Refine your search:

Limiting Manager and Saved Search Dropdown to App

3

I need to make sure my lower level users are contained within the confines of an application, but also want them to be able to created, edit, and save searches and reports within that application. Is this possible, and if so how can it be done. I've tried bastardizing the saved_searches.xml but haven't been able to make much progress.

asked 01 Mar '10, 22:57

matt%201's gravatar image

matt 1
814
accept rate: 25%

One Answer:
oldestnewestmost voted
3

This should not be too difficult. You should create a new role that inherits from the "user" or "power" role. Then you need to simply set the permissions on apps to ensure that this role only has "read" and "write" access to the app in question. If they have "write" access, they will be able to create objects in that app, and if they don't they won't. You really should not be editing the manager pages to try to set security. Also note that even without "write" access, if they have "read" access to an app, they will be able to create objects, but those objects will be limited to being "Private", i.e., they aren't published in the app.

link

answered 02 Mar '10, 16:23

gkanapathy's gravatar image

gkanapathy ♦
26.4k1622
accept rate: 42%

Ah! Only 600 character responses... Unfortunately the use case isn't that simple. I do have base attributes and roles established for import into true roles, which are responsible for segmenting a user's visibility and access across multiple application indexes. For each of these roles, I would like to user to be able to interact as freely and openly as possible. This includes the ability to save, edit, and delete searches within the scope of that application. However, I don't want that user from any particular application to have visibility to anything other than what's within that app.

(03 Mar '10, 01:26) matt 1

This includes searches set as globally visible, which appears to be the default setting upon import of any application, like the PCI compliance suite.

(03 Mar '10, 01:29) matt 1

I have the same use case as Matt. Would really like to see a way to do something like this.

(25 Aug '10, 03:27) zscgeek

So, I guess I'm not sure what fails for you. If they don't have read or write access to an app (or object in an app), they won't see it or be able to create objects in it. Is the problem with global objects/apps? Even global objects/apps are subject to the r/w ACLs on roles.

(25 Aug '10, 05:07) gkanapathy ♦
Post your answer
toggle preview

Follow this question

Log In to enable email subscriptions

RSS:

Answers

Answers + Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "Title")
  • image?![alt text](/path/img.jpg "Title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

learn more about Markdown

Tags:

×207

Asked: 01 Mar '10, 22:57

Seen: 502 times

Last updated: 02 Mar '10, 16:23

Related questions

Why can't I access Manager pages outside of the Search app?

what does "app" sharing mean in Manager's apps page?

Should an app with no UI elements still be visible in Manager?

dropdown in app

Limiting an app context's ability to do access control changes

Splunk app for Web Intelligence : missing saved search?

Link to manager functions from app

What is the difference between App Search and App Launcher?

After updating an app's saved search by web the vsid is not found

Copyright © 2005-2012 Splunk, Inc. All rights reserved.