Splunk® IT Service Intelligence

Administration Manual

Acrobat logo Download manual as PDF


This documentation does not apply to the most recent version of Splunk® IT Service Intelligence. For documentation on the most recent version, go to the latest release.
Acrobat logo Download topic as PDF

Create teams in ITSI

Implement teams in IT Service Intelligence (ITSI) to restrict service-level information to only the departments or organizations that need access to it. Teams empower domain experts in different areas within an organization to create and monitor the services that pertain to their department.

Prerequisites

  • See Overview of teams in ITSI to determine whether you need to implement teams for your organization.
  • Plan out what teams you need to create in ITSI. You can create teams for technology areas or for different departments within your organization. Create a team for every area that needs a separate view of ITSI service-level data or that needs to be administered independently within ITSI.

High-level steps

  1. Create team admin roles to administer each team and assign users to those roles.
  2. Create custom analyst and user roles for each team.
  3. Create teams and assign read/write permissions to the team admin roles you created.
  4. Create services within teams.

Step 1: Create roles to administer your teams

After you determine the teams you are going to create in ITSI, create roles to administer the services in each team.

  1. Create a role in the Splunk platform for each ITSI team admin.
  2. Configure the roles to inherit from the itoa_team_admin role in order to obtain the appropriate capabilities.
  3. Assign users to each team admin role you created.

For example, the Splunk administrator creates an itoa_finance_admin role that inherits from the itoa_team_admin role for the administrator of the Finance team. The Splunk admin then assigns the Finance team administrator to the itoa_finance_admin role.

Splunk Cloud Platform administrators need to request Splunk Support to create the custom roles needed for teams.

For information about the itoa_team_admin role's capabilities, see Configure users and roles in ITSI. For information about creating custom roles, see About configuring role-based user access.

Step 2: Create custom roles within each team

Create custom roles for the ITSI analysts and users in each team. For example, create an itoa_finance_analyst role that inherits from the itoa_analyst role for the analysts in the Finance department. Create an itoa_finance_user role that inherits from the itoa_user role for the users in the Finance department. You can then assign permissions to the Finance team without allowing access to analysts and users from other departments.

You must configure the itoa_admin role to inherit from the custom roles you create. Otherwise, the itoa_admin role cannot assign permissions to the custom roles. Alternatively, use the admin role to assign permissions.

Step 3: Create teams

Create teams to group services by department, organization, or type of service and control access to the services.

Prerequisites

  • You must have the itoa_admin role to create a team.
  • Before you create a team, you must create the team admin role that will administer the team so that you can assign permissions to the role when creating the team. See Implement teams in ITSI for information.

Steps

  1. Click Configuration > Teams.
  2. Click Create Team.
  3. Provide a team name and description. Duplicate team names are allowed, but be aware of other team names and use naming conventions to avoid confusion.
  4. Assign read or write access to the listed roles as appropriate. The itoa_admin role has read/write permissions by default. If a role has write permissions for a team, a user with this role can create and modify services in the team. The user can't delete a service in the team unless the role has the delete capability for a service.
  5. Click Create.

If you do not see the custom team admin role listed for which you want to assign permissions, make sure the role has been created and inherits from the itoa_team_admin role. If you are logged in using the itoa_admin role, rather than the admin role, also make sure that the itoa_admin role inherits from the custom team admin role and any other custom roles you have created.

Open a team to see the services that belong to it or to review or change team permissions.

Step 4: Create services within each team

After the administrator creates teams, the team admins that are assigned read/write permissions can create services within their teams. When creating a service, a team admin can assign it to any team for which they have read/write permissions. ITSI administrators can also create services in private teams.

Team admins can access all of the KPI base searches, KPI templates, and entities in the Global team when creating services in their private teams. Team admins can also create dependencies on services in the Global team or within the same team. You cannot create service dependencies between services in different private teams. See Overview of creating services in ITSI for more information.

Add existing services to a team

Adding a service to a team breaks service dependencies if the service is dependent on another service that cannot be accessed from the new team. If a service is dependent on another service within the same team and one of the services is moved to another team, that dependency is broken. A service in a private team cannot have a dependency on a service in another private team.

If you're implementing teams in a previously configured environment, you might already have existing services you want to assign to a team.

  1. From the ITSI main menu, click Configuration > Services.
  2. Click the checkboxes next to the services you want to add to a team.
  3. Click click Bulk Action > Edit Team.
  4. Select the team to add the services to.
  5. Click Save.

Move a service to a different team

Moving a service from one team to another team breaks service dependencies if the service is dependent on another service that cannot be accessed from the new team. If a service is dependent on another service within the same team and one of the services is moved to another team, that dependency is broken. A service in a private team cannot have a dependency on a service in another private team.

Prerequisite

You must have write permissions for both teams to move a service from one team to another.

Steps

  1. Click Configuration > Teams.
  2. Select the team containing the service you want to move.
  3. Select the name of the service you want to move.
  4. Go to the Settings tab.
  5. Click the Team dropdown and select the team to move the service to.
  6. Click Save.

To move more than one service at a time, click Configuration > Services and select the checkboxes next to the services you want to move. Click Bulk Actions > Edit Team and select the team to move the services to.

Last modified on 02 October, 2023
PREVIOUS
Overview of teams in ITSI
  NEXT
Overview of maintenance windows in ITSI

This documentation applies to the following versions of Splunk® IT Service Intelligence: 4.11.0, 4.11.1, 4.11.2, 4.11.3, 4.11.4, 4.11.5, 4.11.6, 4.12.0 Cloud only, 4.12.1 Cloud only, 4.12.2 Cloud only, 4.13.0, 4.13.1, 4.13.2, 4.13.3, 4.14.0 Cloud only, 4.14.1 Cloud only, 4.14.2 Cloud only, 4.15.0, 4.15.1, 4.15.2, 4.15.3, 4.16.0 Cloud only, 4.17.0, 4.17.1


Was this documentation topic helpful?


You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters