Splunk® App for Edge Hub and Augmented Reality

Splunk AR: Install and Use Splunk App for Edge Hub and Splunk AR

Acrobat logo Download manual as PDF


The Splunk App for AR is a required companion app for the Splunk AR mobile app. To learn more, see About the Splunk App for AR.
This documentation does not apply to the most recent version of Splunk® App for Edge Hub and Augmented Reality. For documentation on the most recent version, go to the latest release.
Acrobat logo Download topic as PDF

Configure Splunk AR roles and permissions

You can grant users the ability to view, edit, or manage specific objects in the Splunk App for AR Roles tab. You can customize the capabilities and object access that a role has.

Default settings

By default, users with the ar_admin role have all Splunk AR class capabilities. Users with the ar_user role have read access to all objects, unless defined otherwise by the object access settings. You can define object access rules to manage which users can access specific objects.

Users must have the user role in Splunk web to view any AR data.

Permissions management capabilities

Users with the edit_roles capability can create, remove, or edit roles.

Users with the ar_edit_roles capability can add or remove object access in existing roles.

You can assign the edit_roles or ar_edit_roles capabilities to a user role in Splunk Web. See Add or edit a role in the Securing the Splunk Platform manual.

Settings page capabilities

Users must have the ar_admin role or the following capabilities to use the Settings tab of Splunk AR. To learn more about the Settings tab, see Configure Splunk AR.

Settings page capability Description
ar_migrate_deployment_data Users can download and import Splunk AR deployment data. To learn more about downloading and importing Splunk AR deployment data, see Migrate Splunk AR deployment data.
edit_phantom_configuration Users can configure a Splunk Phantom instance to use Workflow Automation with Splunk AR. To learn more about Workflow Automation, see Enable Splunk AR Workflow Automation.
ar_manage_server_settings Users can configure app-wide settings for the Splunk App for AR.

Class capabilities

Splunk AR class capabilities define how users can interact with a certain class of objects.

Splunk AR comes with the following class capabilities:

Class capability Description
asset_read Users can view individual assets in the Splunk App for AR. They can view what data is associated with each asset.
asset_write Users can view and edit individual asset data in the Splunk App for AR. They can choose what data to associate with an asset.
asset_manage Users can register and unregister individual assets, and choose what data to associate. To move assets in and out of groups, the user must have asset_manage and asset_group_manage.
asset_group_read Users can view asset groups in the Splunk App for AR. They can view what data is associated with each asset group.
asset_group_write Users can view asset groups in the Splunk App for AR. They can view and edit data that's associated with each asset group.
asset_group_manage Users can register and unregister asset groups, and choose what data to associate. To move assets in and out of groups, the user must have asset_manage and asset_group_manage.
workspace_read Users can view AR workspaces and their associated data.
workspace_write Users can view AR workspaces, adjust visualizations, and choose what data to associate with a workspace in the Splunk AR mobile app or the Splunk App for AR.
workspace_manage Users can create new workspaces, delete workspaces, view AR workspaces, adjust visualizations, and choose what data to associate with a workspace in the Splunk AR mobile app or the Splunk App for AR.
note_read Users can view notes.
note_write Users can view notes and edit notes.
note_manage Users can view, edit, adjust, delete, and create workspace notes.
beacon_read Users can detect nearby beacons and view associated dashboards in the Splunk AR mobile app.
beacon_write Users can associate beacons with dashboards, detect nearby beacons, and view associated dashboards in the Splunk AR mobile app.
beacon_manage Users can add beacons, remove beacons, associate beacons with dashboards, detect nearby beacons, and view associated dashboards in the Splunk AR mobile app.
geofence_read Users can detect nearby geofences and view associated dashboards in the Splunk AR mobile app.
geofence_write Users can associate geofences with dashboards, detect nearby geofences, and view associated dashboards in the Splunk AR app.
geofence_manage Users can create geofences, remove geofences, associate geofences with dashboards, detect nearby geofences, and view associated dashboards in the Splunk AR app.
playbook_read Users can run Splunk Phantom playbooks in AR workspaces as part of Workflow Automation.
playbook_write Users can edit Splunk Phantom playbooks in AR workspaces as part of Workflow Automation.
playbook_manage Users can add, remove, reposition, and edit Splunk Phantom playbooks in AR workspaces as part of Workflow Automation.

Object access

When creating a role, define object access to manage which users can access specific objects.

To define object access, Splunk AR mobile users must use Splunk AR version 2.3.0 or later.

Splunk AR object classes include the following:

  • Assets
  • Asset groups
  • Workspaces
  • Beacons
  • Geofences
  • Notes and media
  • Playbooks

Object access precedence

If a user is a member of a role that has a class capability, that capability applies to any objects that aren't referenced in other roles. If you create roles that define access to a particular object, then the user have those roles to access the object.

For example, say you create role_1 with the workspace_read capability. Then you assign role_1 to a user. role_1 has the workspace_read capability, so the user has read access to all workspaces that aren't restricted by other roles, such as workspace_1 .

Now suppose you create role_2 with read access to workspace_1. Now the user doesn't have access to workspace_1, unless you assign role_2 to the user.

Configure Splunk AR roles and permissions

Configure Splunk AR permissions by editing or creating roles and assigning them to users in the Splunk App for AR 'Roles tab. You can edit roles by adding or removing class capabilities and objects access. Or you can create a role and define its class capabilities and objects access.

Prerequisites

Complete the following steps before configuring Splunk AR permissions:

  • Install the Splunk App for AR.
  • Have the ar_admin role or the edit_roles capability.
  • Make sure that the Splunk AR mobile app users are using Splunk AR version 3.0.0 or higher.

Create a role

  1. In the Splunk App for AR, navigate to the Roles tab.
  2. Click Roles.
  3. Click +Add Role.
  4. Name the role.
  5. (Optional) Select existing roles to inherit. The role that you're creating will have the same class capabilities and object access as the roles you select to inherit.
  6. Click Continue.
  7. Select the class capabilities that you want the role to have.
  8. Click Continue.
  9. Select the objects that you want the role to have access to.
  10. Click Continue.
  11. Click Save.

Edit roles

  1. In the Splunk App for AR, navigate to the Roles tab.
  2. Click the edit icon next to a role to edit it.
  3. Click Edit next to Inheritance, Class Capabilities, or Object Access to edit the role.
  4. Click Save.


Assign roles to users

After editing or creating Splunk AR roles, assign the roles to users. See Create and manage roles with Splunk Web in the Securing the Splunk Platform manual.

Last modified on 06 January, 2022
PREVIOUS
Get data into Splunk AR using a Raspberry Pi
  NEXT
Associate objects with dashboards in the Splunk App for AR with asset tags

This documentation applies to the following versions of Splunk® App for Edge Hub and Augmented Reality: 1.10.0, 1.2.0, 1.2.1, 1.3.0, 1.4.1


Was this documentation topic helpful?


You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters