Security

db_connect v3 cannot delete inputs when using SAML

duneclarke2
Explorer

WARN UserManagerPro - AQR not supported and user=username@domain.com information not found in cache or 404 User not found

C:\Program Files\Splunk\etc\apps\splunk_app_db_connect\metadata\local.meta
 
When trying to delete inputs created in dbconnect, splunk was not able to authenticate the user via our IDP. To workaround this, edit local.meta, find the input to be deleted and change the owner =  username@domain.com  to owner = nobody. 
 
Restart the splunkd service. 

 

 

 

Labels (1)
Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...