Are high-risk operations like token deletion protected?

The skill documentation explicitly flags high-risk operations such as deleting tokens or modifying ACLs, as these can impact dependent integrations or access levels.

Can I create and revoke JWT tokens with this skill?

Yes, the skill includes dedicated scripts to create new JWT tokens and revoke existing ones through the Splunk authorization API.

How do I check if a user has access to a specific saved search?

You can use the 'check-permission' or 'get-acl' commands to verify the access control lists and sharing settings for any knowledge object.

Does this skill help with Splunk role audits?

Yes, it provides tools to list roles, list users, and fetch specific capabilities for any given user account to ensure proper RBAC implementation.

Splunk Security & RBAC Management

Name: Splunk Security & RBAC Management
Author: grandcamel

bygrandcamel

0•

Security & Testing

Automates Splunk security operations including JWT token management, role-based access control verification, and ACL configuration.

This skill provides a production-ready framework for managing Splunk security directly through Claude Code. It enables users to programmatically handle authentication tokens, audit user capabilities, and verify permissions across knowledge objects using the Splunk REST API. Whether you need to rotate security credentials, investigate access issues, or manage complex Access Control Lists (ACLs) for saved searches and lookups, this skill streamlines administrative workflows while ensuring secure and compliant environment management.

Key Features

01Detailed user capability and role auditing

02Real-time permission checking for specific resources

03JWT token lifecycle management including creation and revocation

040 GitHub stars

05Granular ACL verification for Splunk knowledge objects

06Direct integration with Splunk authorization REST endpoints

Use Cases

01Managing sharing permissions for saved searches and lookup tables across teams

02Troubleshooting 'Access Denied' errors by auditing user capabilities and object ACLs

03Automating the rotation of service account JWT tokens for CI/CD pipelines

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add grandcamel/splunk-assistant-skills splunk-security

For use in Claude.ai and ChatGPT

Download Skill