Hi, Firstly, thanks for the fast reply however there are cases where the users are required to access both sensitive and non-sensitive indexes at the same time using the same user.  Another concern is on the scaling factor.     Below is my scenario  ... View more

Hi @gcusello However, the authentication is based on the connection order. So if this sensitive user is authenticated based on the first group based on order, he/she will only be able to have the role to see the index mapped to the first group.  I asked Splunk support officially on this and they do not have any idea/solution on this.  Regards, Anton  ... View more

Hi,  My company also faced the same issue. Splunk have a very restricted way of doing RBAC. Until now they do not have any fixes on this. Do you have any luck on this thus far?  Regards, Anton Anton Yeo  ... View more