Deployment Architecture
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

Splunk Search Head Integration with SAML

keishamtcs
Explorer
‎05-28-2020 01:05 PM

Hi All,

I have 4 SH cluster members for which i have to integrate SAML. Our AD team is asking the below information reply URL.

Do i need to give all the 4 url ?
Also do i need to configure the SAML on all 4 SH UI ? please do share your thoughts.

SAML-based Sign-on Attributes Value -

Reply URL (Assertion Consumer Service URL)

https://searchhead1.group.com/saml/acs
https://searchhead2.group.com/saml/acs
https://searchhead3.group.com/saml/acs
https://searchhead4.group.com/saml/acs

Labels (2)
0 Karma
Reply

richgalloway
SplunkTrust
SplunkTrust
‎05-28-2020 01:19 PM

I don't have an answer for the Reply URL, but yes, you need to configure SAML on all SHs. Don't use the UI, however, push an app from your deployer.

---
If this reply helps you, Karma would be appreciated.
0 Karma
Reply

keishamtcs
Explorer
‎05-29-2020 01:10 AM

Thanks..can you please give some pointer on how to use as an app for the SAML config?

0 Karma
Reply

richgalloway
SplunkTrust
SplunkTrust
‎05-29-2020 06:05 AM

Perhaps the easiest way is first to configure SAML on your deployer. Then copy the $SPLUNK_HOME/etc/system/local/authentication.conf file to $SPLUNK_HOME/etc/shcluster/apps/org_SAML_auth/default. Use the splunk apply shcluster-bundle command to send the app to SHC members. After that is done you can turn off SAML on the deployer, if you wish.

---
If this reply helps you, Karma would be appreciated.
0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

[Puzzles] Solve, Learn, Repeat: Character substitutions with Regular Expressions

This challenge was first posted on Slack #puzzles channelFor BORE at .conf23, we had a puzzle question which ...

Splunk Community Badges!

  Hey everyone! Ready to earn some serious bragging rights in the community? Along with our existing badges ...

[Puzzles] Solve, Learn, Repeat: Matching cron expressions

This puzzle (first published here) is based on matching timestamps to cron expressions.All the timestamps ...