maintenance window capabilities for a non adm...

by in Splunk ITSI
‎08-13-2019 08:30 AM
‎08-13-2019 08:30 AM
We need to allow a non admin user to be able to create, modify and delete maintenance windows from ITSI. We have try to add this capabilities to the user_role: - read_maintenance_calendar - write_maintenance_calendar - delete_maintenance_calendar And also making the maintenance window lister available to the role. But we still can not create the maintenance window with the user. Can you please help us to understand what is missing? Regards, Jemil Garcia ... View more
Contact Me
Online Status
Offline
Date Last Visited
3 weeks ago
Karma given to