I'm trying to create job connecting as admin with other user restriction.
I have created user 'weak', user 'weak' can't search on internal indexes. The restriction created with role.
I tried changing the namespace in job creation:
const splunkjs = require('splunk-sdk');
const service = new splunkjs.Service({
scheme: "https",
host: "myhost",
port: "8089",
username: "admin",
password: "mypass",
version: "default"
});
let params = {
search: "search index=_internal | table *",
exec_mode: "normal",
earliest_time: "1551391200",
latest_time: "1554199680",
adhoc_search_level: "fast"
}
let namepace = {
owner: "weak",
app: "search"
}
service.jobs(namespace).create(params.search, params, function (err, job) {
if (err) {
console.log(err);
return;
}
}
I also tried using namespace with servicesNS:
const splunkjs = require('splunk-sdk');
const service = new splunkjs.Service({
scheme: "https",
host: "myhost",
port: "8089",
username: "admin",
password: "mypass",
version: "default"
});
let params = {
search: "search index=_internal | table *",
exec_mode: "normal",
earliest_time: "1551391200",
latest_time: "1554199680",
adhoc_search_level: "fast"
}
let user = "weak";
service.post("/servicesNS/" + user + "/search/search/jobs", params, function (err, response) {
if (err) {
console.log(err);
return;
}
}
When i inspect the job in the Splunk UI the owner is always admin, and not weak.
... View more