Hi everybody,
what's the best way to store user-specific preferences?
I need something like the "setup.xml" functionality, but to memorize settings independently for each user.
Is there a built-in way to do this? If not, can you suggest me a safe alternative approach?
Best regards!
you can create a lookup just by collecting your needed data and place it in a csv file. then upload the file to splunk. heres a link that explains how: http://docs.splunk.com/Documentation/Splunk/6.5.2/Knowledge/Usefieldlookupstoaddinformationtoyoureve...
if you have the data within splunk from a different data source, you can create a search that collects the right data and arranges in a table, then use the outputlookup command to save it.
since you mentioned its a sensitive data, will recommend to restrict permissions on that lookup
Cheers
Hi lmeloni,
Can you elaborate on the use case? what do you mean by user-specific preferences?
Hi adonio,
by user-specific preference I mean, for example, every information that's stored in the "Edit account" page (time zone, default app etc.).
Let's say that I've got a certain set of extra preferences (e.g. home address, telephone number etc.), is there a way to extend the "Edit account" page to store them?
If the answer is no, is there any other way to safely store user-related data that might be sensitive and/or confidential?
Best regards!
Do you use LDAP for authentication?
Are you bringing in Active Directory data?
I think that your question has 2 parts:
a. information stores in "Edit account" configured in user-pref.conf and authorize.conf
b. like @somesoni mentioned is additional information about a user.
to store securely the user info you are asking for, many splunk clients use identities lookup.
you can easily create one based on Active Directory data if you have it, example here using SA-ldapsearch:
http://docs.splunk.com/Documentation/ES/4.5.2/User/AssetandIdentityExamples
can also use other data sources or searches against Active Directory when collecting with [admon].
if that answers your needs, let me know and ill post a full answer.
I'm not currently using LDAP authentication, just the default Splunk login method.
Identity lookups can probably accomplish what I need, but sadly I don't have an Active Directory; is it a necessary component for this approach?
Are these preferences or additional information about logged in user?