Secure access for Splunk knowledge objects
As you use , you create a variety of knowledge objects such as event types, tags, lookups, field extractions, workflow actions, and saved searches. Splunk Web lets you restrict and expand access to knowledge objects within your implementation. You can use it to:
- Make an object available to users of all apps.
- Make an object available to users of a particular app.
- Restrict object access by user role.
- Disable or delete objects.
- Allow users to share or delete objects they do not own.
Find existing users and roles
Protecting PII and PHI data with role-based field filtering
This documentation applies to the following versions of Splunk Cloud Platform™: 8.1.2103, 8.2.2105, 8.2.2106, 8.2.2109, 8.2.2107, 8.2.2111, 8.2.2112, 8.2.2201 (latest FedRAMP release), 8.2.2202, 8.2.2203, 9.0.2205, 9.0.2208