Is there something like a diff command on roles? I am trying to grant as limited as possible access to a custom role however if I grant anything below power user, they cannot run searches.
The role I am working on has:
Capabilities of:
change_own_password
get_metadata
get_typeahead
input_file
list_inputs
output_file
request_remote_tok
rest_apps_view
rest_properties_get
rest_properties_set
rtsearch
schedule_search
search
Restrict search terms:
src_ip="10.35.0.0/16"
Indexes searched by default:
index_sample
Restrict this role's searches to the specified index(es).
index_sample
When I do a search of * with these settings, the role gets nothing. When I add power user to the inherited it works fine. I would really just like to give the role search within its restricted term and nothing more because by granting power suer to the role, it can see apps I don't want the new role to see and I don't want to limit the power user.
Thoughts at how I can track this down?
Let me know if you have any questions...
Thanks.
Dave
OK, I found the issue. I needed to grant access globally to the extraction that produced the src_ip field and access to the app that was being searched. Now the CIDR in Restrict search terms works w/o need for a lookup
OK, I found the issue. I needed to grant access globally to the extraction that produced the src_ip field and access to the app that was being searched. Now the CIDR in Restrict search terms works w/o need for a lookup