×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Wardy1380
New Member
Member since: ‎10-31-2024
‎10-31-2024
Community Statistics
Posts 2
Solutions 0
Karma Given 0
Karma Received 0
Member Since ‎10-31-2024
Activity Feed
Topics I've Started
View All

Re: Just in time admin access

by in Getting Data In
‎10-31-2024 04:26 AM
‎10-31-2024 04:26 AM
Hi gcusello.   Many thanks for your reply and understand that Splunk does not have this fuctionality thus I will need to look at how I can create 2 accounts for an individual whilst trying to use SSO.  We have Analysts that develop use cases on Enterprize Security and for some of the functionality they need, they need Admin rights, but when they are doing there daya to day role they should remail Annalyst.  the way splunk does it as you says, I can apply both profiles but they get to use whatever they need, within these 2 profiles.   As for the ISO27001 (2022) I am also an Auditor and was looking at the ISO27002 8.2 Privileged Access rights, Guidance para [I] : "only using identities with privileged access rights for undertaking administrative tasks and not for day-to-day general tasks [i.e. checking email, accessing the web (users should have a separate normal network identity for these activities)]." This I read  should also include normal user activity within Splunk. Kind regards Neil ... View more

Just in time admin access

by in Getting Data In
‎10-31-2024 03:38 AM
‎10-31-2024 03:38 AM
Does Splunk on Prem or cloud have a solution that allows users to be an Analyst when doing that role and sign in or elevate to Admin when carrying out Admin tasks.  This is something that many standards require such as ISO27001 and others.  I hope someone can help or if not I will make the feature request. ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎10-31-2024 08:47 AM