Topics

| pdf version

How Splunk Works

Getting Started

Data Inputs

Data Distribution

Indexing

Timestamps

Fields

Hosts

Source Types

Event Types

Search

Distributed Search

Security

Data Management

Deployment Server

Performance Tuning

Configuration Files

Applications

Reference

Troubleshooting


Toolbox

Splunk > The IT Search Company

  • Search and navigate IT data from applications, servers and network devices in real-time.
  • Download Splunk

Localized Splunk documentation

Looking for Splunk documentation in other languages?

Documentation | Discussion | View source | History

Add more users

This documentation does not apply to the most recent version of Splunk.

This documentation applies to the following versions of Splunk: 3.2 , 3.2.1 , 3.2.2 , 3.2.3 , 3.2.4 , 3.2.5 , 3.2.6

Add more users

There are three default user roles and three different authentication methods to choose from when you set up Splunk with an Enterprise license. Users authenticate with Splunk's built-in system (described below), LDAP or scripted authentication (for third-party auth systems). Either method works with Splunk's roles system.


You must be logged in as a Splunk administrator to add or edit user accounts. The default Admin account password is changeme.


Note: Splunk with a Free license does not contain access control features.


Lost admin password

If you lose the password to your admin account, contact Splunk Support for assistance.


Splunk local users

A Splunk Admin can create new users either via Splunk Web or Splunk's CLI. Users can be mapped to Splunk's default roles or any custom roles via authorize.conf


via Splunk Web

  • To manage users accounts, click the Admin link in the upper right-hand corner:

Image:30_admin1_addusers-adminbutton.jpg


  • Then, click the Users tab:

Image:30_admin1_addusers-users.jpg


  • To add a new user, click the New User button.
  • To edit existing accounts, click the Edit link under the Action heading.
  • Enter the new or changed information and then click Save.

via Splunk CLI

From the CLI, use the following commands to add, edit, remove or list users. 


add user username [-parameter value] ...
edit user username [-parameter value]  ...
remove user username [-parameter value]  ...
list user username [-parameter value]  ...

Required (Default) Parameter:


username -- the name of the Splunk user account to manage.

full-name -- real name of user in quotes, for example "Nikola Tesla" - required when adding a new user.

Optional Parameters:


full-name -- real name of user in quotes, for example "Nikola Tesla"

password -- the password to set for the account

role -- either user, power or admin



Example

This example assumes you have set a Splunk environment variable. If you have not, you must navigate to $SPLUNK_HOME/bin and run the ./splunk command. 


# splunk edit user newbie -password f8h2.$R -auth admin:d3cidr

This example authenticates as user "admin" to change the password for user "newbie."


Note: You must be logged in as an Admin to make any changes regarding users. Login either via the splunk login command, or use -auth, as exemplified above.

Retrieved from "http://www.splunk.com/base/Documentation/3.2/Admin/AddMoreUsers"
Revision: 207 | Contact | Privacy Policy | Terms of Use | Community content licensed under Creative Commons

Copyright © 2005-2009 Splunk Inc. All rights reserved.