We have multiple department and its data indexed into splunk indexer, how can we define roles / permission to access their specific department content / search / indexes / sourcetype. if a user "A", belong to department "D1" and "D2", User "A" should have only permission to their SourceType / content / search / dashboard belongs "D1" and "D2".
Can you please suggest the optimized solution for this in splunk user management?.
