KV store collection permissions in ITSI
The table shows default permissions to KV store collections for IT Service Intelligence (ITSI) roles. By default, only itoa_admin has read/write/delete access to all ITSI KV store collections. SA-ITOA includes default entries in metadata/default.meta
that determine access to KV store collections for ITSI roles.
Collection name | itoa_admin | itoa_team_admin | itoa_analyst | itoa_user |
---|---|---|---|---|
itsi_backfill | read/write/delete | read/write/delete | read | read |
itsi_backup_restore_queue | read/write/delete | read | - | - |
itsi_base_service_template | read/write/delete | read | read | read |
itsi_content_pack_status | read/write/delete | read/write/delete | - | - |
itsi_correlation_search | read/write/delete | read/write/delete | read | read |
itsi_entity_dashboard_drilldown | read/write/delete | read/write/delete | read | read |
itsi_entity_data_drilldown | read/write/delete | read/write/delete | read | read |
itsi_entity_type | read/write/delete | read/write/delete | read | read |
itsi_entity_filter_rules | read/write/delete | read/write/delete | read | read |
itsi_entity_relationships | read/write/delete | read/write/delete | read | read |
itsi_entity_relationship_rules | read/write/delete | read/write/delete | read | read |
itsi_event_management | read/write/delete | read/write/delete | read/write/delete | read/write/delete |
itsi_import_objects_cache | read/write/delete | read/write/delete | read | read |
itsi_import_objects_cache_lookup | read/write/delete | read/write/delete | read | read |
itsi_migration | read/write/delete | read/write/delete | read | read |
itsi_notable_event_aggregation_policy | read/write/delete | read/write/delete | read | - |
itsi_notable_event_email_template | read/write/delete | read/write/delete | read/write/delete | - |
itsi_notable_event_ref_url | read/write/delete | read/write/delete | read/write/delete | read/write/delete |
itsi_notable_event_tag | read/write/delete | read/write/delete | read/write/delete | read/write/delete |
itsi_notable_event_ticketing | read/write/delete | read/write/delete | read/write/delete | read/write/delete |
itsi_notable_group_user | read/write/delete | read/write/delete | read/write/delete | read/write/delete |
itsi_notable_group_system | read/write/delete | read | read | read |
itsi_pages | read/write/delete | read/write/delete | read/write/delete | read/write/delete |
itsi_refresh_queue | read/write/delete | read/write/delete | read | read |
itsi_services | read/write/delete | read/write/delete | read | read |
itsi_service_analyzer | read/write/delete | read/write/delete | read/write/delete | read/write/delete |
itsi_team | read/write/delete | read | read | read |
itsi_temp_batch_claimed_action_queue | read/write/delete | read/write/delete | read | read |
itsi_temporary_storage | read/write/delete | read/write/delete | read | read |
itsi_user_realnames | read/write/delete | read/write/delete | read | read |
maintenance_calendar | read/write/delete | read/write/delete | read | read |
operative_maintenance_log | read/write/delete | read/write/delete | read | read |
itsi_event_management_exports | read/write/delete | read/write/delete | read/write/delete | - |
ITSI capabilities reference | Grant and revoke user permissions in ITSI |
This documentation applies to the following versions of Splunk® IT Service Intelligence: 4.19.0, 4.19.1
Feedback submitted, thanks!