List All Splunk Users & Associated Roles

The following Splunk query will show a table of all users and their roles:

| rest /services/authentication/users | stats values(roles) as Roles by user

1	\| rest /services/authentication/users \| stats values(roles) as Roles by user

Share This:

Tagged: _audit _internal admin REST splunk on splunk

Leave A Comment? Click here to cancel reply.

Newest | Active

ashutosh

active 1 hour, 45 minutes ago
reverse

active 6 hours, 18 minutes ago
mjeffery

active 22 hours, 49 minutes ago
SplunkNinja

active 1 day, 2 hours ago
thall

active 1 day, 10 hours ago