Create and manage identities
An identity object contains database credentials. It comprises the username and password that Splunk DB Connect uses to access your database.
Note that your database credentials and are not the same as your Splunk Enterprise credentials. When you configure a DB Connect identity, you use the Splunk Enterprise role-based access control system to define access to the identity.
Create an identity
- From within Splunk DB Connect, access the Configuration > Databases > Identities tab and click New Identity.
- Complete the following fields:
- Identity Name
- Username: Enter the name of the database user you want to connect as.
Note: Ensure that the database user has sufficient access to the data you want to search. For example, you might create a database user account whose access is limited to the data you want Splunk Enterprise to consume.
- Password: Enter the password for the user you entered in the Username field.
Note: Your password is encrypted. DB Connect requires this field to connect to your database.
- Use Windows Authentication Domain: This setting is for identities that connect to Microsoft SQL Server databases. Enable this setting if you need to specify a Windows Authentication Domain.
- Windows Authentication Domain: If you selected the Use Windows Authentication Domain checkbox, enter the domain in this field. For more information about connecting to Microsoft SQL Server databases using Windows Authentication, see "Microsoft SQL Server."
- In the Permissions tab, update the Splunk Enterprise permissions for this identity. For more information, see Permissions.
- Click Save.
To see a list of the defined identities, go to Configuration > Databases > Identities. To see a list of identities, reference the the table below.
To edit an identity, click its name. You can edit the following attributes of an identity, except where noted:
- Status: Disable an identity by clicking Disable. You cannot disable an identity if any inputs, outputs, or lookups are using it. In that case, DB Connect displays an error message that reads Can not disable this identity!.
- Identity Name: Not editable. To change the name of an identity, clone it, give the clone the name you want, and then delete the original identity.
- Username, Password, Use Windows Authentication Domain? checkbox and Windows Authentication Domain are the same as Create an identity.
- Permission: The Permissions table is where you specify the Splunk Enterprise roles that have read, write, or no permissions to the identity. By default, the Splunk Enterprise "admin" and "db_connect_admin" roles have read-write access to a new identity, the "db_connect_user" role has read access, and all other roles have no access.
- Read access means that Splunk Enterprise roles are able to use the identity.
- Write access means that Splunk Enterprise roles are able to use and modify the identity.
Configure security and access controls
Create and manage database connections
This documentation applies to the following versions of Splunk® DB Connect: 3.0.0, 3.0.1, 3.0.2, 3.0.3
Feedback submitted, thanks!