- Splunk Answers
- :
- Splunk Administration
- :
- Security
- :
- How Are You Managing Users Who Want To Develop And...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
How Are You Managing Users Who Want To Develop And Deploy Apps?
I have a use case in my company where we have someone who has certifications in Splunk and wants to help his organization by developing and testing TAs for use with the data we are ingesting from his forwarders. The issue with this of course, is that you would have to provide a user like this administrative rights so that they would be able to create their own Apps.
I was wondering how other companies have managed cases like this?
We currently have a clustered environment, and one of the suggestions that I had received was to provide admin rights to a user on a single indexer. This way they can test their data and allow them to bring data there and play with data. We can also open this indexer to have internet access so they can download any app or TA they want. This way that group of 'semi-admins' will have the ability to do their testing without having access to the entire cluster as a semi-admin. When they are ready to promote their app, they then engage the splunk admins to move to prod.
Would there be feasibility in this? Are there better ways of managing this?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I believe that everyone should have a test and development server for Splunk. The description that you have provided seems pretty good to me. I would never give developers (or anyone else), admin privileges in my production Splunk environment. Once you have vetted the app on the test server, then the Splunk admin team (you?) can promote it to production.
Splunk even offers a free license for development and testing. [See this answer for more info. The current dev license is 10GB, but the new 50GB license should become available in November.]
For the test and development server, you could give developers some (or all) admin privileges. But note that many Splunk app developers do their initial development on their own laptops. I do. I can download and examine apps from Splunkbase, build visualizations and even test small datasets on my laptop. Obviously, I can't do any scaling or performance tests.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks for the quick reply! So the recommendation that I mentioned above (giving admin to one indexer) was for our test systems. I suppose there would be no harm in providing admin for the test system, but certainly there shouldn't be any reason to provide server login/admin rights correct?
Webinar Recap | Revolutionizing IT Operations: The Transformative Power of AI and ML ...
.conf24 | Registration Open!
ICYMI - Check out the latest releases of Splunk Edge Processor
