Security
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Can i restrict access to certain views ??

rakesh_498115
Motivator
‎01-25-2013 10:14 AM

Hi..

I need to restrict access to few dashboards to certain users in a single app. how can i do it ? can you please help with proper documentation..

thanks

Tags (3)
0 Karma
Reply

chris
Motivator
‎01-25-2013 10:28 AM

This is doable got to the Manager click on "User Interface" and the views in your app for every view you can set the permissions for the roles you have in Splunk. You can create your own roles and assign the users to those roles.

alt text

There is some info here
http://docs.splunk.com/Documentation/Splunk/latest/Security/Addandeditroles
But I think you should be fine be just copying the default user or power roles and assign the users accordingly

Reply

rakesh_498115
Motivator
‎02-04-2013 01:57 AM

*** sry typo error ..couldn't see this workin

0 Karma
Reply

rakesh_498115
Motivator
‎02-04-2013 12:46 AM

I tried this but could see this working...am i missin something...the steps i have done ..
I have two users say user1 and user2 and default app for this two users is MYAPP ..
Now i have created two user roles say A and B for both roles A and B i have given the indexs that are available in MYAPP...After that i have added the role A to user1 and role B to user 2 ..

Now i am gone to MYAPP in that i have two views say view1 and view2 . . i want the view 1 to be accessed by user1 and view2 by user2 . So i have added role1 to view1 and role2 to view2 . but i didnt see this happening..plese help.

0 Karma
Reply

jpass
Contributor
‎01-25-2013 10:24 AM

Here's how I do it:

-create 'roles' that will dictate what views a user can acces
-add users to the appropriate roles
-go to: http://path-to-your-splunk:8000/en-US/manager/my-app-name/data/ui/views
-you should see a list of views for 'my-app-name'
-in the middle of each row notice the link for permissions
-the permissions are based on roles
-fine your a view you want to set up access for and click it's permissions link
-provide access to any roles you want to allow to use that view

You'll obviously want to substitute 'path-to-your-splunk' and 'my-app-name' for whatever you have on your Splunk instance. I'm using Splunk 4.3

Reply
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In December, the Splunk Threat Research Team had 1 release of new security content via the Enterprise Security ...

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

(This is the first of a series of 2 blogs). Splunk Enterprise Security is a fantastic tool that offers robust ...

Index This | What are the 12 Days of Splunk-mas?

December 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...