Manage roles in the New Search and Dashboards Experience
On the Splunk platform, as an administrator, you can assign roles to users using groups. Groups and roles determine the level of access that those users have to the platform and the tasks that they can perform on the platform. Splunk Cloud Platform comes with a set of default groups and roles, and you can also create your own custom groups and roles that you can tailor to the needs of your organization.
Roles can contain one or more capabilities that provide access to specific parts of the Splunk platform. A user that holds a role receives all of the capabilities that come with the role. Additionally, roles can inherit capabilities from other roles.
You can use groups and roles for the following security-related tasks:
- To restrict the scope of searches.
- To inherit capabilities and available indexes from other roles.
- To specify user capabilities.
- To set the default index or indexes that a user is to search when they do not specify an index in their search command.
- To specify which indexes that a user can search.
In the New Search and Dashboards Experience, you create a role in a different way than you do on Splunk Cloud Platform. When you visit the Roles page in Splunk Cloud Platform, a link appears to manage groups and roles in the new experience.
For more information about capabilities in user roles, see About defining roles with capabilities and List of capabilities.
Manage roles in the New Search and Dashboards Experience (Preview)
- Log into the Splunk Cloud Platform instance as a user with rights to manage roles..
- From the system bar, select Settings > Roles. The "Roles" page loads.
- Select Manage the New Splunk Cloud Platform Experience (Preview) Groups and Roles
- See Manage groups and roles in the Splunk Cloud Console manual for continued instructions on the procedure.
Create and manage roles with Splunk Web | Find existing users and roles |
This documentation applies to the following versions of Splunk Cloud Platform™: 9.0.2208, 9.0.2209, 9.0.2303, 9.0.2305, 9.1.2308, 9.1.2312, 9.2.2403, 9.2.2406 (latest FedRAMP release)
Feedback submitted, thanks!