Splunk® IT Service Intelligence

Install and Upgrade Splunk IT Service Intelligence

Download manual as PDF

Download topic as PDF

Restrict access to objects in ITSI

You can set read/write permissions for the following types of ITSI objects:

  • Service analyzers
  • Glass tables
  • Deep dives
  • Episode reviews
  • Correlation searches
  • Multi-KPI alerts
  • Notable event aggregation policies

These permissions determine which user roles have read/write permissions to specific objects that have been created, such as a shared service analyzer view, a shared glass table, or a correlation search.

These permissions apply to shared objects. A user can create a private object that only they have access to. To set permissions to a private service analyzer, glass table, or deep dive, clone and save the object with Shared in App permissions. The other object types, including episode reviews, correlation searches, multi-KPI alerts, and notable event aggregation policies, are shared by default.

Prerequisites

    • You must have the configure_perms capability to set permissions for ITSI roles. The itoa_admin and itoa_team_admin roles have this capability by default.
    • Before you can set permissions to ITSI objects for a role, the role must have the proper capabilities assigned. For more information, see the ITSI capabilities reference in this manual.

Steps

  1. On the lister page for the object type, such as service analyzer, glass table, deep dive, episode review, correlation search, or notable event aggregation policy, click Edit under the Actions column for the object and then select Edit Permissions.
  2. Assign read/write permissions to ITSI roles for the object.
  3. Click Save.
PREVIOUS
KV store collection permissions in ITSI
  NEXT
Overview of teams in ITSI

This documentation applies to the following versions of Splunk® IT Service Intelligence: 4.2.0, 4.2.1, 4.2.2, 4.2.3, 4.3.0, 4.3.1, 4.4.0, 4.4.1


Was this documentation topic helpful?

Enter your email address, and someone from the documentation team will respond to you:

Please provide your comments here. Ask a question or make a suggestion.

You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters