This worked great! BTW, here's a much easier way of doing it across all accessible search peer instances (e.g. via a central DMC system) via search:
| rest splunk_server=* /services/authentication/providers/services/_reload
Note: It won't return any results, but it will work for those distributed search peers that are accessible.
And way to check if it worked:
| rest splunk_server=* /services/authentication/users
don't look to far, good things are so close 😉
You can use this simple Splunk command to do this:
./splunk _internal call /authentication/providers/services/_reload -auth
Result will look like this:
QUERYING: 'https://127.0.0.1:8089/services/authentication/providers/services/_reload' Your session is invalid. Please login. Splunk username: Password: HTTP Status: 200. Content: <?xml version="1.0" encoding="UTF-8"?> <?xml-stylesheet type="text/xml" href="/static/atom.xsl"?> <feed xmlns="http://www.w3.org/2005/Atom" xmlns:s="http://dev.splunk.com/ns/rest" xmlns:opensearch="http://a9.com/-/spec/opensearch/1.1/"> <title>auth-services</title> <id>https://127.0.0.1:8089/services/authentication/providers/services</id> <updated>2014-04-02T08:39:45+02:00</updated> <generator build="163460" version="5.0.3"/> <author> <name>Splunk</name> </author> <link href="/services/authentication/providers/services/_reload" rel="_reload"/> <opensearch:totalResults>0</opensearch:totalResults> <opensearch:itemsPerPage>30</opensearch:itemsPerPage> <opensearch:startIndex>0</opensearch:startIndex> <s:messages/> </feed>
If you setup an cron job or a script you can fire it when ever you need it/want to.
hope this helps ...
I have issues with authentication configurations. Recently I have updated installed the spunk license from spunk UI and restarted services. After restart, I have lost the Slunk SAML configuration which I have set to Onelogin. Now I am trying reload the authentication method but I am not able to redirect login to Onelogin (SSO). I also tried to rec configure SAML settings with same values and I am getting sAML is already configured.
SAML has already been configured. Cannot add a new SAML configuration.saml
since I found this is a relevant thread on spunk authentication configuration, thought to check with you. Your help is appreciated .
Thanks MuS! This is pretty good. I'm still interested in figuring out what I am doing wrong with my curl command...but your answer looks like it will for me.
hmmm...seems close. not sure what I am doing wrong.
curl -k -u admin:changeme http://localhost:8000/debug/refresh?entity=admin/auth-services
This resource can be found at <a href='http://localhost:8000/en-US/debug/refresh?entity=admin%2Fauth-services'>http://localhost:8000/en-US/debug/refresh?entity=admin%2Fauth-services</a>.
Try this Rest API endpoint
You can use curl or similar tools to launch this.