Security

Limited admin permission in Splunk

Cbr1sg
Path Finder

Hello all,
I want to create a limited admin role for our Splunk environment, this role allows user to view, execute or create anything, but can not edit/modify/delete any existing stuffs.
I see in the capabilities list of Splunk has edit* and list* but I dont see anything about create*.

Could you please help?

Thanks

Tags (2)
0 Karma
1 Solution

sudosplunk
Motivator

Power user role can achieve this with little to no tweaking in capabilities. Did you try it already? If so, what was the issue?

View solution in original post

sudosplunk
Motivator

Power user role can achieve this with little to no tweaking in capabilities. Did you try it already? If so, what was the issue?

Cbr1sg
Path Finder

@nittala_surya sorry for late reply, only now I have chance to test it. With few modifications in the capabilities, the power role indeed fulfills my requirements..

Thanks mate!

0 Karma

sudosplunk
Motivator

Glad to hear that. I moved my comment to answer so that you can accept and close it. Thanks.

0 Karma

deepashri_123
Motivator

Hey@Cbr1sg,

You can refer the following doc which describes the capabilities:
http://docs.splunk.com/Documentation/Splunk/7.1.2/Security/Rolesandcapabilities

Let me know if this helps!!

0 Karma

Cbr1sg
Path Finder

@deepashri,
Thanks, I've already gone through that doc but could not find the info that I want.

0 Karma
Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...