product
service
- Simple Security Consulting [Consulting]
- Splunk SOAR Automation Assessment Service [Consulting]
- Dashboard/SPL Creation Pack [Implementation/Building Support]
- Version upgrade service [implementation and construction support]
- Splunk Premium Apps construction support service [implementation and construction support]
- Splunk Security Log Analysis Start Package [Original App/Service]
- Splunk × CrowdStrike Falcon Insight, Macnica Original App [Original App/Service]
- Government uniform standard compatible App [Original App/Service]
- Smart Security Monitoring App [Original App/Service]
- Splunk × LANSCOPE Original App [Original App/Service]
- Security Monitoring App for Box [Original App/Service]
- Cloud Security Monitoring App [Original App/Service]
- SIEM Operation Monitoring Service [Original App/Service]
- List of services
- Macnica Premium Support for Splunk (utilization support, version upgrade monitoring)
- Macnica Premium Support for Splunk Skill Up Package
Specifications/Technical Information
Application for evaluation machine
- FAQ
How to allow users to only view and search specific dashboards
- release date
- 2017-07-05
- last updated
- 2017-07-05
- version
- Splunk Enterprise 6.5.2
- Overview
- How to allow users to only view and search specific dashboards
- Reference information
-
- https://docs.splunk.com/Documentation/Splunk/6.5.2/Security/Addandeditroles
- https://docs.splunk.com/Documentation/Splunk/6.5.2/Security/Rolesandcapabilities
- https://docs.splunk.com/Documentation/Splunk/6.5.2/Security/ConfigureuserswithSplunkWeb
- http://docs.splunk.com/Documentation/Splunk/6.5.2/Viz/DashboardPermissions
- content
-
As for the dashboard, it is controlled according to each user's role. Therefore, if you want to allow specific users to view and search only specific dashboards, you will need to edit the read permissions for each role for each shared dashboard.
The work is as follows. The following work contents assume the case of creating new roles and users.
[Work overview]
- Step 1. Create Roles for Users Only
- Step 2. Create a user and assign the role created in step 1
- Step 3. Grant read permissions on the dashboard to the role
[Work content details]
Roles, assignment of created roles to users, and authorization to roles are performed in the following order.
Step 1. Role Creation Instructions- Access the Splunk GUI with the admin user
- Click "Settings > Access Control > Roles > New"
- Select the authority you want to use from "Selected authority"
- In "Index", specify the index that can be searched by the user assigned the role being created, and click "Save".
* At this time, do not forget to specify the index to be used on the dashboard.
Step 2. New user creation, role assignment procedure- Access the Splunk GUI with the admin user
- Click "Settings > Access Control > User > New" to add a new user
- On the Add new user screen, select the created user-only role in "Selected roles" and click "Save".
Step 3. Set Dashboard Permissions- Access the Splunk GUI with the admin user
- Select "Edit Permissions" from "Actions" of the target dashboard in the list of dashboards in the Search & Reports app.
- Grant only "read" permissions to the newly created role.
Please also refer to the information in the FAQ below for the specifications of default roles and how to create new roles and users.
Role specification and creation procedure
In addition, if you want to set the dashboard not to be displayed for a specific user, create a dedicated role for that user by the above method, and edit the newly created role when editing the dashboard you do not want to display Configure settings to grant neither read nor write permissions to .
that's all
In charge of Macnica Splunk Co., Ltd.
- TEL:045-476-2010
- E-mail:splunk-sales@macnica.co.jp
Mon-Fri 8:45-17:30