Hello.
I have a simple question:
I would like to have a specified index with sensitive data in it, however, I don't want every user to have access to it - only a few. How can I do it?
Do I create a custom users group?
Bests,
- F.
You control access to indexes based upon roles.
So you create a new role group, and add the access to the index to the role group. Then you add the users to the role group.
http://docs.splunk.com/Documentation/Splunk/6.4.0/Security/Aboutusersandroles
You control access to indexes based upon roles.
So you create a new role group, and add the access to the index to the role group. Then you add the users to the role group.
http://docs.splunk.com/Documentation/Splunk/6.4.0/Security/Aboutusersandroles