Deployment Architecture

Splunk Auth questions

d_lim
Path Finder

Hi, we are using splunk 8.0.6 with LDAP authentication in a SHC, and with a few local splunk users.

We would be adding MFA (RSA) soon. My question is, how will the local users be tied to the RSA MFA, and will it be possible to only exclude local splunk users from MFA?

Does RSA support SAML authentication, should I change from using LDAP to SAML if it does, and ultimately my intention is to exclude local users from the MFA using the logontype=splunk in url.

Labels (3)
0 Karma
Get Updates on the Splunk Community!

.conf24 | Day 0

Hello Splunk Community! My name is Chris, and I'm based in Canberra, Australia's capital, and I travelled for ...

Enhance Security Visibility with Splunk Enterprise Security 7.1 through Threat ...

(view in My Videos)Struggling with alert fatigue, lack of context, and prioritization around security ...

Troubleshooting the OpenTelemetry Collector

  In this tech talk, you’ll learn how to troubleshoot the OpenTelemetry collector - from checking the ...