Secure access for Splunk knowledge objects
As you use , you create a variety of knowledge objects such as event types, tags, lookups, field extractions, workflow actions, and saved searches. Splunk Web lets you restrict and expand access to knowledge objects within your implementation. You can use it to:
- Make an object available to users of all apps.
- Make an object available to users of a particular app.
- Restrict object access by user role.
- Disable or delete objects.
- Allow users to share or delete objects they do not own.
For more information about securing your knowledge objects, see Manage knowledge object permissions and Disable or delete knowledge objects in the Knowledge Manager Manual.
Find existing users and roles | Protecting PII and PHI data with role-based field filtering |
This documentation applies to the following versions of Splunk Cloud Platform™: 8.2.2112, 8.2.2201, 8.2.2202, 8.2.2203, 9.0.2205, 9.0.2208, 9.0.2209, 9.0.2303, 9.0.2305, 9.1.2308, 9.1.2312, 9.2.2403, 9.2.2406 (latest FedRAMP release)
Feedback submitted, thanks!