My idea was to put a custom css file in the /etc/users/username/search/appserver/static.
Can I do this somewhow ?
I am not yet an expert on app development (I'm more of a backend guy) but as of last year there did not seem to be a way to have user specific css: http://answers.splunk.com/answers/144898/custom-css-for-specific-users.html
Deploy a single app putting the "everyone else" configurations under the default
directory but the "just this guy" configurations under the local
directory. Then be sure to give the file permissions (both OS and Splunk) such that only "just this guy" has access to the stuff in local
. This will cause "everyone else" not to see the configurations in local
and fall back to the ones in default
Um... A few points here: 1) Splunk runs on the OS as a single user therefore OS permissions are irrelevant. 2) Static assets such as CSS in the appserver/static directory do not have separate default and local configurations. 3) Assuming that you have separate default and local configs, setting permissions on the same stanza at the local level would override the same at the default level (thus "just that guy" would have only the local config, and no one else would have access to any other config)
Your comment about "single use" is irrelevant because not everybody runs "splunk" as user root
; in fact many people are of the opinion that splunk should never be running as root
so I am finding more and more that it is not running as root
. In such cases, this can be exploited.
Also, the users gave CSS as an option (actually as a guess), not necessarily as the only means for this "style" change. In my example, he might build 2 totally different dashboards which could be split (sharing the same name) between .../default/data/ui/views/
and .../local/data/ui/views/
. It all depends on what OP means by look
.
In this case, I was not referring to "single user" as in "single user mode." If you run Splunk as splunk
instead of root
Splunk's processes on the OS access files on the OS as only the individual splunk
user. If user A and user B log into Splunkweb. Splunk is still accessing data from disk as the single splunk
OS user for both of these users. OS permissions cannot not be set for only an individual splunk user.
True enough, let's just agree that the "both OS and" would have been better off not included.