how to prevent users from creating knowledge objec...

AzmathShaik · ‎01-19-2021

Hello Splunkers

we are trying to restrict users (non admins) from creating knowledge objects (dashboards and reports) in our custom apps. we would like users to use the dashboards created but not save any dashboards. we have not given write permissions to users for the app. Also we default.meta config file we added the below stanza

[viewstates]

access = read : [ * ], write : [ admin ]

export = system

[views]

access = read : [ * ], write : [ admin ]

we have few groups who have write access to default search and reporting app. is this causing users to create KO's in custom app?

if not can someone suggest me if there is anyway to restrict users doing so.

manjunathmeti · ‎01-19-2021

If you don't want non-admin users to create any KOs in your app then you can provide only read access to all knowledge objects by adding below in the app's default.meta.

[]

access = read : [ * ], write : [ admin ]
export = system

Note that export = system makes reports and dashboards available to all apps.

Check this page for more information https://dev.splunk.com/enterprise/docs/developapps/manageknowledge/setpermissionsforobjects.

AzmathShaik · ‎01-20-2021

@manjunathmeti we already have this in our config file. it still allowing users to create KO's

manjunathmeti · ‎01-20-2021

That should not happen,
1. Check if there is a local.meta file in your app with write access to those user roles.
2. Check if those user roles have all_admin_objects capability or if user roles are inherited from the admin role.