Security

Permissions to edit Splunk ES dashboards

guruprasadds
Engager

Hi,

I would like to edit the default dashboards in Enterprise Security ( Security Domains--> Access, Endpoint, Network, identity, Security Intelligence), please let me know what permissions are needed.

 

Thanks,

Guru

Labels (1)
0 Karma
1 Solution

nwuest
Path Finder

Hi @guruprasadds,

I see you are looking to edit the default dashboards in Enterprise Security.

I've seen that users with the "admin" role can edit the dashboards in Enterprise Security. Whenever you edit and save a dashboard in Enterprise Security, Splunk will save the newly edited dashboard in the "local" folder of whatever app it originated from.

  • User, Power, and ESS Admin (Just a few roles I've tested) does not allow the end user to edit dashboards.

Check out this webpage for further explanation on how to configure users and roles for Enterprise Security

Configure users and roles 

Let us know if this helps you with your question!

V/R,
nwuest

 

 

View solution in original post

0 Karma

nwuest
Path Finder

Hi @guruprasadds,

I see you are looking to edit the default dashboards in Enterprise Security.

I've seen that users with the "admin" role can edit the dashboards in Enterprise Security. Whenever you edit and save a dashboard in Enterprise Security, Splunk will save the newly edited dashboard in the "local" folder of whatever app it originated from.

  • User, Power, and ESS Admin (Just a few roles I've tested) does not allow the end user to edit dashboards.

Check out this webpage for further explanation on how to configure users and roles for Enterprise Security

Configure users and roles 

Let us know if this helps you with your question!

V/R,
nwuest

 

 

0 Karma

guruprasadds
Engager

Hi, Thanks for your response.

I have one question here, if I grant admin privileges to a user, he/she  get a lot more capabilities and can do anything. Is it possible to restrict or customize roles/permissions to just for dashboards edit.

 

Thanks,

Guru

0 Karma
Get Updates on the Splunk Community!

ATTENTION!! We’re MOVING (not really)

Hey, all! In an effort to keep this Slack workspace secure and also to make our new members' experience easy, ...

Splunk Admins: Build a Smarter Stack with These Must-See .conf25 Sessions

  Whether you're running a complex Splunk deployment or just getting your bearings as a new admin, .conf25 ...

AppDynamics Summer Webinars

This summer, our mighty AppDynamics team is cooking up some delicious content on YouTube Live to satiate your ...