Splunk Enterprise

Auto Inactivity lockout when using SAML

ar2508
Observer

Hi,

We've setup our Splunk instances to use SAML for signon, but are having difficulty setting a time an automatic inactivity logout.

I've configured it to be 5m in both web.conf and server.conf but still don't get an automatic logout.

It does seem to logout automatically every 24hours (not consistently), but when this happens Splunk redirects to the IDP which then redirects back to Splunk with a new SAML token. This happens without the IDP even asking for login details from the user.

 

Any help would be appreciated 

0 Karma
Get Updates on the Splunk Community!

Dashboards: Hiding charts while search is being executed and other uses for tokens

There are a couple of features of SimpleXML / Classic dashboards that can be used to enhance the user ...

Splunk Observability Cloud's AI Assistant in Action Series: Explaining Metrics and ...

This is the fourth post in the Splunk Observability Cloud’s AI Assistant in Action series that digs into how ...

Brains, Bytes, and Boston: Learn from the Best at .conf25

When you think of Boston, you might picture colonial charm, world-class universities, or even the crack of a ...