I can see in my user roles that I can prevent a user from accessing search functionality, but it appears that this means that a user can't even view the results of a saved search.
How can I allow a user to view existing saved searches, but not start new ones?
This is useful for us as Splunk is being shared across multiple sites, so we are allowing only our backend to create private, invisible saved searches with data they have permission to view, and then embedding the results in an iframe on our frontend. The client doesn't know how to use Splunk, all they know is they want analytics for their site.
... View more