Hi Kids,

So we have added in flexible roles into the preview release. Well, what does that mean.
We will now allow folks to create their own roles. The previous ones of Admin, Power
and User will be included as defaults.

There is currently no GUI available for editing roles but you can directly edit the
config file $SPLUNK_HOME/etc/bundles/default/authorize.conf.

To add in these roles we did an audit of our system and broke down various actions
into capabilities. These capabilities can be grouped together to create any role.
Please bear with us here, this is just a first cut and we may not have chopped up
things in a way that makes sense to you. This is the beauty of preview, you got a suggestion
about capabilities you’d like to see added or removed then comment or mail us.
The more feedback we get at this stage the faster this feature will improve.

A role in the splunk system contains the following things.
1. A list of capabilities that role can perform.
2. A list of roles that are contained within this role ( their capabilities will be imported into our role)
3. A list of search filters that should be applied when searching as this role.

Hey Kids,

How are things? so I’ve made some progress in my attempt to code myself out of a job. Just checked the scripted auth into the preview branch which should be released in a few days. It’s very basic right now with more improvements to come. At the moment userLogin, getUserType and getUserInfo are the only methods you need to fill in.

I’ve written up a sample that interfaces with PAM on the linux, using /etc/passwd to get user lists. Mac users skip the pamauth.c compile you don’t need this app and pam don’t like macs ( can’t say I blame pam on that score)

First off a pamauth.c program to compile that will talk to pam for ya. Donated by Phillppe Troin, thank you fif. Feel free to take and edit for your own purposes, but you must send fif a chocolate chip cookie if you found it useful.

File pamauth.c is attach due to severe lameness on part of wordpress, insisting on screwing with the #include’s

pamauth.c

Compile that puppy like so
gcc -Wall -Wextra -o pamauth pamauth.c -lpam

You may need to create an entry for pam
edit /etc/pam.d/pamauth and put this line in
auth sufficient pam_unix.so

Just fresh from the splunk poker game. Good fun, made a whopping $10. Jef looked like
he was on the verge or paying for his kids education. Maverick even threatened to sing,
good times.

So Erik did a pretty good job of describing the environment here at splunk.
The people here are great and lots of fun, there are some great problems
just begging to be solved, we need more monkeys on them typewriters

Poker games, golf, visits to the jackson arms, beer pong, foosball
(Raffy really needs a challenge )

Don’t worry about that collage bit http://en.wikipedia.org/wiki/Collage

Erik insists everyone draw a picture of themselves in crayon, but really
who doesn’t ask for that in a serious interview these days.

In the coming weeks I’m going to be working on a way to allow people to
plug in their own auth systems. We’ve had requests running the gamut from
the normal stuff like PAM, RADIUS etc to carrier pidgeon and bob’s trusty
auth system. The most common thread of all these is that they are all scriptable.
You folks know your own auth systems. We’ll throw this in the unstable
release/dev branch that we’ll be launching and hopefully get some feed back
from you folks to fine tune it before we put it into stable.