Thanks a lot, @renjith.nair
Is there any privilege that I could add to the user role that would let them see all the saved search results from remote SH, or I should avoid this path?
More importantly, we are planning to move the authentication to reverse proxy module. This is important to us so need your suggestion. Kindly let me explain...
On each SH, there will be a reverse proxy module (which will handle our SSO) and a scripted authentication on splunk side.
In short,
[USER] ---> Company specific SSO URL ---> Load Balancer ---> Reverse proxy on a SH ---> Scripted Authentication on that SH
My question is, in this setup, the users will not be manually added to any SH and we would let the script determine the role for a user (scripted authentication on splunk side using python). Will we not face the same issue again where users are not able to see savedsearch results from remote SH? Or, would the remote SH also check its local scripted authentication file in this case, so that the user is okayed?
Appreciate your help! Thanks in advance.
Thanks
Ishaan
... View more