Reporting

How to restrict external access to embedded report

tomapatan
Path Finder

We have a requirement to share a Splunk report externally and I`m aware we can achieve this by using iframes to embed the report.

My question is who can access the iframe - assuming it`s everyone who has a copy of the iframe/URL - and if there`s a way to restrict access to certain users only ? Can the restriction be applied within Splunk, or does it need to be applied within the external web app that we`re sharing with ?

Labels (1)
0 Karma
1 Solution

yeahnah
Builder

Hi @tomapatan 

Yes, I believe embedded reports are readable by anyone with access to the iframe/URL.  Splunk does not have a way to be aware of who is accessing it, so this would need to be applied at the Web front end.

Having said that, depending on needs, the content of a report is usually generalised/summarised data, with the report creator having control over what is presented or more importantly, not presented or obfuscated.

View solution in original post

0 Karma

yeahnah
Builder

Hi @tomapatan 

Yes, I believe embedded reports are readable by anyone with access to the iframe/URL.  Splunk does not have a way to be aware of who is accessing it, so this would need to be applied at the Web front end.

Having said that, depending on needs, the content of a report is usually generalised/summarised data, with the report creator having control over what is presented or more importantly, not presented or obfuscated.

0 Karma
Get Updates on the Splunk Community!

Splunk Security Content for Threat Detection & Response, Q1 Roundup

Join Principal Threat Researcher, Michael Haag, as he walks through:An introduction to the Splunk Threat ...

Splunk Life | Happy Pride Month!

Happy Pride Month, Splunk Community! 🌈 In the United States, as well as many countries around the ...

SplunkTrust | Where Are They Now - Michael Uschmann

The Background Five years ago, Splunk published several videos showcasing members of the SplunkTrust to share ...