Is there a way to prevent users from accessesing Splunk Web, while still retaining the ability to run searches?
I am using the Splunk Powershell reskit to develop an application that grabs data from Splunk using Powershell...but I don't want these users to be able to access Splunk Web.
You could set their default application to one which you create with an empty view.
You could set their default application to one which you create with an empty view.
Well yes, but the wider point here is that you'd have to tune the role (and I do recommend creating a separate role for them) for those users to only be able to see the content you want them to see.
But wouldn't they still be able to just change apps?
Great idea, thanks!
Run it only on loopback and access it via ssh port forwarding, RDP, or similar.
Nope. Me and the other admins need to access splunkweb, the support group that I'm providing this access to should not
I suppose that simply shutting down splunkweb isn't the option you're looking for?