Solved: Re: How to setup auto search based on login name?

Cbr1sg · ‎05-31-2018

Hello all,
I want to setup Splunk in such a way that when an user logins to the dashboard, Splunk would be able to detect the name of user (preferably via LDAP search) and say "hello Mr. ABC, welcome to the dashboard blah blah" and it will also automatically search for the data related to that specific user and display the data without manual input from user himself.

Is it possible and how can it be done in Splunk? Thanks

HiroshiSatoh · ‎05-31-2018

Is this information?

|rest /services/authentication/current-context/context

View solution in original post

paramagurukarth · ‎05-31-2018

There are some such useful details are readily available in splunk token.
You can use that in your html and search...
Check this

Cbr1sg · ‎05-31-2018

very useful info, thank you!

paramagurukarth · ‎05-31-2018

Always welcome

splunker12er · ‎05-31-2018

Search query:

| rest /services/authentication/current-context | where username!="splunk-system-user" | fields username| replace * with "Welcome \"*\" !" in username

Create a dashboard panel
Set the Visualization to "single value"
as like u may customize your search query and pass the username to load user related results

Cbr1sg · ‎05-31-2018

unfortunately i can't accept another answer, but this also solves my problem. Thank you!

paramagurukarth · ‎05-31-2018

But you can accept the best answer

HiroshiSatoh · ‎05-31-2018

Is this information?

|rest /services/authentication/current-context/context

Cbr1sg · ‎05-31-2018

Exactly what I'm looking for. thank you very much

How to setup auto search based on login name?

Stay Connected: Your Guide to May Tech Talks, Office Hours, and Webinars!

They're back! Join the SplunkTrust and MVP at .conf24

Enterprise Security Content Update (ESCU) | New Releases