Hi,
I want to create a role and import capabilities or index permissions .
Suppose , I have role A which has indexes allowed = dog,cat
I create a role B and say importRoles = A
and B has search indexes allowed = fish, chicken.
what index permissions does role B have in final ??
And also the capabilities ?
Will both the search indexes allowed get mixed ? or only the capabilities ??
Thanks,
let's say you have a user=test assigned with roleB, he can search all indexes(including indexes allowed for role A)
capabilities also get mixed: you can check it under settings--->access controls---->roles---->roleB(imported capabilities are from roleA)
check this splunk doc for further explanation...
http://docs.splunk.com/Documentation/Splunk/7.2.1/Security/Addandeditroleswithauthorizeconf
let's say you have a user=test assigned with roleB, he can search all indexes(including indexes allowed for role A)
capabilities also get mixed: you can check it under settings--->access controls---->roles---->roleB(imported capabilities are from roleA)
check this splunk doc for further explanation...
http://docs.splunk.com/Documentation/Splunk/7.2.1/Security/Addandeditroleswithauthorizeconf
how about for version 6.5.3 ??
I don't think there is a difference in this case form 6.5.3 and 7.21...
http://docs.splunk.com/Documentation/Splunk/6.5.3/Security/Addandeditroleswithauthorizeconf
you could also test it on your local splunk instance creating a user assigning a role(with inherited role)
Ya, it worked. Thanks for the answer !!