Hi,
In Splunk Web when logged in as admin, I go to Settings > Access controls, and get the following message:
Fail: [HTTP 403] Client is not authorized to perform requested action; https://127.0.0.1:8089/servicesNS/admin/system/data/modular-inputs?count=-1
Details: None
What does this mean and how can I fix it?
The message appears when I click many of the options under the Settings menu
Figured it out...
Visited the URL (https://MyServer:8089/servicesNS/admin/system/data/modular-inputs) and got the following message:
`
In handler 'modular-inputs': You (user=admin) do not have permission to perform this operation (requires capability: list_inputs).
`
Made necessary tweak to authorize.conf in $SPLUNK_HOME/etc/system/local/authorize.conf
Then refreshed the necessary endpoint: http(s)://yourserver:8000/en-US/debug/refresh?entity=admin/auth-services
Figured it out...
Visited the URL (https://MyServer:8089/servicesNS/admin/system/data/modular-inputs) and got the following message:
`
In handler 'modular-inputs': You (user=admin) do not have permission to perform this operation (requires capability: list_inputs).
`
Made necessary tweak to authorize.conf in $SPLUNK_HOME/etc/system/local/authorize.conf
Then refreshed the necessary endpoint: http(s)://yourserver:8000/en-US/debug/refresh?entity=admin/auth-services
Can Splunk please include something in a future version that prevents certain Splunk capabilities from being removed if the removal can result in breaking the admin account?