Download page Configure Splunk Cloud Service Account User.
Configure Splunk Cloud Service Account User
For log observer connect for Cisco AppDynamics, you must configure a Splunk Cloud Service account user. This service account user must have access to the indexes in Splunk Cloud Platform, where tiers may be sending logs.
To configure the Splunk Cloud Service account user, you must be assigned to the Splunk admin role.
Setup Service Account User in Splunk Cloud Platform
Configure a role and a user in Splunk Cloud Platform as follows. You can create a new role and user or use an existing role and a user.
Create or Select a Role
Go toSettings > Roles.
Create or select the role you want for the Splunk AppDynamics service account.
To create a new role, click New Role.
To select an existing role, click Edit > Edit next to the role you want to use.
On theCapabilitiestab, ensure thatedit_tokens_ownandsearchare selected.
Ensure thatindexes_list_allis not selected.
On theIndexestab in theIncludedcolumn, deselect*(All internal indexes)and select the indexes where AppDynamics application logs are stored.
On theResourcestab:
For Role search job limit, enter 0 for both the Standard search limit and Real-time search limit.
For User search job limit, enter 0 for both the Standard search limit and Real-time search limit.
For Role search time window limit, select Custom time for the "maximum time window for searches for this role" and enter 2592000 (2592000 seconds equates to 30 days).
For Role search time window limit, select Custom time for the "earliest searchable event time for this role" and enter 7776000 (7776000 seconds equates to 90 days).
Click Save if you are configuring an existing user or Create for a new user.
Assign the Role to a New or Existing User
In Splunk Cloud Platform, go toSettings > Users.
Create the user for the AppDynamics service account by clicking New User or Edit > Edit next to the existing user for whom you want to have the new role.
