[In Splunk Documentation such as "Securing Splunk Enterprise" the following is stated:][1]
Note: User-based search filters are optional and not recommended. A better approach is to assign search filters to roles and then assign users to the appropriate roles.
[1]: http://docs.splunk.com/Documentation/Splunk/6.5.0/Security/UsethegetSearchFilterfunction
Could supporting ideas be stated in the documentation be given?
↧