Splunk® Data Stream Processor

Install and administer the Data Stream Processor

Acrobat logo Download manual as PDF


DSP 1.2.0 is impacted by the CVE-2021-44228 and CVE-2021-45046 security vulnerabilities from Apache Log4j. To fix these vulnerabilities, you must upgrade to DSP 1.2.1-patch02. See Upgrade the Splunk Data Stream Processor from 1.2.0 to 1.2.1-patch02 for upgrade instructions, and Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046) for more information.
Acrobat logo Download topic as PDF

Manage users and admins

The Splunk Data Stream Processor User Management page allows you to add users and promote users to admin roles.

Pre-defined roles in the

The Splunk Data Stream Processor has two roles: users and admins.

Role Description
user Users have CRUD permissions on their own pipelines and are able to use the Ingest Service to send data to their pipeline. Users do not have access to the User Management page, nor do they have CRUD permissions on pipelines created by other users or admins, nor do they have CRUD permissions on connections.
admin Admins inherit all capabilities that a user has, but are also able to perform CRUD operations on any other pipelines in their system. Admins are also able to create, edit, and delete connections. Admins are also able to use the Forwarders Service to send data into their data pipeline.

Who should be granted permissions?

Administrators of the have full access over all Data Stream Processor resources and operations. For security purposes, you should only assign the admin role to trusted users who need the highest permissions in order to accomplish tasks required for their jobs. It is also important to understand that by granting them admin-level permissions, you are also granting them access to other resources on your network. pipelines often consume data from internal resources such as servers and databases, and thus the Data Stream Processor admin must have sufficient permissions in order to find and manage this data. Therefore, it's critically important that you restrict the admin role to only trusted users. In addition, for security reasons, you should exercise caution if you choose to make the DSP UI available on a public network.

Add or edit Data Stream Processor users and roles

To add a user to the Splunk Data Stream Processor, perform the following steps:

  1. From the Data Stream Processor homepage, click on User Management.
  2. Click create user.
  3. Enter the user's first and last name and their email address.
  4. (Optional) Click the Admin checkbox to add this user as an admin.
  5. Enter a temporary password for the user.
  6. Click Save.

The user account appears in the Users page. You can contact the user to provide the login credentials needed to access the Splunk Data Stream Processor. At this time, users are unable to change their password without the help of an admin.

Last modified on 29 April, 2021
PREVIOUS
Licensing for the Splunk Data Stream Processor
  NEXT
Get started with the Splunk Cloud Services CLI

This documentation applies to the following versions of Splunk® Data Stream Processor: 1.1.0, 1.2.0, 1.2.1-patch02, 1.2.1, 1.2.2-patch02


Was this documentation topic helpful?

You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters