Assign the avl_admin role
Assign the avl_admin role to your admin users.
Last updated
Was this helpful?
Assign the avl_admin role to your admin users.
Last updated
Was this helpful?
Use Splunk Web to assign the avl_admin role to app administrators. See in the Securing Splunk Enterprise manual for instructions.
The following roles are available on the Anvilogic App for Splunk. See to see a summary of the privileges provided by each role.
avl_admin
avl_senior_developer
avl_developer
avl_senior_triage
avl_triage
avl_readonly
You can customize the avl_senior_developer, avl_developer, avl_senior_triage, and avl_triage roles. The avl_admin and avl_readonly roles can't be modified.
For example, perform the following tasks to customize the capabilities allowed or restricted by the AVL Senior Developer role:
In the Anvilogic App for Splunk, select Settings > App Configuration.
Click User Settings to expand the section.
Click Customize AVL Senior Developer Role to expand the section for that role.
Deselect any capabilities you want to remove for this role, or select a capability to add it to the role.
Click Save.
The following table lists the roles in the Anvilogic App for Splunk and the privileges granted by each role. You can customize the privileges enabled for each role as desired.
Allowlist privileges
✓
✓
✓
✓
✓
✓
✓
✓
✓
✓
✓
avl_add_al_global_entry
✓
✓
✓
avl_remove_al_global_entry
✓
✓
✓
avl_modify_al_global_entry
✓
✓
✓
avl_manage_rule_al
✓
✓
✓
avl_manage_global_al
✓
✓
✓
Triage privileges
avl_change_first_alert_status
✓
avl_change_all_alert_status
✓
✓
✓
avl_change_alert_status_to_new
✓
✓
✓
avl_bulk_alert_status
✓
✓
✓
avl_add_observation
✓
✓
✓
✓
avl_remove_observation
✓
✓
✓
avl_rate_rule
✓
✓
✓
✓
avl_add_rule_feedback
✓
✓
✓
✓
avl_create_case
✓
✓
✓
✓
avl_suppress_alert
✓
✓
✓
✓
avl_suppress_global_alert
✓
✓
✓
✓
Content deployment privileges
avl_deploy_content
✓
avl_write_hec
✓
✓
✓
avl_post_rest_platform
✓
✓
avl_post_rest
✓
✓
✓
avl_get_rest
✓
✓
✓
✓
avl_rest_config_access_get
✓
✓
✓
✓
avl_rest_config_access_post