Hi there,
I'd like to build individual Dashboards per Splunk-User (LDAP mapped).
As there is a huge number of employes I'd like to build an dynamic dashboard which allows a user to see reports regarding his username.
Is there a way to extract the current username out of the user-session, so he can see only the data regarding his username?
I'd like to put this user-name variable into a search which filters then for the current username.
Is this possible?
Thank you.
Christian
Ayn's answer contains the username, but has a lot of extra information that the user inherits from it's roles.
Try:
| rest /services/authentication/current-context | table username
The result that isn't "splunk-system-user" is the current username.
Yes, you can get the current username by calling the REST endpoint authentication/current-context
via the rest
command, like this:
| rest /services/authentication/current-context
Hi Ayn,
thank you for your answer. As I tested your search my results also include other users. I just want to see the user who's currently doing this search. Can I filter out other users dynamically?
Btw: Will the | rest command need administration capabilities? If so I would need a other way which works for user/power users.