Can I add two roles to a user account in Splunk by...

weiwongfaye · ‎10-16-2014

for example, I need to add an admin user with "can_delete" & "admin" role.

In splunk doc, I can see that the following command allow me to CHANGE the role to "can_delete", not ADD the roles besides admin.

./splunk edit user admin -role can_delete -auth admin:changeme

List item

Julian_Gudiel_S · ‎11-10-2017

You can also directly create a user with multiples roles:

splunk add user buddha -role user  -role power -role zen -realname "Siddhartha Gautama" -password changeme

darrenfuller · ‎05-26-2015

i know its an old question, but in case others are searching for the same...

Yes, you can do that...

Take the following user

splunk add user buddha -role user -realname "Siddhartha Gautama" -password changeme

After creation, the buddha user is a member of the user role.. To edit this user to have two roles: power and zen you would need two -role parameters sent to the command...

splunk edit user buddha -role power -role zen

Running

splunk list user

will show:

username:               buddha
full-name:              Siddhartha Gautama
role:                   power zen

Notice that the edit command added buddha to the "power" and "zen" roles and removed it from the "user" role that was set on the first command. "edit user -role" will completely replace the roles that the user had with the new list of roles.

hth

trocmm · ‎11-15-2017

Thx guys
really helpful

Can I add two roles to a user account in Splunk by using CLI command?

Introducing the 2024 SplunkTrust!

Introducing the 2024 Splunk MVPs!

Splunk Custom Visualizations App End of Life