Hi,
Let's say I have 2000 virtual servers, one for each customer.
I want to give access to Splunk to each customer and limit him only to his virtual server data.
Do I spread data across 2000 indexes - one per customer/server and create 2000 roles and limit each role/customer to his index ?
Or
Do I create 2000 roles and limit each to a single host in the search ?
Or
Any other simpler way ? 😄
Urtho,
... View more